2 ################################################################################
5 # Description: Password updater for Mother of All Passwords
6 # Author: Andrew DeFaria (defaria@cup.hp.com)
8 # Modified: With the advent of PWPlus we had to change the algorithm here.
9 # It was decided that since PWPlus disallowed the use of the -f
10 # (and -F) options to /bin/passwd (/usr/bin/passwd) - it silently
11 # ignores them! - that we would have this script change the
12 # regular /etc/passwd file, grab the new encrypted passwd string
13 # from /etc/passwd then update the appropriate file.
14 # Andrew DeFaria <defaria@cup.hp.com> Tue Jul 21 23:22:59 PDT 1998
16 # (c) Copyright 2001, Andrew@DeFaria.com, all rights reserved
18 ################################################################################
19 print -u2 "This script has been disabled pending the NIS implementation."
20 print -u2 "Questions? See CLL Support."
24 local_passwd=/etc/passwd.loc
29 if [ -d /net/bismol/app/admin ]; then
30 admin_root=/net/bismol/app/admin
31 elif [ -d /net/hpclbis/app/admin ]; then
32 admin_root=/net/hpclbis/app/admin
33 elif [ -d /nfs/bismol/app/admin ]; then
34 admin_root=/nfs/bismol/app/admin
35 elif [ -d /nfs/hpclbis/app/admin ]; then
36 admin_root=/nfs/hpclbis/app/admin
37 elif [ -d /nfs/hpclbis/root/app/admin ]; then
38 admin_root=/nfs/hpclbis/root/app/admin
40 print -u2 "$me: Error: Unable to ascertain admin_root!"
44 master_passwd=$admin_root/lib/master_passwd
45 master_passwd_over_nfs=$admin_root/lib/master_pas.old
50 print "$(basename $0): <username>..."
54 function cancel_checkout {
55 print "$me: Info: Canceling checkout"
57 # Unlock $master_passwd
58 rcs -q -u $master_passwd
60 # Remove write permissions
61 chmod -w $master_passwd
67 function check_out_master_passwd {
69 co -q -l $master_passwd
72 print -u2 "$me: Error: Unable to checkout $master_passwd! Aborting change..."
75 trap cancel_checkout INT ERR
77 } # check_out_master_passwd
79 function check_in_master_passwd {
80 # Check in new master password file
81 ci -u -q -m"Changed $username's password" $master_passwd
84 print -u2 "$me: Error: Unable to check in new master password file!"
89 # Remove master.pas.old if it exists. When using RCS over NFS it creates
90 # this file for some reason. If the ci was successful then this file is
92 rm -f $master_passwd_over_nfs
93 } # check_in_master_passwd
95 function replace_passwd_line {
98 new_passwd=$(grep "^$username:" $passwd 2> /dev/null | head -1 | cut -f2 -d:)
99 new_passwd_file=/tmp/passwd.$$
101 sed -e "s}^$username:$old_passwd}$username:$new_passwd}" $passwd_file > $new_passwd_file
102 cp $new_passwd_file $passwd_file
103 } # replace_passwd_line
105 function update_passwd_file {
109 if [ "$passwd_type" = "MoA" ]; then
110 check_out_master_passwd
111 replace_passwd_line $username $passwd_file
112 check_in_master_passwd
114 replace_passwd_line $username $passwd_file
116 } # update_passwd_file
118 function change_password {
121 # Check if we are changing the master password file or the local password
123 passwd_type=$(grep "^$username:" $passwd 2> /dev/null | head -1 | cut -f5 -d: | cut -f2 -d"_" )
125 if [ "$passwd_type" = "MoA" ]; then
126 print "$me: Info: Changing $username's master password entry"
127 passwd_file=$master_passwd
128 elif [ "$passwd_type" = "LcL" ]; then
129 if [ $(id -u) -ne 0 ]; then
130 print -u2 "Sorry but you must be root to change the local password file"
133 print "$me: Info: Changing $username's local password entry"
134 passwd_file=$local_passwd
136 print -u2 "$me: Error: $username is neither the master password file nor the local password file!"
140 # First save the user's old passwd
141 old_passwd=$(grep "^$username:" $passwd_file 2> /dev/null | head -1 | cut -f2 -d:)
146 if [ $? -eq 0 ]; then
147 if [ "$passwd_type" = "MoA" ]; then
148 print "$me: Info: Now updating your entry in the master password file"
150 print "$me: Info: Now updating your entry in the local password file"
152 update_passwd_file $username $passwd_file
153 if [ "$passwd_type" = "MoA" ]; then
154 print "$me: Info: $username's master password entry updated on this system."
156 print "$me: Info: $username's local password entry updated on this system."
158 print "$me: Info: This change will propgate to the other systems tonight."
159 print "$me: Info: To force an update on another system use /app/admin/bin/mkpass -f."
166 OS=`uname -r | cut -c 3-4`
168 if [ $OS = "09" ]; then
169 syspasswd=/bin/passwd
171 syspasswd=/usr/bin/passwd
174 if [ ! -r /opt/pwplus/lib/libpwplus.a ]; then
175 print -u2 "$me: Warning: PWplus is not installed on this system!"
176 print -u2 "Changing your password on this system may result in an insecure"
177 print -u2 "password. You should use another system with PWplus installed"
178 print -u2 "properly to change your password."
180 print -u2 "Do you still wish to proceed changing your password on this"
181 print -u2 "machine (y/N)? \c"
195 change_password $LOGNAME
197 for password in $*; do