/usr/sbin/drbl-client-root-passwd is in drbl 2.8.25-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 | #!/bin/bash
# Written by Steven Shiau <steven@nchc.org.tw> for using in DRBL
# License: GPL
# These *.so were found by using strace in create_chpasswd_env function in drbl-functions
# /lib/security/*
# /usr/lib/libcrack.so.2 -> passwd: Module is unknown
# /usr/lib/cracklib_dict.*
# /lib/libnss_files.so.2 is necessary for uid, gid -> username, group.
# /lib/libnsl.so.1 -> without this, will cause this error:
# passwd: Authentication token manipulation error
# /lib*/libcrypt*.so* -> without this, will cause this error:
# pam_chauthtok: Module is unknown
# TODO:
# DRBL client should only have
# dev etc root var
# so have to rm "bin lib usr"
# Load DRBL setting and functions
DRBL_SCRIPT_PATH="${DRBL_SCRIPT_PATH:-/usr/share/drbl}"
. $DRBL_SCRIPT_PATH/sbin/drbl-conf-functions
#
usage() {
echo "Usage:"
echo "To set the root's password for clients:"
echo "`basename $0` [OPTION]"
echo " Options:"
echo " --stdin PASSWORD set the root's password for clients as PASSWORD"
echo " -h, --host IP_ADDRESS: set only for the host with IP_ADDRESS instead of all DRBL clients"
echo " -g, --no-gen-ssi Do NOT generate DRBL SSI template tarball."
echo " -v, --verbose prints out verbose information"
echo "If option is not given, the interactive mode will be used."
}
#
check_if_root
# main
unalias ls 2>/dev/null
# Parse command-line options
while [ $# -gt 0 ]; do
case "$1" in
--stdin)
shift;
if [ -z "$(echo $1 |grep ^-.)" ]; then
# skip the -xx option, in case
client_root_password="$1"
fi
shift ;;
-h|--host)
shift; specified_host="$1"
shift
;;
-g|--no-gen-ssi)
gen_ssi="no"
shift;;
-v|--verbose)
shift; VERBOSE="on"
;;
-*) echo "${0}: ${1}: invalid option" >&2
usage >& 2
exit 2 ;;
*) break ;;
esac
done
if [ -z "$client_root_password" ]; then
# interactive
echo "New password: (It will not be echoed in the screen)"
read -s pass1
echo "Retype new password: (It will not be echoed in the screen)"
read -s pass2
while [ "$pass1" != "$pass2" ]; do
echo "Sorry, passwords do not match"
echo "New password: (It will not be echoed in the screen)"
read -s pass1
echo "Retype new password: (It will not be echoed in the screen)"
read -s pass2
done
#
[ -z "$pass1" ] && echo "Password can NOT be empty!!! Program terminated" && exit 1
# set the matched password
new_passwd="$pass1"
else
new_passwd="$client_root_password"
fi
#
if [ -n "$specified_host" ]; then
[ ! -d "$drblroot/$specified_host" ] && echo "Can NOT find DRBL client $specified_host (i.e. no $drblroot/$specified_host)! Program terminated!" && exit 1
[ -n "$verbose" ] && echo "specified_host: $specified_host"
fi
# set the host to be processed
# host_list is the IP address of client, like 192.168.1.1...
host_list=""
if [ -n "$specified_host" ]; then
# set the host path
host_list=$drblroot/$specified_host
else
# withoud specified_host, it must be all clients, append each one to $host_list
for ihost in $drblroot/*; do
[ -d "$ihost" ] && host_list="$host_list $ihost"
done
fi
#
for ihost in $host_list; do
echo -n "Change the root's password for DRBL client `basename $ihost`..."
create_chpasswd_env $ihost
cat <<-PWD_END > $ihost/pwd_tmp.sh
# echo "root:$new_passwd" | /usr/bin/strace /usr/sbin/chpasswd
echo "root:$new_passwd" | /usr/sbin/chpasswd
PWD_END
chmod u+x $ihost/pwd_tmp.sh
# For SuSE, it seems /dev/urandom is necessary.
[ ! -e $ihost/dev/urandom ] && cp -a /dev/urandom $ihost/dev/
chroot $ihost/ /pwd_tmp.sh
[ -f $ihost/pwd_tmp.sh ] && rm -f $ihost/pwd_tmp.sh
#clean_chpasswd_env $ihost
echo "done!"
done
#
if [ "$gen_ssi" != "no" ]; then
echo "-------------------------------------------------------"
echo "Since some config files are modified in template client, creating template tarball for DRBL SSI..."
drbl-gen-ssi-files
fi
|