File Manager

X7ROOT File Manager

Current Path: /usr/libexec/webmin/passwd

📁 ..
📄 CHANGELOG(648 B)
📄 acl_security.pl(2.37 KB)
📄 change-passwd.pl(1.44 KB)
📄 change_passwd.cgi(1.6 KB)
📄 config(39 B)
📄 config-openmamba-linux(57 B)
📄 config.info(229 B)
📄 config.info.af(256 B)
📄 config.info.ar(371 B)
📄 config.info.ca(285 B)
📄 config.info.cs(288 B)
📄 config.info.de(271 B)
📄 config.info.el(456 B)
📄 config.info.es(307 B)
📄 config.info.fa(433 B)
📄 config.info.fi(261 B)
📄 config.info.fr(312 B)
📄 config.info.hr(0 B)
📄 config.info.hu(310 B)
📄 config.info.it(250 B)
📄 config.info.ja(307 B)
📄 config.info.ko(239 B)
📄 config.info.ms(259 B)
📄 config.info.nl(264 B)
📄 config.info.no(241 B)
📄 config.info.pl(231 B)
📄 config.info.ru(498 B)
📄 config.info.tr(299 B)
📄 config.info.uk(482 B)
📄 config.info.zh_TW(175 B)
📄 defaultacl(71 B)
📄 edit_passwd.cgi(1.8 KB)
📁 images
📄 index.cgi(2.74 KB)
📁 lang
📄 log_parser.pl(423 B)
📄 module.info(218 B)
📄 module.info.af(26 B)
📄 module.info.af.auto(85 B)
📄 module.info.ar(130 B)
📄 module.info.ar.auto(19 B)
📄 module.info.be(0 B)
📄 module.info.be.auto(148 B)
📄 module.info.bg(0 B)
📄 module.info.bg.auto(164 B)
📄 module.info.ca(97 B)
📄 module.info.ca.auto(15 B)
📄 module.info.cs(21 B)
📄 module.info.cs.auto(78 B)
📄 module.info.da(0 B)
📄 module.info.da.auto(104 B)
📄 module.info.de(96 B)
📄 module.info.de.auto(15 B)
📄 module.info.el(0 B)
📄 module.info.el.auto(197 B)
📄 module.info.es(31 B)
📄 module.info.es.auto(86 B)
📄 module.info.eu(0 B)
📄 module.info.eu.auto(105 B)
📄 module.info.fa(0 B)
📄 module.info.fa.auto(157 B)
📄 module.info.fi(26 B)
📄 module.info.fi.auto(87 B)
📄 module.info.fr(32 B)
📄 module.info.fr.auto(95 B)
📄 module.info.he(0 B)
📄 module.info.he.auto(117 B)
📄 module.info.hr(0 B)
📄 module.info.hr.auto(104 B)
📄 module.info.hu(32 B)
📄 module.info.hu.auto(92 B)
📄 module.info.it(24 B)
📄 module.info.it.auto(79 B)
📄 module.info.ja(33 B)
📄 module.info.ja.auto(115 B)
📄 module.info.ko(22 B)
📄 module.info.ko.auto(105 B)
📄 module.info.lt(0 B)
📄 module.info.lt.auto(112 B)
📄 module.info.lv(0 B)
📄 module.info.lv.auto(96 B)
📄 module.info.ms(88 B)
📄 module.info.ms.auto(15 B)
📄 module.info.mt(0 B)
📄 module.info.mt.auto(105 B)
📄 module.info.nl(30 B)
📄 module.info.nl.auto(84 B)
📄 module.info.no(31 B)
📄 module.info.no.auto(75 B)
📄 module.info.pl(22 B)
📄 module.info.pl.auto(76 B)
📄 module.info.pt(0 B)
📄 module.info.pt.auto(98 B)
📄 module.info.pt_BR(25 B)
📄 module.info.pt_BR.auto(81 B)
📄 module.info.ro(0 B)
📄 module.info.ro.auto(103 B)
📄 module.info.ru(21 B)
📄 module.info.ru.auto(114 B)
📄 module.info.sk(20 B)
📄 module.info.sk.auto(84 B)
📄 module.info.sl(0 B)
📄 module.info.sl.auto(105 B)
📄 module.info.sv(0 B)
📄 module.info.sv.auto(106 B)
📄 module.info.th(0 B)
📄 module.info.th.auto(190 B)
📄 module.info.tr(31 B)
📄 module.info.tr.auto(92 B)
📄 module.info.uk(0 B)
📄 module.info.uk.auto(151 B)
📄 module.info.ur(0 B)
📄 module.info.ur.auto(160 B)
📄 module.info.vi(0 B)
📄 module.info.vi.auto(145 B)
📄 module.info.zh(0 B)
📄 module.info.zh.auto(88 B)
📄 module.info.zh_TW(24 B)
📄 module.info.zh_TW.auto(73 B)
📄 passwd-lib.pl(4.76 KB)
📄 prefs.info(39 B)
📄 rbac-mapping(73 B)
📄 safeacl(47 B)
📄 save_passwd.cgi(2.88 KB)

Editing: passwd-lib.pl

=head1 passwd-lib.pl

Functions to support the change passwords module. Some example code :

foreign_require('passwd', 'passwd-lib.pl');
 $user = passwd::find_user('joe');
 if ($user) {
   passwd::change_password($user, 'smeg', 0);
 }

=cut

BEGIN { push(@INC, ".."); };
use WebminCore;
&init_config();
%access = &get_module_acl();
$rate_limit_file = "$module_var_directory/rate-limit";
$rate_limit_timeout = 10*60;	# 10 minutes
$rate_limit_max = 10;

=head2 can_edit_passwd(&user)

Returns 1 if the current Webmin user can change the password for the Unix
user whose details are in the given hash ref, which is in the format returned
by useradmin::list_users.

=cut
sub can_edit_passwd
{
if ($access{'self'} && $_[0]->[0] eq $remote_user) {
	# Self-editing override is enabled
	return 1;
	}
if ($access{'mode'} == 0) {
	# Can change any
	return 1;
	}
elsif ($access{'mode'} == 3) {
	# Only own password
	return $_[0]->[0] eq $remote_user;
	}
elsif ($access{'mode'} == 4) {
	# UID within range
	return (!$access{'low'} || $_[0]->[2] >= $access{'low'}) &&
	       (!$access{'high'} || $_[0]->[2] <= $access{'high'});
	}
elsif ($access{'mode'} == 5) {
	# Member of some group (except for exclusion list)
	return 0 if (&indexof($_[0]->[0],
			      split(/\s+/, $access{'notusers'})) >= 0);
	local $g = getgrgid($_[0]->[3]);
	return 1 if (&indexof($g, split(/\s+/, $access{'groups'})) >= 0);
	if ($access{'sec'}) {
		local $gname;
		foreach $gname (split(/\s+/, $access{'groups'})) {
			local @g = getgrnam($gname);
			return 1 if (&indexof($_[0]->[0],
					      split(/\s+/, $g[3])) >= 0);
			}
		}
	return 0;
	}
elsif ($access{'mode'} == 6) {
	# Users matching regexp
	return $_[0]->[0] =~ /$access{'users'}/;
	}
else {
	# Users on / not on some list
	local $idx = &indexof($_[0]->[0], split(/\s+/, $access{'users'}));
	return $access{'mode'} == 1 && $idx >= 0 ||
	       $access{'mode'} == 2 && $idx < 0;
	}
}

=head2 find_user(name)

Looks up the user structure for some name, in the useradmin, ldap-useradmin
and nis modules, and returns it.

=cut
sub find_user
{
local $mod;
foreach $mod ([ "useradmin", "user-lib.pl" ],
	      [ "ldap-useradmin", "ldap-useradmin-lib.pl" ],
	     ) {
	next if (!&foreign_installed($mod->[0], 1));
	&foreign_require($mod->[0], $mod->[1]);
	local @ulist = &foreign_call($mod->[0], "list_users");
	local ($user) = grep { $_->{'user'} eq $_[0] } @ulist;
	if ($user) {
		$user->{'mod'} = $mod->[0];
		return $user;
		}
	}
return undef;
}

=head2 change_password(&user, pass, do-others)

Updates a user's password. The required parameters are :

=item user - A hash ref of user details, in the format supplied by find_user.

=item pass - The new password, in plain text.

=item do-others - If set to 1, the password is changed in other Webmin modules too.

=cut
sub change_password
{
local ($user, $pass, $others) = @_;
local $mod = $user->{'mod'} || "useradmin";
local $pft = $mod eq "useradmin" ? &useradmin::passfiles_type() :
	     $mod eq "ldap-useradmin" ? 1 : 0;

# Do the change!
$user->{'olduser'} = $user->{'user'};
$user->{'pass'} = &foreign_call($mod, "encrypt_password", $pass);
$user->{'passmode'} = 3;

# Modification ALain De Witte - on change of the password set
# ADMCHG flag for AIX
$user->{'admchg'} = 1;

$user->{'plainpass'} = $pass;
if ($pft == 2 || $pft == 5) {
	if ($in{'expire'}) {
		$user->{'change'} = 0;
		}
	else {
		$user->{'change'} = int(time() / (60*60*24));
		}
	}
elsif ($pft == 4) {
	$user->{'change'} = time();
	}
&foreign_call($mod, "lock_user_files");
&foreign_call($mod, "set_user_envs", $user, 'MODIFY_USER',
	      $in{'new'});
&foreign_call($mod, "making_changes");
&foreign_call($mod, "modify_user", $user, $user);
&foreign_call($mod, "made_changes");
&foreign_call($mod, "unlock_user_files");
if ($others) {
	&foreign_call($mod, "other_modules",
		      "useradmin_modify_user", $user);
	}
}

# apply_rate_limit(key)
# Delays for some amount of time based on the key, to prevent brute force attacks
sub apply_rate_limit
{
my ($key) = @_;
my $now = time();
my %rate;
&lock_file($rate_limit_file);
&read_file($rate_limit_file, \%rate);
$rate{$key."_last"} ||= $now;
if ($now - $rate{$key."_last"} > $rate_limit_timeout) {
	# Time since blocking for this key started as expired
	delete($rate{$key});
	delete($rate{$key."_last"});
	}
my $rv;
if ($rate{$key} > $rate_limit_max) {
	$rv = "Too many failures for $key";
	}
else {
	sleep(2 ** $rate{$key});
	$rate{$key}++;
	}
&write_file($rate_limit_file, \%rate);
&unlock_file($rate_limit_file);
return $rv;
}

# clear_rate_limit(key)
# After a successful operation, clear any rate limits for the given key
sub clear_rate_limit
{
my ($key) = @_;
my %rate;
&lock_file($rate_limit_file);
&read_file($rate_limit_file, \%rate);
delete($rate{$key});
delete($rate{$key."_last"});
&write_file($rate_limit_file, \%rate);
&unlock_file($rate_limit_file);
}

X7ROOT File Manager

Editing: passwd-lib.pl

Upload File

Create Folder