Bug 8646 - Perl function getpwuid() for checking users password do not work in Red Hat 6.1 (with shadow password file).
Summary: Perl function getpwuid() for checking users password do not work in Red Hat 6...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: perl
Version: 6.1
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Crutcher Dunnavant
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-01-20 06:26 UTC by Atanas Kolev
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-03-22 06:19:23 UTC


Attachments (Terms of Use)

Description Atanas Kolev 2000-01-20 06:26:05 UTC
Perl function getpwuid() for checking users password do not work in Red Hat
6.1 (with shadow password file).

I am using perl script to check password entered by user against his
password in Linux system. Below you see the code.

#!/bin/perl -w

$pwd = (getpwuid($<))[1];
system "stty -echo";
print "Password: ";
chomp($word = <STDIN>);
print "\n";
system "stty echo";
print "Encripted   pass="; print crypt($word, $pwd); print "\n";
print "You entered pass=$pwd\n";
if (crypt($word, $pwd) ne $pwd) {
    die "Sorry...\n";
} else {
    print "ok\n";
}

It is working correctly in Red Hat 5.2 system, but in Red Hat 6.1 - not.

Below is output of the program:

[atanas@pcs2133 progs]$ perl check-passwd.pl
Password:
Encripted   pass=xxCAt9eiuvfl2
You entered pass=x
Sorry...

In perlfunc manual page is written:

	Shadow password
	files are only supported if your vendor has
	implemented them in the intuitive fashion that
        calling the regular C library routines gets the
        shadow versions if you're running under privilege.
        Those that incorrectly implement a separate
        library call are not supported.

What is you solution.

P.S. I have tried to run the program from privileged (root) account that is
supposed to work - the same result.

Comment 1 Atanas Kolev 2000-03-22 06:19:59 UTC
P.S. I have tried to run the program from privileged (root) account that is
supposed to work - the same result.

Note: a little correction in upper example - comments need to be switched,
instead of

print "Encripted   pass="; print crypt($word, $pwd); print "\n";
print "You entered pass=$pwd\n";

must be:

print "You entered pass="; print crypt($word, $pwd); print "\n";
print "Encrypted   pass=$pwd\n";

and according to this resulting output will be:

You entered pass=xxCAt9eiuvfl2
Encrypted   pass=x

I think it is a serious problem especially if you have perl written interface
for user logins/password checkers, and a reasonable time of response is
appropriate.

Thank You for "fast" answers.

Comment 2 Nalin Dahyabhai 2000-08-03 11:48:34 UTC
This is working correctly in the development tree.


Note You need to log in before you can comment on or make changes to this bug.