From: "Jason S" <[EMAIL PROTECTED]> Guys, thanks for great idea. now i know how to solve this problem :)
glen > > > On Fri, 24 Jan 2003 15:30:59 +0800, [EMAIL PROTECTED] (Glynn > > S. Condez) wrote: > > > > >Hi All, > > > > > >I created a cgi perl script, its an account creation script, means you > > >can add an account to a linux system. > > > > > >my problem is, the cgi can't append the password, shadow and group > > >file. How can I make my script to work? I don't have any idea now if > > >its possible to make the script work. > > > > When you are asking to do alot with just a simple script. > > First of all, you need root access to do this, and running anything > > as root thru cgi is asking for trouble. > > > > Usually the answer to this is to use something like suexec, so the > > web browser runs as a user, then put that user in the sudoers file, > > with the power to do it. It still is dangerous. > > > > Another better solution, is to have the cgi write the requests for > > user and password change to a file, and run a cron script by root, > > which periodically checks it for errors, and does the changes. > > > > Unless you are really good at this, and few are, it might be best > > to use an already developed package to do this. Maybe webmin, > > or whatever, I forget the names. > > If you need this functionality, I would definitely go with the second option > above. Have your cgi script add the accounts and passwords to a text file, > and run a cron job every 5 minutes or so (which executes another perl > script) to read the file and exec useradd/groupadd on the data contained > therein. > > This will allow your second script to do whatever QA and error checking you > require on the submitted username/passwords before adding them, and it > alleviates the need to use sudo, etc. > > Make sure the cron job is root owned. > > > > -- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]