Hi Friends, > I wanted to create a linux user on the fly(ie. With mine PERL/CGI > script) . > Is there a method to do so. I am having a webserver with root access. > Pl. reply.
Running a apache webserver as root is a bad idea. By default RHEL comes configured to run the webserver as user nobody. I would suggest you leave it running like user nobody. Next, for adding linux users on the fly by using a CGI script. Firstly, if I knew that such a system existed somewhere - I would write a bot to create 100 users daily, just so that I could teach the clueless web developer a lesson :-) . I suggest that if you need to create the users through a web form then - that system should be deployed only in an intranet - there should be enough logging of user actions to trace back who created users - have a captcha to stop bots - have a approval process before the user gets created Here is how I did it when I had to do something like this - create a script to create the user - using sudo allow apache to run that script without giving a password (i.e. from cgi script call `sudo /path/to/my/script`) - I placed this script out of my documentroot - have a script run through /var/log/security (or it might have been /var/log/auth) to check if any user other than nobody used that script, since sudo logs whenever it gets invoked A good tutorial on sudo http://aplawrence.com/Basics/sudo.html On another note, please do not hijack threads. Always start a new thread instead of taking an already ongoing one, changing the subject line and posting it again. The subject line is only loosely related to the threading. Every mail message has a message-id. When you "reply" or "followup" to a message, you client is supposed to put a References header with the message-id of the message you are replying to. If you use an existing thread, the result is that your question is buried below unrelated questions when looking at the mailing list in a threaded way. This is known as `Hijacking threads'. It causes information to be lost and you'll be less likely to get an answer. -- Raj Shekhar Y!IM : lunatech3007 blog : http://rajshekhar.net/blog home : http://rajshekhar.net Disclaimer : http://rajshekhar.net/disclaimer _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/
