Using shell_exec('passwd') to change a user's password

php sudo shell-exec passwd
RSilva picture RSilva · Sep 24, 2008 · Viewed 11.4k times · Source

I need to be able to change the users' password through a web page (in a controlled environment). So, for that, I'm using this code:

<?php
$output = shell_exec("sudo -u dummy passwd testUser testUserPassword");
$output2 = shell_exec("dummyPassword");
echo $output;
echo $output2;
echo "done";
?>

My problem is that this script is not changing the password for the user "testUser". What am I doing wrong?

Thanks

Answer

bmdhacks picture bmdhacks · Sep 24, 2008

Another option is to have a shell script, say called passwd_change.sh somewhere that looks like this:

#!/usr/bin/expect -f
set username [lindex $argv 0]
set password [lindex $argv 1]

spawn passwd $username
expect "(current) UNIX password: " 
send "$password\r"
expect "Enter new UNIX password: "
send "$password\r"
expect "Retype new UNIX password: "
send "$password\r"
expect eof

Then in your php code do:

<?php
shell_exec("sudo -u root /path/to/passwd_change.sh testUser testUserPass");
?>

Related questions

PHP sudo in shell_exec

I want to execute a command as root with shell_exec. Now I know this is dangerous, but believe me, you need to login with MOD_AUTH and have the right privilleges to come to this page. It's secure. How …

Read More
sudo in php exec()

I don't know what the deal is here… So I want to run an applescript: sudo osascript myscript.scpt This works fine in the terminal, but not when I execute it via PHP's exec(); nothing happens. The console says no …

Read More
Composer: file_put_contents(./composer.json): failed to open stream: Permission denied

I'm trying to install Prestissimo to an Ubuntu 16.04 server, but that leads to an error: $ composer global require "hirak/prestissimo:^0.3" Changed current directory to /home/kramer65/.composer [ErrorException] file_put_contents(./composer.json): failed to open stream: Permission denied require […

Read More