user account logon from python

Philippe C. Martin pmartin at snakecard.com
Tue Nov 8 20:16:46 EST 2005 

Hi Mike,


Mike Meyer wrote:
>> 1- I cannot find getpwent in the documentation
> 
> getpwent is a Unix library call. For python, you want the pwd
> module. The docs are <URL: http://docs.python.org/lib/module-pwd.html >.
> 

I must be blind but still do not see it - do you mean getpwnam ?


>> 2- crypt will not work if the system does not have shadow pw
> 
> Rubbish. crypt doesn't know anything about passord files. It just
> knows how to encrypt a password. It's up to you to get the password
> attempt from the user, and the encrypted password from the password
> file (or the shadow password file). The pwd module doesn't deal with
> shadow passwords. Maybe you meant "system does have shadow pw". But
> it's pwd that doesn't work, not crypt - and that depends on the
> system. For instance:
> 
I meant that the code form the documentation fails on the "raise", with the
error "Sorry, currently no support for shadow passwords"

What should I understand ?

import os


import crypt, getpass, pwd

def login():
    username = raw_input('Python login: ')
    cryptedpasswd = pwd.getpwnam(username)[1]
    print cryptedpasswd
    if cryptedpasswd:
        if cryptedpasswd == 'x' or cryptedpasswd == '*': 
            raise "Sorry, currently no support for shadow passwords"
        cleartext = getpass.getpass()
        return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
    else:
        return 1


> bhuda% cat tp.py
> #!/usr/bin/env python
> 
> import pwd, os
> 
> p = pwd.getpwnam(os.environ['USER'])
> print p[1]
> bhuda% ./tp.py
> *
> 
> But:
> 
> bhuda# ./tp.py
> $1$cKJbUtaY$y.e7GRjo8ePxgiBzskyRX0
> 
> I.e. - as me, the pwd routines won't return passwords. As root, it
> returns the encrypted password.
> 
>> 3- Even as root I get "Operation not permitted" using setuid and setgid
>> ... but I assume it is because I cannot get 1 and/or 2 to work.
> 
> They shouldn't have anything to do with it. Are you sure the process
> is running as root? For instance, most modern Unices won't honor the
> the setuid bit on script executables. You have to write a setuidj
> wrapper that runs the interpreter with the appropriate privileges.
> 
>         <mike

Thanks and regards,

Philippe

More information about the Python-list mailing list