user account logon from python
Philippe C. Martin
pmartin at snakecard.com
Tue Nov 8 20:16:46 EST 2005
Hi Mike,
Mike Meyer wrote:
>> 1- I cannot find getpwent in the documentation
>
> getpwent is a Unix library call. For python, you want the pwd
> module. The docs are <URL: http://docs.python.org/lib/module-pwd.html >.
>
I must be blind but still do not see it - do you mean getpwnam ?
>> 2- crypt will not work if the system does not have shadow pw
>
> Rubbish. crypt doesn't know anything about passord files. It just
> knows how to encrypt a password. It's up to you to get the password
> attempt from the user, and the encrypted password from the password
> file (or the shadow password file). The pwd module doesn't deal with
> shadow passwords. Maybe you meant "system does have shadow pw". But
> it's pwd that doesn't work, not crypt - and that depends on the
> system. For instance:
>
I meant that the code form the documentation fails on the "raise", with the
error "Sorry, currently no support for shadow passwords"
What should I understand ?
import os
import crypt, getpass, pwd
def login():
username = raw_input('Python login: ')
cryptedpasswd = pwd.getpwnam(username)[1]
print cryptedpasswd
if cryptedpasswd:
if cryptedpasswd == 'x' or cryptedpasswd == '*':
raise "Sorry, currently no support for shadow passwords"
cleartext = getpass.getpass()
return crypt.crypt(cleartext, cryptedpasswd) == cryptedpasswd
else:
return 1
> bhuda% cat tp.py
> #!/usr/bin/env python
>
> import pwd, os
>
> p = pwd.getpwnam(os.environ['USER'])
> print p[1]
> bhuda% ./tp.py
> *
>
> But:
>
> bhuda# ./tp.py
> $1$cKJbUtaY$y.e7GRjo8ePxgiBzskyRX0
>
> I.e. - as me, the pwd routines won't return passwords. As root, it
> returns the encrypted password.
>
>> 3- Even as root I get "Operation not permitted" using setuid and setgid
>> ... but I assume it is because I cannot get 1 and/or 2 to work.
>
> They shouldn't have anything to do with it. Are you sure the process
> is running as root? For instance, most modern Unices won't honor the
> the setuid bit on script executables. You have to write a setuidj
> wrapper that runs the interpreter with the appropriate privileges.
>
> <mike
Thanks and regards,
Philippe
More information about the Python-list
mailing list