[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Raq3 admin & root passwords
- Subject: Re: [cobalt-users] Raq3 admin & root passwords
- From: Jonas Pasche <jonas@xxxxxxxx>
- Date: Wed Apr 26 04:06:37 2000
hi there,
WHAT? Changing the admin password from the gui also changes root password?
I've to check that...
... Yes you are right.
news from the "cool isp" (thanks to michael *g*) that delivers raq servers
with different admin/root passwords. :))
i couldn't sleep while thinking about this
"admin-password-changes-root-password" mechanism (we've noticed that since
months). now i've found out how to disable this. this information is only
for a raq3 and not tested on a raq2 yet. it is tested only once on a raq3
and works fine, but i don't know if there are problems that aren't obvious
at the moment, so use this on your own risk. it's just quick-and-dirty.
take a look into User.pm, sub user_mod:
[...]
# Arguments: ("login","new description","new cleartext password","new
quota","new shell")
# Side effects: modifies the password file
# If we change the password for admin, we also do it for root.
[...]
go to line 714; there is the condition to check if you change the admin user:
[...]
if (($newdescr || $newpasswd || $newshell || $newgroup) && ($name eq
$Adminuser))
[...]
a bit later (line 723) starts the routine to change the admin _and_ root
password:
[...]
{
while (<PASSWD>)
{
if (/^$Adminuser:/o)
{
print PTMP "$name:$pass:$uid:$gid:$desc:$dir:$shell\n";
}
elsif (/^root:/o)
{
print PTMP "root:$pass:0:0:Root:/root:/bin/sh\n";
}
else
{
print PTMP;
}
}
close PASSWD;
[...]
you can comment the important lines out [this will definitively void your
warranty]:
[...]
{
while (<PASSWD>)
{
if (/^$Adminuser:/o)
{
print PTMP "$name:$pass:$uid:$gid:$desc:$dir:$shell\n";
}
# elsif (/^root:/o)
# {
# print PTMP "root:$pass:0:0:Root:/root:/bin/sh\n";
# }
else
{
print PTMP;
}
}
close PASSWD;
[...]
keep this in mind: i don't know how the password is reset if you use the
password reset port on the raq front. i guess it is using the same method.
so if you forget your passwords, you are only able to reset the admin
password with the password reset port. you can NOT reset the root password
(didn't have the time to prove this yet).
anybody knows how resetting the password with the port works? if you use
the port, which program is called?
cya, jonas.
____________________________________________
Jonas Pasche
Technischer Support
webagentur Domke GmbH
Rheinstr. 3 - 64283 Darmstadt - Germany
Telefon +49 6151 17742-33
Telefax +49 6151 293173
http://www.domke.de
mailto:j.pasche@xxxxxxxx
____________________________________________