> Why not use the samba functionality to sync the unix passwords > automatically?
Yes but, the problem is that when run as root the smbpasswd routine doesn't check the exiting password, for the obvious reason that if a user forgot their password how would root be able to fix it if the program prompted for the old password). I can't run the cgi-script as the user who is trying to change their password because I don't know who that person is until the script gets the input data. Then I somehow need to change the process to the identity of that user. I have yet to figure out how to do that, "su" doesn't have a --stdin option and with the "passwd" program --stdin option only works for root, but your idea of syncing the passwds from smbpasswd might clear that hurdle as -s still works for smbpasswd with a non-root user. I set unix password sync = Yes and called smbpasswd from the command line but it didn't sync the unix password (yes I hup'd the smbd). Even if I sort that out I still don't know how to get the script to change it's userid (maybe I have to write out a script dynamically, change it's ownership and setuid to that user and then call it? but I have to be root to do this) So I figured that the easiest thing to do would be to run the script as root but check the old password was valid before calling the passwd and smbpasswd commands. (and lock the script down obviously) Hence my original post, is there a system command that will allow me to check if a given string is a valid passwd for a given user, At this stage I think that the perl / crypt routines might be the solution. Thanks for your suggestion, other ideas still welcome. Pete. -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
