From P.J.Plane@massey.ac.nz Thu Aug 10 03:43:54 1995
Message-Id: <199508100141.NAA05471@sis-lab1.massey.ac.nz>
X-Authentication-Warning: sis-lab1.massey.ac.nz: Host localhost didn't use HELO 
                          protocol
To: Ulla Sandberg <ulla@Stupi.SE>
Subject: Re: Password generator
In-reply-to: Your message of "Wed, 09 Aug 1995 12:45:55 +0700." <CMM.0.90.0.807965155.ulla@Junk.Stupi.SE>
Date: Thu, 10 Aug 1995 13:41:58 +1200
From: Philip Plane <P.J.Plane@massey.ac.nz>

Hi,

>   I`m looking for a password generator, something to generate new
>   passwords for a lot of accounts. 

I use a perl program to generate password and shadow file entries for
Solaris 2.x. The perl program also generates a bourne shell script which
is run to create the home directories and set a quota for the users. It
was developed initially to allow me to set passwords for new users. Adding
groups of users with a script didn't let me set their passwords in a batch
so I ended up with this:

#!/usr/local/bin/perl
# makes a passwd file entry
 
 
# input file format is:
# StudentIDnumber,surname,firstname,otherstuff
 
# as obtained from the registry system.
 
# ID number is used as the initial password
 
# This program adds groups of students in an orderley manner.
# - checks to see if this user, or a conflicting user already exists.
#   if the user already exists, just puts them in the relevant group.
# - checks to see if a home directory already exists.
# - if it's all OK, creates the passwd and shadow entries,
#   with the student ID as the password, a suitable expiry date etc.
# - creates a home directory, copies /usr/local/skel, and sets the perms.
# - gives the user a disk quota.
# - puts the user into the relevant group.
 
$maxuid = 0;
$passfile = "/etc/passwd";
$shadow = "/etc/shadow";
 
# number of days since Jan 1 1970 
$lastchg = int(time/86400);
$min = 0;
$max = 90;
$warn = 7;
$inactive = "";
$expire = "";
$flag = "";
$gfe = "";
$course = $ARGV[0];
 
die "usage: makecourse coursefile\n where coursefile is the file from registry for the course,\n with only the lines of student data,\n and the name of the file is the course number. e.g. 57101\n" if !-f $course;
 
die "/etc/passwd file busy - try again later.\n" if -f 'ptmp';
 
 
open(PASSWD,$passfile) || die "Can't open $passfile\n";
while(<PASSWD>) {
  ($login,$passwd,$uid,$gid,$gcos,$home,$shell) = split(/:/);
  push(@lognames,$login);
  if ($uid < 60000){
    if ($uid > $maxuid) {
      $maxuid = $uid;
    }
  }
}
print "max uid = $maxuid\n";
close(PASSWD);
 
print "\n\n";
 
$uid = $maxuid;
open(USERS,"$course") || die "Can't open $course\n";
open(SCRIPT,">buildhome") || die "Can't open buildhome\n";
open(PASS,">addpass") || die "Can't open add pass\n";
open(SHADOW,">addshadow") || die "Can't open shadow\n";

while(<USERS>) {
  # seperate at commas
  ($sid,$sname,$fname,$junk) = split(/,/);
  # remove quotes
  $sid =~ s/\"//g;
  $sname =~ s/\"//g;
  $fname =~ s/\"//g;
  # remove whitespace from surnames like Van der thingy
  $sname =~ s/ //g;
  # remove quotes from O'Brien
  $sname =~ s/'//g;
  # remove hyphens from snobs
  $sname =~ s/-//g;
  # get first character of first name
  $a = substr($fname,0,1);
  #get first 7 characters of surname
  $b = substr($sname,0,7);
  $login = $a . $b ;
  #lower case everything
  $login =~ tr/A-Z/a-z/;
  # check to see if the user already exists.
  if ( grep(/$login/,@lognames) ){
    print "$login is already in $passfile\n"
  }
  else {
    $uid += 1;
    $home = "/home/students/$login";
    $salt = substr($login,0,4);
    $passwd = crypt($sid,salt);
    $gfe .= $login . ",";
    if ( -d $home ){
      print "students home directory already exists!!";
    }
    else {
      print PASS "$login:x:$uid:500:$fname $sname:$home:/usr/local/bin/tcsh\n";
      print SHADOW "$login:$passwd:$lastchg:$min:$max:$warn:$inactive:$expire:$flag\n";
      print SCRIPT "mkdir $home\n";
      print SCRIPT "chmod 700 $home\n";
      print SCRIPT "cp /etc/skel/.??* $home\n";
      print SCRIPT "chown -R $login $home\n";
      print SCRIPT "edquota -p dummy $login\n";
    }
  }
}
 
 
close USERS;
close SCRIPT;
close PASS;
close SHADOW;
 
open(GROUP,">addgroup") || die "Can't open addgroup\n";
# remove comma from end of line.
$gfe =~ s/\,$/\n/;
print GROUP "$course::$course:$gfe";
close GROUP;
 

This produces four files; addpass, addshadow and addgroup are appended
to the passwd, shadow and group files, and buildhome is executed with sh
to create the home dirctory and set the quota.

----
Philip Plane
Computer Support Consultant
Faculty of Information and Mathematical Sciences
Massey University
Palmerston North
New Zealand

Once a new technology rolls over you,
if you're not part of the steamroller, 
you're part of the road.  
	- Stewart Brand  
	- The Media Lab