[sork] passwd module (expect)

Philip Goisman goisman at physics.arizona.edu
Tue Oct 31 16:01:35 PST 2006 

I've been through the sork archive and looked for a similar problem as mine on
the  web.  But, I've not seen this problem anywhere.  Hopefully, someone on this
list will recognize this problem.

Here's my setup:

Horde Applications

    * Horde: 3.2-cvs
    * Imp: H3 (4.2-cvs)
    * Ingo: H3 (1.2-cvs)
    * Intranet: 0.1-cvs
    * Jeta: H3 (1.0-cvs)
    * Kronolith: H3 (2.2-cvs)
    * Nag: H3 (2.2-cvs)
    * Passwd: H3 (3.1-cvs)
    * Turba: H3 (2.2-cvs)

everything works but passwd.

The passwd.log error is as follows:
couldn't open "/tmp/passwdmyP6ii": permission denied
    while executing
"open $log "w" "0600""
    invoked from within
"set err [open $log "w" "0600"]"
    (file "../horde/passwd/config/../scripts/passwd_expect" line 149)

Permissions on /tmp are drwxrwxrwt.

Upon changing the password, the passwd module reports the password was
changed succesfully.  It wasn't and the shadow file isn't touched.


../horde/passwd/config/conf.php is as follows:

$conf['menu']['apps'] = array('imp');
$conf['backend']['backend_list'] = 'shown';
$conf['user']['change'] = true;
$conf['user']['refused'] = array('root', 'bin', 'daemon', 'adm', 'lp',
'shutdown', 'halt', 'uucp', 'ftp', 'anonymous', 'nobody', 'httpd', 'operator',
'guest', 'diginext', 'bind', 'cyrus', 'courier', 'games', 'kmem', 'mailnull',
'man', 'mysql', 'news', 'postfix', 'sshd', 'tty', 'www');
$conf['password']['strengthtests'] = false;
$conf['hooks']['full_name'] = false;
$conf['hooks']['default_username'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['userdn'] = false;

../horde/passwd/config/backends.php is as follows:

$backends['expect'] = array(
    'name' => 'hostname',
    'preferred' => '',
    'password policy' => array(
        'minLength' => 3,
        'maxLength' => 8,
        'maxSpace' => 0,
        'minUpper' => 1,
        'minLower' => 1,
        'minNumeric' => 1,
        'minSymbols' => 1
    ),
    'driver' => 'expect',
    'params' => array(
        'program' => '/usr/bin/expect',
        'script' => dirname(__FILE__) . '/../scripts/passwd_expect',
        'params' => '-ssh -host hostname -output /tmp/passwd.log'
    )
);

And, the passwd_expect script does run manually and passwords are changed.

My suspicions are in my apache configuration which runs on RHEL 4.

There is a sentence in the INSTALL which states, " If your web server doesn't
have write permissions to the Passwd configuration directory or file, it will
not be able to write the file."  

What entries need to be made in httpd.conf - if any - to enable this passwd
module?  Or, what is it that I have to do to make the passwd module work online
with the "passwd_expect" script?

Thanks for any help.

Regards,

Philip

More information about the sork mailing list