[英]Check username/password in Linux without root
If I have a username and password pair how can I verify that they are actually correct in a Linux system?如果我有一对用户名和密码,我如何验证它们在 Linux 系统中是否正确? I know I can use passwd
to do so but I want to do it programatically using C.我知道我可以使用passwd
来这样做,但我想使用 C 以编程方式进行。
I should not require root privileges (so reading the shadow file is not an option).我不应该需要 root 权限(所以读取影子文件不是一个选项)。
Thank you.谢谢。
If you are using a PAM
, you might be able to make use of checkpassword-pam
.如果您使用的是PAM
,则可以使用checkpassword-pam
。
The manual has an example command (with debugging) which should give you a good place to start.该手册有一个示例命令(带调试),它应该给你一个很好的起点。
echo -e "username\0password\0timestamp\0" \
| checkpassword-pam -s SERVICE \
--debug --stdout -- /usr/bin/id 3<&0
This is a simple example to check the password with some python code.这是一个使用 python 代码检查密码的简单示例。 No root privilegs are needed.不需要根权限。
#!/usr/bin/python3
# simple linux password checker with
# standard python
import os, pty
def check_pass(user, passw):
# returns: 0 if check ok
# 1 check failed
# 2 account locked
if type(passw) is str:
passw = passw.encode()
pid, fd = pty.fork()
# try to su a fake shell which returns '-c OK' on ok
if not pid:
# child
argv = ('su', '-c', 'OK', '-s', '/bin/echo', user)
os.execlp(argv[0], *argv)
return # SHOULD NEVER REACHED
okflg = False
locked = False
while True:
try:
data = os.read(fd, 1024)
##print('data:', data, flush=True)
except OSError:
break
if not data:
break
data = data.strip()
if data == b'Password:':
os.write(fd, passw + b'\r\n')
elif data.endswith(b'OK'):
okflg = True
break
elif data.find(b'locked') > -1:
# show that account is locked
locked = True
print(data, flush=True)
break
os.close(fd)
# check result from su and okflg
if (not os.waitpid(pid, 0)[1]) and okflg:
return 0
return 2 if locked else 1
if __name__ == '__main__':
print(check_pass('xx', 'yy'))
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.