Check username/password in Linux without root
Question
If I have a username and password pair how can I verify that they are actually correct in a Linux system? I know I can use passwd to do so but I want to do it programatically using C.
I should not require root privileges (so reading the shadow file is not an option).
Thank you.
2 answers
solution1
2 2017-11-20 19:28:49
If you are using a PAM , you might be able to make use of checkpassword-pam .
The manual has an example command (with debugging) which should give you a good place to start.
echo -e "username\0password\0timestamp\0" \
| checkpassword-pam -s SERVICE \
--debug --stdout -- /usr/bin/id 3<&0
solution2
2 2021-08-20 13:56:31
This is a simple example to check the password with some python code. No root privilegs are needed.
#!/usr/bin/python3
# simple linux password checker with
# standard python
import os, pty
def check_pass(user, passw):
# returns: 0 if check ok
# 1 check failed
# 2 account locked
if type(passw) is str:
passw = passw.encode()
pid, fd = pty.fork()
# try to su a fake shell which returns '-c OK' on ok
if not pid:
# child
argv = ('su', '-c', 'OK', '-s', '/bin/echo', user)
os.execlp(argv[0], *argv)
return # SHOULD NEVER REACHED
okflg = False
locked = False
while True:
try:
data = os.read(fd, 1024)
##print('data:', data, flush=True)
except OSError:
break
if not data:
break
data = data.strip()
if data == b'Password:':
os.write(fd, passw + b'\r\n')
elif data.endswith(b'OK'):
okflg = True
break
elif data.find(b'locked') > -1:
# show that account is locked
locked = True
print(data, flush=True)
break
os.close(fd)
# check result from su and okflg
if (not os.waitpid(pid, 0)[1]) and okflg:
return 0
return 2 if locked else 1
if __name__ == '__main__':
print(check_pass('xx', 'yy'))
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.