plugins/password/helpers/chpass-wrapper.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

#!/usr/bin/env python

import sys
import pwd
import subprocess

BLACKLIST = (
    # add blacklisted users here
    #'user1',
)

try:
    username, password = sys.stdin.readline().split(':', 1)
except ValueError, e:
    sys.exit('Malformed input')

try:
    user = pwd.getpwnam(username)
except KeyError, e:
    sys.exit('No such user: %s' % username)

if user.pw_uid < 1000:
    sys.exit('Changing the password for user id < 1000 is forbidden')

if username in BLACKLIST:
    sys.exit('Changing password for user %s is forbidden (user blacklisted)' %
             username)

handle = subprocess.Popen('/usr/sbin/chpasswd', stdin = subprocess.PIPE)
handle.communicate('%s:%s' % (username, password))

sys.exit(handle.returncode)