Source

vasm / src / vasm / backend / passwords.py

#!/usr/bin/env python

#    This file is part of VASM.
#
#    VASM is free software: you can redistribute it and/or modify
#    it under the terms of the GNU General Public License v3 as published by
#    the Free Software Foundation.
#
#    VASM is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with VASM.  If not, see <http://www.gnu.org/licenses/>.


import pexpect
from exceptions import Exception
import os
import crypt
from utils import get_popen
import logging

log = logging.getLogger('vasm')

__author__ = "Moises Henriquez"
__author_email__ = "moc.liamg@xnl.E0M"[::-1]

class BadPasswordException(Exception):
    pass
class BadNewPasswordException(Exception):
    pass
class UserModError(Exception):
    pass

def test_passwords_match(pass1, pass2):
    """ Check if both passwords are the same """
    return pass1 == pass2

def test_password_length(passw):
    """ Check if passw is suitable for system password """
    return len(passw) >= 6    

def change_password(user, oldpassword, newpassword):
    """Proxy to decide how to change the user password.
    If root is changing someone's password, tehre is no need to user pexpect"""
    if os.geteuid() == 0:
        # root can do anything !
        if user == "own":
            user = "root"
        return change_password_usermod(user, newpassword)
    else:
        # Non-privileged accounts are not allowed to use usermod.
        return change_password_pexpect(user, oldpassword, newpassword)    

def change_password_usermod(login, password):
    """ change the user password using usermod"""
    salt = password[0] + password[-1]
    epass = crypt.crypt(password, salt)
    proc = get_popen(
        ['/usr/sbin/usermod','-p', epass, login]
        )
    out, err = proc.communicate()
    retv = proc.returncode
    if retv > 0:
        raise UserModError(err)
    return
    
def change_password_pexpect(user, oldpassword, newpassword):
    """ Change user password using pexpect
    
    The process is spawned via pexpect.
    Returns:
        0 = Success
        raises exceptions when unsuccessful:
            BadPasswordException
    """
    child = pexpect.spawn('/usr/bin/passwd')
    i = child.expect('password: ')
    child.sendline(oldpassword)
    i = child.expect(["New password: ", pexpect.EOF])
    if i == 0:
        child.send("%s\n"%newpassword)
        ii = child.expect(["-enter new password: ", "New password: "])
        if ii == 0:
            child.send("%s\n"% newpassword)
            iii = child.expect([pexpect.EOF])
            if iii == 0:
                return 0
        else:
            #print "Bad new password", child.before
            #return 2
            msg = ("Unable to change password for user %s."% user,
                "New password does not meet minimum requirements.")
            log.error(" ".join(msg))
            raise BadNewPasswordException("The provided password does not meet minimum requirements")
    else:
        msg = ("Unable to change password for user %s"% user,
            " ", "The user failed to provide a correct current password.")
        log.error(" ".join(msg))
        raise BadPasswordException("Provided old password is wrong")
        #print "Bad old passowrd"
    log.debug("Password for user %s was successfully changed."% user)
    return 0
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.