How to change samba and ubuntu password remotely? - samba

So I have this file server for this school. Basically, every student uses one public login for windows and ubuntu alike. They use a custom app to login to the Samba Ubuntu Server using their own password to get to their personal directory. Once and a while they will need to change their password for this login. I need a way to change someones password that is thorough enough so that a bash script could do it, both for samba smbpasswd and ubuntu's passwd. So to sum this up, I need to know what command could be used to change someones password with no-user intervention using a bash script. Because when you type passwd username, then it asks you to type the password, I want a bash script to do this for me, so that when users want to change their password, I just need to edit that bash script. Im looking for something like "passwd user --current-password=CURRENTPASS --new-password=NEWPASS" and it would return ON THAT LINE. I also need it to work for smbpasswd so samba can change its password too.
EDIT
Found it! Wow this is great, which I knew this earlier. Using the following command works:
echo -e "newpass\nnewpass" | (smbpasswd -s username)
echo -e "newpass\nnewpass" | (passwd --stdin username)
Of course you would need to add the old password too if you were not running root. I love solving my own problems!

The solution, although posting this late, may not be secure, but was this:
echo -e "newpass\nnewpass" | (smbpasswd -s username)
echo -e "newpass\nnewpass" | (passwd --stdin username)

Related

How to manage User Accounts in MediaWiki via Database?

I installed the MediaWiki, but forgot both username and password, can some one help to to retrieve User Name and Password.
Do you have shell access? You can run the CreateAndPromote maintenance script:
$ php maintenance/createAndPromote.php --bureaucrat --sysop --force YourUsername Y0urN3wPassw0rd

Login to the WAMP mysql console

After I went to phpMyAdmin to create new user.
Username: ken
Hostname: localhost
Password: 123456
Checked Global Privilege
When I start the MySQL console, it said that I need to enter the password. I pressed [ENTER] and it seem I have login to root. I haven't create password for root yet, Do I have to create a password for root? (I know it kinda dumb question, but I just want be crystal clear and simple answer)
Also, If I wanted to login to my newly created user, how do I do it?
I tried:
mysql> mysql -h localhost -u ken -p
->exit
Nothing happened.
The MySQL Console menu item in WAMPServer is setup to use the root account.
As the root account comes out of the box with no password set, then the correct thing to do is to just hit enter when the mysql processor asks for a password.
If you set a password on the MYSQL root account then when the MYSQL Console asks for a password you can use the newly created password.
If you want to login to MYSQL using a different user account, then it is simpler to use a command window and CD into the mysql folder and run the mysql.exe processor from there like
> cd \wamp\bin\mysql\mysql{version}\mysql
mysql -uken -p
I personally use a little batch file, that I store in a folder that is already on the windows PATH, never add a wamp folder to the windows PATH as this will mess you up when/if you ever install more than one version of MYSQL in your WAMPServer!
mysqlpath.bat
echo off
if %1.==. GOTO ERROR
PATH=%PATH%;c:\wamp\bin\mysql\mysql%1\bin
echo
echo -----------------------------------------------
mysql -V
echo -----------------------------------------------
echo
GOTO EndPHP
:ERROR
echo -----------------------------------------------
echo Parameter 1 should be something like 5.4.13 to use mysql5.4.13
echo -----------------------------------------------
:EndPHP
Then you run it like
>mysqlpath 5.7.10
and it sets that path up just for the duration of the command windows life.
First of all you have to logout of your current and then login with your new user:
For exiting just type:
> exit;
Then login with your new user:
$ mysql -u <username> -p
Keep in mind that:
By default mysql logic try with host localhost, otherwise if your server it's in another host just add the flag -h <your-hostname> at the end of your Shell request.
By default also, mysql try with port 3306, otherwise if your mysql's server port it's in another port just add --port=3333 at the end of your Shell request.
Keep in mind that if you aren't enable to run console interface of mysql you can use a Environment PATH for executing mysql otherwise you must edit your comand... changing mysql by the path to the wamp mysql bin location.
Let's supose you have mysql in this location: C:\wamp\bin\mysql\mysql5.7.19\bin, then, your comand will be:
D:\wamp2\bin\mysql\mysql5.7.19\bin\mysql.exe -u <username> -p
And that's it. If you have any issue please let me know, I will gladly help.
Resources:
How to manage MySQL databases and users from the command line

Why can't I pipe a password into mysql non-interactively?

I want to run mysql client, giving the password non-interactively.
The standard solution is this
mysql -u root -e "foo" -p < password_file
but my situation is this
produce_password | mysql -u root -p
Here, mysql prompts for a password, even though data is being piped in. (Yes, produce_password is emitting data; echo foo | mysql behaves the same way.)
The Internet seems to think the above should work, but the fact is it doesn't. The workaround would be
produce_password > password_file
mysql -u root -p < password_file
rm password_file
But let's say I don't want to do this (e.g. policy demands that this password never be written to the disk)
How can I make mysql take the password from the input process without prompting, as it would for a file?
With thanks to fancyPants for explaining the cause, here is a solution which meets my requirements. (The encrypted .mylogin.cnf with mysql_config_editor isn't right for me, but thanks.)
To satisfy the security policy, mount /ramfs as a ramfs temporary file system. Assume file permissions are suitably restrictive.
ramdir="/ramfs"
cnf="$(mktemp "$ramdir/this-script-name-XXXXX")"
pw="$(produce_password)"
cat >"$cnf" <<EOF
[client]
user=root
password="$pw"
EOF
mysql --defaults-extra-file="$cnf" -e 'select 1'
rm "$cnf"
the problem with that is the password shows up in the process list.
But you can do this.
mysql --defaults-file=<(echo '[client]'; echo 'user=USERNAME'; echo "password=$mysqlpassword";)
It shows up in the process list like this.
mysql --defaults-file=/dev/fd/63
so the <() creates a file handle to the output of your commands.
This works with command line options that are expecting a file.
I don't know how to explain this, but when you pipe something, the stdout of the first program is forwarded to the stdin of the second program. You somehow confuse this, with the command line or whatever. You can pipe something to mysql, of course, but whatever you pipe is handled after you've authenticated yourself.
The solution would be
mysql -u root -p$(produce_password)
This generates your password with whatever program you have there and puts it in the right place on your commandline (my english is bad, can't explain better). When you have it in a file you could do
mysql -u root -p$(cat file)
I don't know, why you want to do it this way anyway, but you might be interested in having an encrypted file with your credentials, that you can use to log in without specifying a password. Read more about it here.
The easiest way is to declare the environment variable MYSQL_PWD.
Example:
$ export MYSQL_PWD=$(produce the password if required)
$ mysql -h example.org -u username
Remember you should not use -p in this case.

Can't login to unix mysql user

I'm trying to login to my mysql user created by the MySQL installation in bash shell.
So the command I'm trying to do is:
sudo -i -u mysql
But, it does nothing (nothing printed out in the console, not connected to any user whatsoever, etc...).
EDIT: The return value of the command is 1 though.
Here is the mysql user line in the /etc/passwd file:
mysql:x:89:89::/var/lib/mysql:/bin/false
I'm running on ArchLinux 64bit and the user I'm trying to connect to is local (no connection to a remote server whatsoever).
I'm trying to understand why I can login with any other user (like postgres, root, ...) but not mysql.
Hope you can help!
This is intended behaviour. When you compare the /etc/passwd line with other lines you'll notice that the user mysql has /bin/false setup as the shell while others have usually /bin/sh or sth. similar.
When you sudo to mysql you actually get a login for about a millisecond or so and then his "shell" gets executed. /bin/false immediately returns with rc=1 (that's the only purpose of the false command).
This is some kind of "trick" to prevent users from logging in as user mysql although the account is otherwise fully operational.
The user mysql may even have a valid password and be enabled but due to his odd shell setting you cannot login as him. Sometimes these technical users have /usr/bin/passwd set as their shell. Then you can only sudo to that user and change his password, nothing else.

Setting mysql as shell

I have a user on my machine that is only supposed to run mysql. Is there any way that I can set the shell of that user to mysql and login using password and username?
I know how to change the shell to the mysql binary
usermod -s /usr/bin/mysql
That is working indeed, only I can't provide a username/password in the program. Usually user/pw are given as
mysql -u $USER -p
I can not provide parameters for a shell as in
usermod -s "/usr/bin/mysql -u $USER -p" # Does not work!
Also using a simple shell-script as shell does not work:
#!/bin/sh # mysqlShell
/usr/bin/mysql -u $USER -p
----
usermod -s mysqlShell # does not work
So how can I provide parameters to a program I use as a shell for a user?
Thanks to Tom Regner I could figure out a solution using .my.cnf containing
[client]
host=localhost
user=$user
password=$pass
disable-auto-rehash
where mysql is set to the shell. I still would like give the password manually but this is the best I found.
Setup a $HOME/.my.cnf file for the user
[client]
host=localhost
user=mysqluser
password=mysqlpass
then set a bash as login shell and put the following in $HOME/.bashrc
exec mysql --host=localhost dbname
that should do what you want, while the user in question just has to give one password (the system account password on login).
exec replaces the shell process with the mysql process.
If this does not work as expected, you may need to adjust $HOME/.bash_profile to source .bashrc:
[[ -f ~/.bashrc ]] && . ~/.bashrc
It might be enough to provide an appropriate .my.cnf and setting /usr/bin/mysql as shell, but this way you can pass arbitrary commandline options/flags to the mysql client.
You can do that by editing the user's account details in the /etc/passwd and change the default shell.
You need a login password (unless you set up ssh appropriately). Use the following command: sudo passwd username to change that login password.
You also need a mysql password. Use SET PASSWORD Mysql request.
If you want the user to be connected to some fixed database with some fixed password, code a small C wrapper (then, make the executable only executable by your Unix user) doing mysql_real_connect, or calling some exec function for mysql --user=username --password=password databasename but I don't recommend doiing the later (because ps aux will show the password, and that is a security risk).
Perhaps, since MySQL is free software, you could customize the source code of mysql for your particular needs.
Perhaps using a restricted shell and carefully configuring it is better.