Skip to content

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@faf
faf committed Dec 18, 2017
0 parents commit 6d33b47
Show file tree
Hide file tree
Showing 8 changed files with 965 additions and 0 deletions.
674 changes: 674 additions & 0 deletions LICENSE

Large diffs are not rendered by default.

30 changes: 30 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# surma
simple **S**amba **U**se**R** **MA**nager

## Quick install guide for ALT Linux

```
# apt-get install perl-CGI perl-Crypt-SmbHash lighttpd sudo
# chkconfig lighttpd --add
# chkconfig lighttpd on
$ tar xvfz surma.tar.gz
$ cd surma
# mkdir /var/www
# mv html /var/www
# mv bin/* /usr/local/bin
# chmod 750 /usr/local/bin/get_tmpsmbpw /usr/local/bin/put_tmpsmbpw
# chown :lighttpd /usr/local/bin/get_tmpsmbpw /usr/local/bin/put_tmpsmbpw
# control sudo public
# echo "lighttpd ALL=(ALL) NOPASSWD:/usr/local/bin/get_tmpsmbpw" >> /etc/sudoers
# echo "lighttpd ALL=(ALL) NOPASSWD:/usr/local/bin/put_tmpsmbpw" >> /etc/sudoers
# subst '/"mod_cgi",$/ s/^#//' /etc/lighttpd/lighttpd.conf
# cat << __END__ >>/etc/lighttpd/lighttpd.conf
## surma addon
index-file.names += ("surma.pl")
cgi.assign = ( ".pl" => "/usr/bin/perl")
__END__
```
33 changes: 33 additions & 0 deletions bin/get_tmpsmbpw
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/bin/bash
# surma - simple Samba UseR MAnager
# Script to get temporary file with Samba passwords
# Copyright (C) 2008 Nikolay A. Fetisov <[email protected]>, OITS Co. Ltd.
# All Rights Reserved.

# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.

SMBPW=/etc/samba/smbpasswd
WS_USER=lighttpd
LOCKFILE=/var/lock/surma

[ -f "$LOCKFILE" ] && exit 1

TMPPW=`mktemp /tmp/smbpw-XXXXXX`
if [ -f $TMPPW ]; then
cat "$SMBPW" > "$TMPPW"
chown $WS_USER "$TMPPW"
echo $TMPPW
echo "$TMPPW" > "$LOCKFILE"
fi

38 changes: 38 additions & 0 deletions bin/put_tmpsmbpw
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/bin/bash
# surma - simple Samba UseR MAnager
# Script to save Samba passwords from temporary file
# Copyright (C) 2008 Nikolay A. Fetisov <[email protected]>, OITS Co. Ltd.
# All Rights Reserved.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.

SMBPW=/etc/samba/smbpasswd
SMBPW_BAK=/etc/samba/smbpasswd.bak
WS_USER=lighttpd
LOCKFILE=/var/lock/surma

[ -f "$LOCKFILE" ] || exit 1

TMPPW=`cat "$LOCKFILE"`
if [ -f "$TMPPW" ]; then
if ! diff -q "$TMPPW" "$SMBPW" >/dev/null; then
cp -f -- "$SMBPW" "$SMBPW_BAK"
cat "$TMPPW" > "$SMBPW"
chmod 0600 "$SMBPW"
chown root:root "$SMBPW"
echo "Ok"
fi
rm -f "$TMPPW"
fi
rm -f -- "$LOCKFILE"
1 change: 1 addition & 0 deletions html/language
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
language.ru
17 changes: 17 additions & 0 deletions html/language.ru
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
'surma' => 'surma',
'Change password' => 'Смена пароля',
'Username' => 'Имя пользователя',
'Old password' => 'Старый пароль',
'New password' => 'Новый пароль',
'Retype new password' => 'Повторный ввод нового пароля',
'Password changed' => 'Пароль изменён',
'Change' => 'Изменить',
'Reset' => 'Сбросить',
'Error: you have to fill all fields' => 'Ошибка: Вы должны заполнить все поля',
'Error: password mismatch' => 'Ошибка: пароли не совпадают',
'Error: unable to get password file' => 'Ошибка: не удалось получить файл паролей',
'Error: wrong old password' => 'Ошибка: введён неверный старый пароль',
'Error: user not found' => 'Ошибка: пользователь не найден',
'Error: unable to save password file' => 'Ошибка: не удалось записать файл паролей'
};
129 changes: 129 additions & 0 deletions html/surma.pl
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
#!/usr/bin/perl -w
# surma - simple Samba UseR MAnager
# Core script of the web interface
# Copyright (C) 2008 Fedor A. Fetisov <[email protected]>, OITS Co. Ltd.
# All Rights Reserved.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.

use strict;
use CGI;
use Crypt::SmbHash qw(ntlmgen);

use constant UPDATED => 'Ok';

my $get_tmpsmbpw = 'sudo /usr/local/bin/get_tmpsmbpw';
my $put_tmpsmbpw = 'sudo /usr/local/bin/put_tmpsmbpw';

my $language = {};

# Get language constants
if (-r './language') {
$language = do('./language');
if ($@) {
warn "surma warning: Unable to obtain language constants. Language file corrupted?\n";
}
}

# Get template
die "surma error: Template missed!\n" if !((-r './template.html') && open(IN, '<./template.html'));
my @template = <IN>;
close(IN);

# Prepare for action
my $variables = {'message' => ''};
my $cgi = new CGI;

# Try to get user data
my $data = {};
my $flag = 0;
foreach ('username', 'oldpw', 'newpw', 'newpw2') {
$data->{$_} = $cgi->param($_);
$flag++ if defined $data->{$_} && ($data->{$_} ne '');
}

if ($flag) {
# Data was supplied...
if ($flag == 4) {
# ...and all fields were filled
if ($data->{'newpw'} eq $data->{'newpw2'}) {
# New password confirmed, try to get name of the temporary file with actual hashes
my $filename = `$get_tmpsmbpw`;
chomp($filename) if (defined $filename);
# Check filename and try to open the file for read and write
if ((defined $filename) && ($filename ne '') && open(PWD, "+<$filename")) {
my $found = 0;
my $changed = 0;
# Search for the string related to given username
while (my $string = <PWD>) {
if ($string =~ /^$data->{'username'}:/) {
# String found, calculating hashes using old password value
my ($old_lm, $old_nt) = ntlmgen($data->{'oldpw'});
# Compare calculated hashes with the existing ones
if ($string =~ /^($data->{'username'}:[0-9]+:)$old_lm:$old_nt(:.*)$/) {
# Hashes matched - old password is correct
# Calculate hashes using new password value
my ($new_lm, $new_nt) = ntlmgen($data->{'newpw'});
# Move filehandler pointer to the begining of the string...
seek(PWD, tell(PWD) - length($string), 0);
# ... and rewrite it
$string = $1 . $new_lm . ':' . $new_nt . $2;
print PWD $string;
$changed = 1;
}
else {
$variables->{'message'} = '<div class="error">%%Error: wrong old password%%!</div>';
}
$found = 1;
last;
}
}
close(PWD);
# Try to save new password
my $result = `$put_tmpsmbpw`;
chomp($result) if (defined $result);

if ($found && $changed) {
# Password was successfully changed
if ((defined $result) && ($result eq UPDATED)) {
$variables->{'message'} = '<div class="message">%%Password changed%%.</div>';
}
else {
$variables->{'message'} = '<div class="error">%%Error: unable to save password file%%!</div>';
}
}
elsif (!$found) {
$variables->{'message'} = '<div class="error">%%Error: user not found%%!</div>';
}
}
else {
$variables->{'message'} = '<div class="error">%%Error: unable to get password file%%!</div>';
}
}
else {
$variables->{'message'} = '<div class="error">%%Error: password mismatch%%!</div>';
}
}
else {
$variables->{'message'} = '<div class="error">%%Error: you have to fill all fields%%!</div>';
}
}

# Send document to client
print $cgi->header('text/html; charset=UTF-8');
foreach (@template) {
s/\$\$(.+?)\$\$/$variables->{$1} || ''/eg;
s/\%\%(.+?)\%\%/$language->{$1} || $1/eg;
print;
}
43 changes: 43 additions & 0 deletions html/template.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>%%surma%%</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
body {margin: 30px 0; font: 76% Verdana, Arial, Helvetica, sans-serif; color: #333;}
div {margin: 0;}
#main {margin: 0 auto; width: 400px; border: 2px solid #aaa; background-color: #f5f5f5;}
#copyright {font-size: 0.8em; color: #777; background-color: #e0e0e0; border-top: 1px solid #ccc; padding: 2px 2px 0px 4px;}
.message, .error {border-bottom: 1px solid #ccc; padding: 2px; padding-left: 7px;}
.message {color: #000; background-color: #c7ffc7;}
.error {color: #f00; background-color: #fdd;}
a:link, a:visited, a:active {color: #777; text-decoration: none;}
a:hover {text-decoration: underline;}
table {width: 100%;}
th {text-align: center; font-size: 1.2em;}
th, td {vertical-align: middle;}
td.right {text-align: left;}
td.left {text-align: right;}
input {font-size: 1em; color: #000;}
input.button {height: 1.8em; color: #000; background-color: #fe0;}
</style>
</head>
<body>

<div id="main">
$$message$$
<form action="surma.pl" method="post" enctype="multipart/form-data">
<table>
<tr><th colspan="2">%%Change password%%</th></tr>
<tr><td class="left">%%Username%%:</td><td class="right"><input name="username" type="text" value="" size="20" /></td></tr>
<tr><td class="left">%%Old password%%:</td><td class="right"><input name="oldpw" type="password" value="" size="20" /></td></tr>
<tr><td class="left">%%New password%%:</td><td class="right"><input name="newpw" type="password" value="" size="20" /></td></tr>
<tr><td class="left">%%Retype new password%%:</td><td class="right"><input name="newpw2" type="password" value="" size="20" /></td></tr>
<tr><td class="left"><input class="button" type="submit" value="%%Change%%" /></td><td class="right"><input class="button" type="reset" value="%%Reset%%" /></td></tr>
</table>
</form>
<div id="copyright">&copy; 2008 <a href="http://www.oits.ru/">OITS Co. Ltd.</a></div>
</div>

</body>
</html>

0 comments on commit 6d33b47

Please sign in to comment.