CODEWITHSUNDEEP
phplinux
StackOverflowNewbie
StackOverflowNewbie

Reputation: 40653

useradd - not working with -p option

I have a PHP script that is trying to add a user. Here's a simplified snippet:

<?php
    $groupname = 'mygroup';
    $username  = 'test';
    $password  = crypt('Pass123!');
    var_dump($password);

    $command = "sudo useradd -G $groupname $username -p $password -s /bin/false";
    var_dump($command);

    $output = array();
    $return = 0;
    exec($command, $output, $return);

    var_dump($output);
    var_dump($return);

After running this script, I see the user test in the /etc/passwd file. However, I don't see password in the /etc/shadow file. My gut feeling is that I am incorrectly setting the password somehow.

Any ideas what I am doing wrong? Thanks.

UPDATE:

When I create the user via the command line and add the password using passwd command, the encrypted string I see in /etc/shadow is very different from what the crypt function in my PHP script generates.

UPDATE 2

Per mario's suggestion:

<?php
    $groupname = 'mygroup';
    $username  = 'test';
    $password  = crypt('Pass123!');
    var_dump($password);

    $command = "sudo useradd -G '$groupname' '$username' -p '$password' -s /bin/false";
    $command = escapeshellcmd($command);
    var_dump($command);

    $output = array();
    $return = 0;
    exec($command, $output, $return);

    var_dump($output);
    var_dump($return);

NOTE: this has not fixed anything for me. Problem is still the same.

Upvotes: 2

Views: 2282

Answers (2)

Mirza Selimovic
Mirza Selimovic

Reputation: 1739

Try to crypt your password with a perl script :

$command = "sudo useradd -G ".$groupname." ".$username." -p $(perl -e 'print crypt($ARGV[0], \"password\")' ".password.") -s /bin/false";

Upvotes: 0

mario
mario

Reputation: 145482

Your main problem is that the crypt() hash starts with $1$abc.. usually. And your parameters for the command to exec() are not escaped. At the very least quote them:

$command = "sudo useradd -G '$groupname' '$username' -p '$password'  ";

But you should use escapeshellcmd() on each preferrably.

The hash you get back from PHPs crypt() is not necessarily the same as the passwd utility would generate it. There are different hash functions. PHP gives you the MD5 version (starting with $1$), whereas passwd might default to generating SHA512 hashes (starting with $6$).

See the examples on http://php.net/crypt with algorithm and salt parameters.

Upvotes: 1

Related Questions