#!/usr/bin/expect -- 
# 
# NAME 
# newpass - set user's passwd from the command line non-interactively 
# 
# SYNOPSIS 
# newpass user password [files|nis|nisplus] 
# 
# DESCRIPTION 
# When run as root, this script will interact with passwd and set 
# "password" for the specified "user". The script knows about both 
# Solaris and Linux and, in the case of Solaris, can explicitly 
# set the password in any of the three possible services 
# (files, nis, or nisplus). If not specified, the system default 
# for authentication is used. 
# 
# Author: Jim Levie (jlevie@bellsouth.net) 
# 
log_user 0 
set LinuxOS 0 
set svc "default" 
if {[exec uname -s] == "Linux"} { set LinuxOS 1 } 
if {!$LinuxOS && $argc == 3} { 
if {[lindex $argv 2] == "files" || [lindex $argv 2] == "nis" 
|| [lindex $argv 2] == "nisplus"} { 
set svc "[lindex $argv 2]" 
} else { 
send_error "Usage: newpass user passwd \[files|nis|nisplus\]\n" 
exit 1 
} 
} elseif {$LinuxOS && $argc != 2} { 
send_error "Usage: newpass user passwd\n" 
exit 1 
} elseif {$argc < 2 || $argc >3} { 
send_error "Usage: newpass user passwd \[files|nis|nisplus\]\n" 
exit 1 
} 
set user [lindex $argv 0] 
set pass [lindex $argv 1] 
# 
# Solaris 2.6 & later needs the -r option to specify which 
# password service (files, nis, nisplus) see man passwd. Linux 
# has passwd in a different location and doesn't need the 
# service specification. (Note that I no longer have anything 
# earlier than 2.6 to test with, you've been warned... there be 
# dragons here). 
# 
# BIG NOTE!!! Linux has to have the "sleep 1" between each of 
# the "expect/send" pairs. It puts out the prompt before it's actually 
# ready to take input. You can comment them out for Solaris, but 
# it doesn't hurt for them to be there and might be a plus 
# busy server. (there be really big dragons here...) 
# 

if {$LinuxOS} { 
spawn -noecho /usr/bin/passwd $user 
} else { 
if {$svc == "files"} { 
spawn /bin/passwd -r files $user 
} elseif {$svc == "nis"} { 
spawn /bin/passwd -r nis $user 
} elseif {$svc == "nisplus"} { 
spawn /bin/passwd -r nisplus $user 
} else { 
spawn /bin/passwd $user 
} 
} 

if {$LinuxOS} { sleep 1 } 
expect { 
-re "(.*) does not exist" { 
send_error "unknown user: $user\n" 
exit 1 
} -re "(.*) Unknown user(.*)" { 
send_error "unknown user: $user\n" 
exit 1 
} default { 
send_error "$expect_out(buffer)" 
exit 1 
} -re "New (.*)password:" 
} 
send "$pass\r" 
if {$LinuxOS} { sleep 1 } 
expect { 
-re "passwd.SYSTEM.(.*)" { 
send_error "$expect_out(buffer)" 
exit 1 
} -re "BAD(.*)" { 
send_error "$expect_out(buffer)" 
exit 1 
} default { 
send_error "Unknown error from passwd\n" 
exit 1 
} -re "Re(.*) password:" 
} 
send "$pass\r" 
if {$LinuxOS} { sleep 1 } 
expect { 
-re "passwd(.*) try again" { 
send_error "$expect_out(buffer)" 
exit 1 
} -re "Sorry,(.*)" { 
send_error "$expect_out(buffer)" 
exit 1 
} default { 
send_error "Unknown error from passwd\n" 
exit 1 
} -re "(.*) successfully changed (.*)" { 
send_user "Password changed\n" 
exit 0 
} -re "(.*) updated successfully" { 
send_user "Password changed\n" 
exit 0 
} 
} 
close 
wait 
send_user "\n"