Hi, the program zpasswd prompt. they said: If this program is called without command-line options, it will prompt for all necessary information. The available options are: -u / --username= Set the username to be used for the superuser -p / --password= Set the password -e / --encoding= Set the encryption/encoding rules. Defaults to SHA-1. OPTIONAL -d / --domains= Set the domain names that the user user can log in from. Defaults to any. OPTIONAL. Filename is not option, and should be the name of the file to store the information in. __________________ What I should write in this source code from zpasswd ? --> """Zope password change system""" __version__='$Revision: 1.8 $ '[11:-2] import sys, string, sha, binascii, whrandom, getopt, getpass, os try: from crypt import crypt except ImportError: crypt = None def generate_salt(): """Generate a salt value for the crypt function.""" salt_choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ "abcdefghijklmnopqrstuvwxyz" \ "0123456789./" return whrandom.choice(salt_choices)+whrandom.choice(salt_choices) def generate_passwd(password, encoding): encoding=string.upper(encoding) if encoding == 'SHA': pw = '{SHA}' + binascii.b2a_base64(sha.new(password).digest())[:-1] elif encoding == 'CRYPT': pw = '{CRYPT}' + crypt(password, generate_salt()) elif encoding == 'CLEARTEXT': pw = password return pw def write_access(home, user='', group=''): import whrandom pw_choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ "abcdefghijklmnopqrstuvwxyz" \ "0123456789!" ac_path=os.path.join(home, 'access') if not os.path.exists(ac_path): print '-'*78 print 'creating default access file' acfile=open(ac_path, 'w') pw = '' for i in range(8): pw = pw + whrandom.choice(pw_choices) acfile.write('superuser:' + generate_passwd(pw, 'SHA')) acfile.close() os.system('chmod 644 access') print """Note: The super user name and password are 'superuser' and '%s'. You can change the superuser name and password with the zpasswd script. To find out more, type: %s zpasswd.py """ % (pw, sys.executable) import do; do.ch(ac_path, user, group) def main(argv): short_options = ':u:p:e:d:' long_options = ['username=', 'password=', 'encoding=', 'domains='] usage = """%s [options] filename If this program is called without command-line options, it will prompt for all necessary information. The available options are: -u / --username= Set the username to be used for the superuser -p / --password= Set the password -e / --encoding= Set the encryption/encoding rules. Defaults to SHA-1. OPTIONAL -d / --domains= Set the domain names that the user user can log in from. Defaults to any. OPTIONAL. Filename is not option, and should be the name of the file to store the information in. Copyright (C) 1999 Digital Creations, Inc. """ % argv[0] try: if len(argv) < 2: raise "CommandLineError" optlist, args = getopt.getopt(sys.argv[1:], short_options, long_options) if len(args) != 1: raise "CommandLineError" access_file = open(args[0], 'w') if len(optlist) > 0: # Set the sane defaults username = 'superuser' encoding = 'SHA' domains = '' for opt in optlist: if (opt[0] == '-u') or (opt[0] == '--username'): username = opt[1] elif (opt[0] == '-p') or (opt[0] == '--password'): password = opt[1] elif (opt[0] == '-e') or (opt[0] == '--encoding'): encoding = opt[1] elif (opt[0] == '-d') or (opt[0] == '--domains'): domains = ":" + opt[1] # Verify that we got what we need if not username or not password: raise "CommandLineError" access_file.write(username + ':' + generate_passwd(password, encoding) + domains) else: # Run through the prompts while 1: username = raw_input("Username: ") if username != '': break while 1: password = getpass.getpass("Password: ") verify = getpass.getpass("Vefify password: ") if verify == password: break else: password = verify = '' print "Password mismatch, please try again..." while 1: print """ Please choose a format from: SHA - SHA-1 hashed password CRYPT - UNIX-style crypt password CLEARTEXT - no protection. """ encoding = raw_input("Encoding: ") if encoding != '': break domains = raw_input("Domain restrictions: ") if domains: domains = ":" + domains access_file.write(username + ":" + generate_passwd(password, encoding) + domains) except "CommandLineError": sys.stderr.write(usage) sys.exit(1) # If called from the command line if __name__=='__main__': main(sys.argv) Very truly yours, <><><><><><><><><><><><><><> Jonathan Desp Chairman and CEO, Atomasoft Inc. Matter will become software http://www.atomasoft.com <><><><><><><><><><><><><><>
Jonathan Desp wrote:
Hi,
the program zpasswd prompt.
...
Filename is not option, and should be the name of the file to store the information in.
...
What I should write in this source code from zpasswd ? -->
What is your question, now? Generally, you should not write anything in the source code to zpasswd.py, unless you want to change how it works. But you know that, don't you. Jonathan, it happens often on the list that someone posts confusing questions, where people scratch their head for some time trying to figure out what the person's problem might be. This is rather inefficient, as the person does not get the answer they want, or get an answer that does not fit their problem (as the answering person did not understand it). Unfortunately, your posts fall rather often in this category. I would recommend that, when asking a question to the list, to - take time describing your problem clearly, assuming the reader knows Zope but not your application; - make clear what you want to achieve; - make clear if you either have a question how to do something, or if anything does not work as you expected; - wait at least one hour and re-read your post to verify that it is fully understandable before actually posting it; - if at all possible, have some other person read your post and ask them to rephrase your question back to you, i.e., make sure that they get your real question from your post. More work? For you, initially yes. For all together? No, a lot less. For you untilk you get an answer? Probably not, as you are much more likely to get an answer to your problem, without several exchanges back and forth. In any case, it is making better use of the time of people wanting to help you, and prevents them from just adding you to their kill file (as I was very nearly to do at some time). And it is likely to give you a better standing in the Zope community. This is not to say that I am perfect in that respect - even after some fourteen years on mailing lists I still manage to send out posts that I find less than perfect upon reading them when they come back from the listserver. But one must always strive for the best :-) Cheera, Jan
Hi Jonathan, Try this from the console: python zpasswd.py --username="superuser" --password="TheNewPassword" "access" This is documented in the Zope installation files. Note that doing it this way, the command line will be stored in the command line buffer file on your system, which may be a security issue. HTH, Eric. // -----Original Message----- // From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of // Jonathan Desp // Sent: Saturday, July 29, 2000 3:21 PM // To: Marcin.Kasperski@softax.com.pl // Cc: zope zope zope // Subject: [Zope] password // // // Hi, // // the program zpasswd prompt. // // they said: <snip>
"Eric L. Walstad" wrote:
Hi Jonathan,
Try this from the console:
python zpasswd.py --username="superuser" --password="TheNewPassword" "access"
This is documented in the Zope installation files.
Note that doing it this way, the command line will be stored in the command line buffer file on your system, which may be a security issue.
To avoid this you could do: $ python zpasswd.py access And just answer the prompts ;) -- Do not meddle in the affairs of sysadmins, for they are easy to annoy, and have the root password.
participants (4)
-
Bill Anderson -
Eric L. Walstad -
jan@haul.de -
Jonathan Desp