Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

CGI shell script using bash

CGI shell script using bash

CGI shell script using bash

Hi all:

Got a task to have end users change their samba passwd from a web page. I would like to use perl but having hacked and tried for the last few days, I am not getting anywhere. I have gotten farther using bash.

The end users are CLI illerteriate, if it isn't on windoze or a web page they are lost. The need for this is coming as a result of WIN7 putting in another level of authentication for samba and it will not allow for blank passwds. (It will, but research I have done says it is a registry change.)

The system that has the smbpasswd is a RH5 system with apache.

I have searched for something similar but to no avail, all I can find are programs that change the LDAP, NIS, AD, & samba passwds - but all I want (need) is to change the samba passwd. Nothing else. Nothing complex, just plug the user entered values into the smbpasswd command, being called by sudo. But I cannot seem to get the user entered values to populate the sam_chg script.

Here is what I have;

echo "Content-type: text/html"

echo ""
echo "<html><head><title>Change CIFS password</title></head><body>"
echo ""
printf '<h1>CIFS passwd change</h1>'
echo ""
echo "Today is $(date '+%Y-%B-%d %H:%M:%S')"
echo ""
printf '<h3>Enter your username: <input type="text" name="username" size="20" /></h3>'
printf '<h3>Enter your old password: <input type="text" name="old_pass" size="20" /></h3>'
printf '<h3>Enter your new password: <input type="text" name="new_pass1" size="20" /></h3>'
printf '<h3>Re-Enter your new password: <input type="text" name="new_pass2" size="20" /></h3>'
echo ""
echo "<input type="Submit" name="submit" value="submit form" />"
echo "<form action="sam_chg.bsh" method="POST">"
echo ""
echo "</form>"
echo "</body></html>"

The sam_chg.bsh contains the following;

printf "$2\n$3\n$4\n" | /usr/bin/sudo /usr/bin/smbpasswd $1

Any help, please?


RE: CGI shell script using bash


I strongly encourage you to forget this idea. If you not know how CGI works, is dangerous to write one in shell script.

Anyway, neither your HTML is correct. Your form has no input, so even if you manage to submit it, the CGI script will receive nothing.

The CGI scripts receive the submitted data according to the method :
  • GET parameters in the QUERY_STRING environment variable
  • POST data on the standard input
So $1 and similar variables are not set. You have to split up the data and decode as necessary.

Beside that, there is no sign that the username will be retrieved from anywhere to pass it to smbpasswd.

Better take a look at the CGI Perl module. It will save you from some work and your system from some possible vulnerabilities.


RE: CGI shell script using bash


I would tend to agree with Feherke's warning about using shell scripts for CGI, but in the interest of figuring things out [and taking note of what feherke says about POST], I believe what you need is to "read" the data you are looking for from standard input.

Something like this:


read Username
read Old_pswd
read New_pswd
read Confirm_pswd
printf "$Old_pswd\n$New_pswd\n$Confirm_pswd\n" | /usr/bin/sudo /usr/bin/smbpasswd $Username

Code what you mean,
and mean what you code!
But by all means post your code!


RE: CGI shell script using bash


Razalas, the truth is more complicated. For example a form like this :

CODE --> HTML ( fragment )

<form action="sam_chg.bsh" method="post">
<input type="text" name="user" value="joe">
<input type="password" name="pass" value="v3ry s&cr∑t">
<input type="submit">
Will be submitted like this :

CODE --> POST data ( application/x-www-form-urlencoded )

See ? Name-value pairs separated by equal signs ( = ), enumerated separated with ampersand ( & ). And all data urlencoded.

If you specify multipart/form-data in the form's enctype attribute, the data format changes :

CODE --> POST data ( multipart/form-data )

Content-Disposition: form-data; name="user"

Content-Disposition: form-data; name="pass"

v3ry s&cr&#8721;t
Less encoding, but uglier structure. I prefer the first one. With some processing is easy to populate an array with the data :

CODE --> Bash 4

IFS='&;' read -r -a data

declare -A post

for one in "${data[@]}"; do
  IFS='=' read -r key val <<< "$one"
  val="${val//+/ }"
  printf -v val '%b' "${val//%/\\x}"
  post["${key//+/ }"]="$val"
The weak point is the character encoding. You can use recode or iconv, but I had no constant luck with them. Using UTF-8 is more stable.

Then you can reach the data like this :

CODE --> Bash

printf '%s\n%s\n%s\n' "${post[pass]}" "${post[pass]}" "${post[pass]}" | /usr/bin/sudo /usr/bin/smbpasswd "${post[user]}"
( Of course, you will add more fields for the old password's two copies and will use their appropriate names. But pass them as arguments, do not include them in the format string. Otherwise having a percent sign ( % ) in the password will make the parsing to fail. )


RE: CGI shell script using bash


Forgot to mention another weakness of the above data manipulation : as Bash is unable to handle multidimensional arrays, it is not possible to simply and reliably handle multiple values submitted for the same field name. A relative simple workaround would imply the use of eval, the ugly builtin I was able to happily avoid since Bash 4 introduced associative arrays.


RE: CGI shell script using bash


thanks for the informative reply.  Catch a star!

Code what you mean,
and mean what you code!
But by all means post your code!


Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close