CPU(Change Password Utility)

# cd /usr/local/src/

# wget http://downloads.sourceforge.net/project/cpu/cpu/cpu-1.4.3/cpu-1.4.3.tar.gz?r=http%3A%2F%2Fcpu.sourceforge.net%2F&ts=1360648713&use_mirror=jaist

# tar zxvf cpu-1.4.3.tar.gz
# cd /usr/local/src/cpu-1.4.3/src/plugins/ldap

# vi commandline.c

86번째 줄

/*  (int) passent->sp_lstchg = passent->sp_min = passent->sp_max = -10;*/
passent->sp_lstchg = (int) (passent->sp_min = passent->sp_max = -10);

 

 

# vi ld.c

759번째 줄

getlGid (LDAP * ld, char *groupn)
{
char **gid_ = NULL;
...
...
/*      gid = ldap_get_values (ld, pos, gid)[0];
      if (gid != NULL)
        return atoi (gid);
*/
        gid_ = ldap_get_values (ld, pos, gid);
        if (gid_ != NULL && gid_[0] != NULL)
        return atoi (gid_[0]);
...
...
}

 

 

# cd /usr/local/src/cpu-1.4.3

# ./configure && make && make install

# vi /usr/local/etc/cpu.conf

[GLOBAL]
DEFAULT_METHOD  = ldap
CRACKLIB_DICTIONARY = /usr/lib/cracklib_dict

[LDAP]
LDAP_HOST       = 192.168.45.128 192.168.45.129
LDAP_PORT       = 389
# Can also use LDAP_URI = ldaps://localhost:389 for TLS support
BIND_DN         = cn=Manager,dc=kobic,dc=kr
BIND_PASS       = ldapadmin
USER_BASE       = ou=People,dc=kobic,dc=kr
# replace account with inetOrgPerson if you want first or last name
GROUP_BASE      = ou=Group,dc=kobic,dc=kr
USER_OBJECT_CLASS       = account,posixAccount,shadowAccount,top
GROUP_OBJECT_CLASS      = posixGroup,top
USER_FILTER     = (objectClass=posixAccount)
GROUP_FILTER    = (objectClass=posixGroup)
USER_CN_STRING  = uid
GROUP_CN_STRING = cn
SKEL_DIR        = /etc/skel
DEFAULT_SHELL   = /bin/bash
HOME_DIRECTORY  = /home
MAX_UIDNUMBER = 10000
MIN_UIDNUMBER = 1100
MAX_GIDNUMBER = 10000
MIN_GIDNUMBER = 1100
ID_MAX_PASSES = 1000
USERGROUPS = yes
USERS_GID = 100
RANDOM = "false"
PASSWORD_FILE = "/etc/passfile"
SHADOW_FILE = "/etc/shadowfile"
HASH = "crypt"
#ADD_SCRIPT = "contrib/postaddscript.sh"
#DEL_SCRIPT = "foo"
SHADOWLASTCHANGE        = 11192
SHADOWMAX               = 99999
SHADOWWARING            = 7
SHADOWEXPIRE            = -1
SHADOWFLAG              = 134538308
SHADOWMIN               = -1
SHADOWINACTIVE          = -1

[PASSWD]
# Broken
GROUP   =       1000
HOME    =       /home
INACTIVE =      -1
#EXPIRE =
SHELL   =       /bin/bash
SKEL    =       /etc/skel
COMMENT =       "Default Gecos"
PASSWORD =      /etc/passwd
SHADOW  =       /etc/shadow