I need to be able to change the users' password through a web page (in a controlled environment). So, for that, I'm using this code:

<?php
$output = shell_exec("sudo -u dummy passwd testUser testUserPassword");
$output2 = shell_exec("dummyPassword");
echo $output;
echo $output2;
echo "done";
?>

My problem is that this script is not changing the password for the user "testUser". What am I doing wrong?

Thanks

Another option is to have a shell script, say called passwd_change.sh somewhere that looks like this:

#!/usr/bin/expect -f
set username [lindex $argv 0]
set password [lindex $argv 1]

spawn passwd $username
expect "(current) UNIX password: " 
send "$password\r"
expect "Enter new UNIX password: "
send "$password\r"
expect "Retype new UNIX password: "
send "$password\r"
expect eof

Then in your php code do:

<?php
shell_exec("sudo -u root /path/to/passwd_change.sh testUser testUserPass");
?>

I'm not familiar enough with PHP to tell you how to fix it, but your problem is that the two shell_exec commands are entirely separate. It appears as though you're trying to use the second command to pipe input to the first one, but that's not possible. The first command shouldn't return until after that process has executed, when you run the second one it will attempt to run the program dummyPassword, which we can probably expect to fail.

Use chpasswd:

$tmpfname = tempnam('/tmp/', 'chpasswd');
$handle = fopen($tmpfname, "w");
fwrite($handle, "$username:".crypt($password)."\n");
fclose($handle);
shell_exec("sudo sh -c \"chpasswd -e < $tmpfname\"");

Beware! If somebody will get control on $username then he can change any password on a system.

Use proc_open, which will let you interact with the process's stdin.

See this comment in particular at the manual: http://www.php.net/manual/en/function.proc-open.php#58044

The first response is correct. You probably want to use popen() or some other function that will return a pipe, which you can write to just like a file opened with fopen() or file().

<?php
$pipe = popen("sudo -u dummy passwd testUser testUserPassword", 'r');
fwrite($pipe, "dummyPasswd\r\n");
pclose($pipe);
echo "done";
?>

I haven't tested that, but it's the general idea of what you seem to be going for. You'll notice that this setup doesn't provide for the output from the commands you executed. For that, you'll need to use proc_open() which is a little harder to work with but does provide bi-directional support.

You should use the crypt() function to encrypt the password. Then you can call the usermod program like this usermod --password username encryptedpassword.

The most common way to encrypt a UNIX login password is like this:

crypt('password', '$1$salt1234$')

(Where salt1234 is an eight letter salt)

An easy I know and which works (at least for Debian 4.0r5) is:

#!/bin/bash

USER="root"
NEWPASS="bullsheit123"

echo $USER:$NEWPASS | chpasswd
echo $?

Just adapt this to the php script and it should work fine.

I it is way too late but this is for people still searching answer. This is what we use. Extremely simple.

    file_put_contents("passd", "$pass\n$pass\n");
    echo "$uname: $pass\n";
    `passwd $uname --stdin < passd`;
    `rm -rf passd`;

I prefer using 2 separate processes: http://sylnsr.blogspot.com/2012/09/keep-unix-password-in-sync-with.html