PAM Pasword change web form

This is a small web form to change your password using PAM. Useful if you have a system contain many Unix-illiterate users (for imap mail, etc) who can't be bother to log in to the box using ssh to change their password.

Download pamwebpass.tar.gz.
Get the Authen::PAM module from CPAN, if you don't have it yet. Make and install it. (If you get configure errors during compilation of Authen::PAM, you need to install the pam-devel RPM.
Untar pamwebpass.tar.gz into /usr/local/bin
Make sure your /usr/bin/suidperl has the set-uid bit set (some distributions, such as SuSE, install suidperl without it, out of a false sense of security)
On your website, put a CGI script that calls chpass:
```
#!/bin/sh

exec /usr/local/bin/chpass.cgi "$@"
```
Note: You cannot put chpass directly into your web space, as chpass' setuid bit and root ownership may interfere with Apache's suexec facility.
Put pam configuration file into place into /etc/pam.d/webpass password required pam_warn.so password required pam_pwcheck.so use_cracklib password required pam_unix2.so use_first_pass You may also put in any additional pam modules, such as pam_smbpass, in order to have all passwords (both Unix and Samba) changed at once. You get the full flexibility of PAM.

Last modified: Sat Apr 5 09:14:10 CEST 2003