hi, i want to set the password of the solaris users from web. here is the script i m using but its gives error of permission denied. i m not executing this script as root. is there any other way to make this possible to set password of new users. here is the script #!/usr/local/src/expect-5.38/expect -- # This is a CGI script to process requests created by the accompanying # passwd.html form. This script is pretty basic, although it is # reasonably robust. (Purposely intent users can make the script bomb # by mocking up their own HTML form, however they can't expose or steal # passwords or otherwise open any security holes.) This script doesn't # need any special permissions. The usual (ownership nobody) is fine. # # Don Libes, NIST # Modified virtually beyond all recognition by # Jim Levie (jim@entrophy-free.net) to work properly under Solaris or Linux. puts "Content-type: text/html\n" ;# note extra newline puts " Passwd Change Acknowledgment Passwd Change Acknowledgment " proc cgi2ascii {buf} { regsub -all {\+} $buf { } buf regsub -all {([\\["$])} $buf {\\\1} buf regsub -all -nocase "%0d%0a" $buf "\n" buf regsub -all -nocase {%([a-f0-9][a-f0-9])} $buf {[format %c 0x\1]} buf eval return \"$buf\" } foreach pair [split [read stdin $env(CONTENT_LENGTH)] &] { regexp (.*)=(.*) $pair dummy varname val set val [cgi2ascii $val] set var($varname) $val } # Need to su first to get around passwd's requirement that passwd cannot # be run by a totally unrelated user. Seems rather pointless since it's # so easy to satisfy, eh? # # Solaris 2.6 & later needs the -r option to specify which # password service (files, nis, nisplus) see man passwd. Linux # has passwd in a different location and doesn't need the # service specification. (Note that I no longer have anything # earlier than 2.6 to test with, you've been warned... there be # dragons here). # # BIG NOTE!!! Linux has to have the "sleep 1" between each of # the "expect/send" pairs. It puts out the prompt before it's actually # ready to take input. You can comment them out for Solaris, but # it doesn't hurt for them to be there and might be a plus # busy server. (there be really big dragons here...) # # Change as appropriate to reflect where your passwd executable is # # spawn passwd $var(name) expect "New password:" send "$var(new1)\r" expect "Re-enter new password:" send "$var(new2)\r" close wait

The comments within your script example make it clear that this script either needs to be executed by a priviledged user or with the set UID bit set. A non priviledged user is not allowed to change the password of a different user.