This is the README for fiddlepass.sh [Download] [Browse] [Up]
DATE: 18 Oct 1996 CONTACT: Timothy J. Luoma EMAIL: luomat@nerc.com PURPOSE (For standalone NeXTs): NOTE: this script requires root access. It should NOT be installed SETUID root, but it does use 'asroot' in its present form. Other possible workarounds (ie those which do not use 'asroot') are possible, but are left to the user as an exercise (as my old CS prof used to say). The 'fiddlepass' script is a way to automatically manipulate your password. The script takes THREE arguments: `off' `on' `confirm' `off' will remove your password (and save it, encrypted, in a file) `on' will replace your password back into the NetInfo directory `confirm' will check to see whether or not you have a password. Why would you want to do this? I don't know why _you_ would want to do this, maybe you wouldn't. However, I use it with my standalone NeXT to automatically log myself in after a reboot and then restore my password. How do I do that? Well, I call 'fiddlepass off' in /etc/rc.local, and I call 'fiddlepass on' in a script which is executed via the Workspace.app's dwrite "LaunchPaths". I have set root's loginwindow DefaultUser to match my login name (which means that if my account does not have a password at startup, I will automatically be logged in, as with the `me' account after the first installation). Now it is slightly more complex than that, you will have to edit the sh script 'fiddlepass' (a few lines, clearly marked, at the beginning of the script). HISTORY: I am not worried about my computer's security at home. Only my wife and I have access to the machine. Frequently I reboot the machine right before I go to bed, to clear out the swapfile. However, I like to be logged in when first wake up, so I can start PPP and get my mail. The problem is that I either have to wait for the reboot to finish and log myself back in, or I have to login in the morning. I thought about removing my password and just using the (as root:) dwrite loginwindow DefaultUser luomat which would automatically log me in, BUT 1) I didn't like the idea of no password when I have PPP running, even with Dynamic IP addresses 2) I didn't like that I couldn't logout and login as another user (Scott Hess, I think, pointed out that you can override the auto-login by holding down the left mouse button, but I didn't know that until I was just about done with this script. With this method, I can logout as normal because my password exists, and so I will not be automatically logged back in So I wrote this script to dump the NetInfo database stuff, replace my entry with an identical entry that lacked the password, and voila! Well, not voila, until Luke Howard told me how to tell the computer to look for changes in the NetInfo database (see below, ACKS). WARNINGS, BUGS, ETC Of course, you use this at your own risk, entirely. If someone modifies the netinfo database while this script is running, weird things might happen. If some part of your login information changes (ie shell) after you turn off your password and before you turn it on, the old information will be replaced. If something goes wrong, you might end up without a password (ie the password file is deleted, unreadable, etc etc etc). Probably more stuff I haven't found yet, but I can't think of anything. Turning off your password is inherently dangerous, even if just for a few moments. I suggest it only for those who are using a NeXT that is not part of a network, or those who are not able to control who has access to your machine. Remember, anyone can reboot the machine and then be logged into your account. For those of you who can deal with the above, it is a nice little trick, especially when 'fsck' runs after a crash (you'll be logged in whenever it is finished). This would be especially cool with NeXTs which can power themselves on at a certain time. Think about it, you arrive home from a long day at work just in time to find your NeXT sitting nice and ready for you to use it. CHANGES: 1.2.0 -- added functionality to test for the existence of a password via the argument 'confirm' ACKNOWLEDGEMENTS: Thanks to Luke Howard <lukeh@xedoc.com.au> for telling me that kill -HUP <lookupd pid> would tell it to re-read the netinfo data. Without that, this script was worthless. FUTURE: No plans at the present. Feel free to suggest improvements, changes, etc.
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Netfuture.ch.