UNIX Password, Roles & Node Management: Receiver Details

Receiver Details, the receiver, is a node-side run application that attempts to safely and correctly update the work file triplet: .passwd, .shadow, and .sudoers.

It is not meant to be run manually except in debugging or testing cases.

It was written to be as simple as possible, with as few moving parts and outside dependancies (because they might break in odd ways). It is a perl script, however, so you must have perl5 installed in a consistant place on the target nodes.

It's usage is very simple. There are no options, only file arguments:

  # ./ passwd_work_file shadow_work_file sudoers_work_file digest_file


The newly generated /etc/passwd file for this node. It's usually named nodename.passwd.

The newly generated /etc/shadow file for this node. It's usually named nodename.shadow.

The newly generated /etc/sudoers file for this node. It's usually named nodename.sudoers.

This is a file that contains MD5 checksums for each file available.

All arguments are required. If any of the files do not exist, or if they cannot be read, then exits with a non-zero status.

Each file has it's checksum compared with that of the checksum in the digest work file. To accomplish this, has an inline copy of Digest::Perl::MD5 (version 1.16) - the target node may not have a md5sum binary installed (or installed in some non-standard place), and it may not have the the Digest::MD5 manpage perl module installed. If the checksums do not match, then the file is considered invalid, and exits with a non-zero status.

The work files are not backed up before they are overwritten. Instead, they are pulled from disk into memory with a read-update filehandle (a la open(FH, '+<')) and stored in a scalar. The read-update filehandle is not closed. From this point on, any abnormal exits trigger a rollback of all work files, which essentially consists of dumping the original contents from memory back to disk on the already open filehandle and flushing. These hoops are nessecary to prevent us from not being able to re-open the /etc files if the passwd user database becomes corrupted.

The new files are then copied ontop the original files on disk, and the checksums of the newly copied files are compared again. If the digest doesn't match, then a rollback is initiated.

Once checks all three newly copied files, the read-update handles are closed and the work files are removed, and exits with zero status.

See Also

the Covad::Pwman manpage, passwd(4), shadow(4)


Jon Gilbert <>


$Id: pwman_docs_rcvr.pod,v 1.1 2005/10/20 07:48:31 jgilbertsjc Exp $ Logo