Run commands after password change @ login?

Latest response

RHEL 5.11

I have a situation where our users change their passwords at login, and all user management is done from a sudoer account, which creates users, assigns temporary passwords, and resets passwords as needed... but we also use Symantec Drive Encryption (pgpwde) which is a requirement. Thing is, pgpwde doesn't sync passwords automatically, and does not feature single sign-on for Linux. Because of this, the only way to sync passswords between the two programs is manually.

I firmly believe it's not possible to sync the two passwords via command, due to the fact the passwd is masked, and plain text passwords are not an option.

Yet, here I am, posing this question in hopes I either receive a solution, or confirmation of my assumptions.. So, is there a way for a user to change their password, and have that new password piped in to the next command where the password for their encryption account is changed?

Thanks in advance.

Responses

I'm afraid this is indeed impossible using the standard tools.. However, the password change could made by a custom script that would ask for a new password and change it on behalf of the user.. (passwd(1), for one, doesn't have to be run interactively.)