#!/bin/sh
#
# /usr/local/bin/localresetpasswd
# Copyright 2006 Jonas Smedegaard <dr@jones.dk>
#
# $Id: localresetpasswd,v 1.1 2006-08-31 22:51:03 jonas Exp $
#
# Generate random passphrase and apply to account through sudo
#
# TODO: Check for bad arguments
# TODO: Use getopts to offer help
# TODO: Support overriding options in /etc/local file
#

set -eu

# these are overridable as environment variables
PHRASE_LENGTH=${PHRASE_LENGTH:-3}
WORD_LENGTH=${WORD_LENGTH:-11}
VERBOSE=${VERBOSE:-yes}
SIMULATE=${SIMULATE:-}

simulate=${SIMULATE:+true}

# echo something, but only if in verbose mode
vecho() {
	test -n "$VERBOSE" && echo "$@" >&2
}

randompass() {
	xkcdpass -n "$PHRASE_LENGTH" 2>&- ||
	gpw 1 "$WORD_LENGTH" 2>&- ||
	pwgen "$WORD_LENGTH" 1 2>&- ||
	tr -d '\000-\057\072-\100\133-\140\173-\377' < /dev/urandom |
		dd bs="$WORD_LENGTH" count=1 status=none
}

u=$1
shift

vecho -n "Generating random passphrase..."
pass=$(randompass)
vecho " Done!"

sudo=sudo
[ "$(id -u)" -ne 0 ] || sudo=

vecho -n "Applying new passphrase to account $u..."
echo "$u:$pass" | $simulate $sudo "/usr/sbin/chpasswd"
vecho "  Done!"

$simulate localresetpasswdexpiry "$u"

vecho "New passphrase is $pass"