[p4] Perforce passwords

Ken.Williams at thomson.com Ken.Williams at thomson.com
Thu Nov 16 11:36:53 PST 2006


Oh, then you've got an older server that doesn't support login tickets.
I'd recommend upgrading if at all possible.

 -Ken 

> -----Original Message-----
> From: perforce-user-bounces at perforce.com 
> [mailto:perforce-user-bounces at perforce.com] On Behalf Of 
> Mohsin Saleem Khan
> Sent: Thursday, November 16, 2006 12:10 AM
> To: Russell C. Jackson
> Cc: perforce-user-bounces at perforce.com; perforce-user at perforce.com
> Subject: Re: [p4] Perforce passwords
> 
> I do not find p4 login, I tried p4 help login and no result. 
> I guess p4 
> passwd is used to change the password, with -P option you can 
> provide new 
> password
> 
> Regards
> 
> Mohsin Saleem Khan
> 
> 
> 
> 
> 
> 
> "Russell C. Jackson" <rusty at rcjacksonconsulting.com> 
> Sent by: perforce-user-bounces at perforce.com
> 11/16/2006 10:36 AM
> 
> To
> David Alban <dalban at stubhub.com>
> cc
> perforce-user at perforce.com
> Subject
> Re: [p4] Perforce passwords
> 
> 
> 
> 
> 
> 
> You can pass the password on the command line with p4 -P password, or 
> you can run p4 login and enter your password. The login ticket will 
> remain valid for the longest length of time the Timeout value 
> is set to 
> in any group that you belong to. If you put the super user in 
> it's own 
> group and set the timeout to 0, the login ticket will remain valid 
> forever, and you will never have to enter the password again on that 
> machine.
> 
> Thanks,
> Rusty
> 
> --------------------------------------------------
> RCJackson Consulting
> Perforce Consulting Partner and Certified Trainer
> --------------------------------------------------
> rusty at rcjacksonconsulting.com
> http://www.rcjacksonconsulting.com
> tel:      479-696-9710
> fax:      479-967-0963
> mobile:   479-747-3845
> --------------------------------------------------
> 
> 
> 
> 
> David Alban wrote:
> > Greetings,
> >
> > As soon as I realized that user foo could log into perforce 
> as user bar
> > and vice versa, of course I wanted perforce passwords to be used.
> > Especially for any perforce user who has super rights.
> >
> > As soon as I set a password for user perforce, I could no 
> longer execute
> > p4 commands from the command line without getting the complaint:
> >
> >     Perforce password (P4PASSWD) invalid or unset.
> >
> > I figured out that user perforce could indeed execute 
> command lines if
> > its password was in the environment.
> >
> > Yet I didn't want to execute this on the command line:
> >
> >   export P4PASSWD=somepasswd
> >
> > because I didn't want the password to show up in my 
> .bash_history file.
> > So now when I want to run a command from the command line, I put the
> > following in a file:
> >
> >   export P4PASSWD=somepasswd
> >   p4 some command ...
> >
> > I then execute the file and subsequently delete it.
> >
> > Can perforce be directed to prompt me for a password on the command
> > line?  Or be made to look for it on stdin?  gpg, for 
> example, has the
> > option:
> >
> >      --passphrase-fd n       Read the passphrase from file 
> descriptor n.
> >
> > If you specify "--passphrase-fd 0" gpg will look for the 
> passphrase on
> > stdin.
> >
> > I'm looking for a way to do command line commands without having the
> > password show up in a command history, in the process table, or in a
> > file.
> >
> > Also, now my p4d init script can no longer stop p4d because 
> of the same
> > issue.  I was simply calling p4 admin stop.  It seems my options are
> > now:
> >
> > 1.  Include an "export P4PASSWD=..." line in the init 
> script before the
> >     call to p4 admin stop
> >
> > 2.  Write a script, say "p4-admin-stop" (below) and have 
> the init script
> >     call it when it wants to stop the perforce server.
> >
> >   #!/bin/bash
> >
> >   # THIS FILE NEEDS *NOT* TO BE READABLE BY ANY USERS 
> UNLESS THEY SHOULD
> >   # KNOW THE PERFORCE USER PASSWORD, WHICH IS BELOW!
> >
> >   export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
> >
> >   server_user=perforce
> >   server_user_passwd=somepasswd
> >
> >   [[ $( id -un ) !=  "$server_user" ]] && {
> >     echo 1>&2 "${0##*/}: must be user '$server_user' to run $0"
> >     exit 255
> >   }
> >
> >   export P4PASSWD="$server_user_passwd"
> >   p4 admin stop
> >
> > (The init script would su to perforce before it would run this.)
> >
> > If p4 had some kind of --passwd-fd or similar option (maybe even a
> > --get-pw-from-file option?), I could at least prompt the 
> user for the
> > password if the init script was run interactively.
> >
> > How do other folks deal with this?  I really am squeamish 
> about having
> > the password of a perforce user that has super writes in a command
> > history file, in a script, or in the process table.
> >
> > Is my understanding of the way passwords work correct?
> >
> > Thanks,
> > David
> > 
> _______________________________________________
> perforce-user mailing list  -  perforce-user at perforce.com
> http://maillist.perforce.com/mailman/listinfo/perforce-user
> 
> _______________________________________________
> perforce-user mailing list  -  perforce-user at perforce.com
> http://maillist.perforce.com/mailman/listinfo/perforce-user
> 




More information about the perforce-user mailing list