I'm doing the same thing myself, but strictly with file reads and prints, no DBI anywhere, which looks quite alot like what you have.
My system reads the entire passwd file into @passwd, the splits it into $line and @new_passwd (all lines minus the user we want to change). I parse the whole line into individual variables, then rebuild it with the new password and append it to @new_passwd. Then the file is rebuild and swapped into the place of the original...
this looks something like:
#####
#read passwd into @pwfile
####
foreach (@pwfile) {
if (/^$old_userid:.*/) {
$line = $_;
}else{
push(@new_pwfile, $_);
}
}
($userid, $passwd, $uid, $gid, $gcos, $name, $home, $shell) = split(':
+', $line);
$new_line = join(':', $login, $new_passwd, $uid, $gid, $gcos, $home, $
+shell);
push(@new_pwfile, $new_line);
#####
#write @new_pwfile to file, swap into place
#####