200 lines
6.7 KiB
XML
200 lines
6.7 KiB
XML
|
<?xml version="1.0" encoding="UTF-8"?>
|
||
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
|
||
|
|
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
|
||
|
|
<refentry id='shadow.3'>
|
||
|
|
<!-- $Id: shadow.3.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
|
||
|
|
<refmeta>
|
||
|
|
<refentrytitle>shadow</refentrytitle>
|
||
|
|
<manvolnum>3</manvolnum>
|
||
|
|
</refmeta>
|
||
|
|
<refnamediv id='name'>
|
||
|
|
<refname>shadow</refname>
|
||
|
|
<refpurpose>encrypted password file routines</refpurpose>
|
||
|
|
</refnamediv>
|
||
|
|
|
||
|
|
<refsect1 id='syntax'>
|
||
|
|
<title>SYNTAX</title>
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>#include <shadow.h></emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>struct spwd *getspent();</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>struct spwd *getspnam(char</emphasis>
|
||
|
|
<emphasis remap='I'>*name</emphasis><emphasis remap='B'>);</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>void setspent();</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>void endspent();</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>struct spwd *fgetspent(FILE</emphasis>
|
||
|
|
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>struct spwd *sgetspent(char</emphasis>
|
||
|
|
<emphasis remap='I'>*cp</emphasis><emphasis remap='B'>);</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>int putspent(struct spwd</emphasis>
|
||
|
|
<emphasis remap='I'>*p,</emphasis>
|
||
|
|
<emphasis remap='B'>FILE</emphasis>
|
||
|
|
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>int lckpwdf();</emphasis>
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>int ulckpwdf();</emphasis>
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='description'>
|
||
|
|
<title>DESCRIPTION</title>
|
||
|
|
<para>
|
||
|
|
<emphasis remap='I'>shadow</emphasis>
|
||
|
|
manipulates the contents of the shadow password file,
|
||
|
|
<filename>/etc/shadow</filename>.
|
||
|
|
The structure in the <emphasis remap='I'>#include</emphasis> file
|
||
|
|
is
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>struct spwd {
|
||
|
|
<!-- .in +.5i -->
|
||
|
|
<!-- .br -->
|
||
|
|
char *sp_namp; /* user login name */
|
||
|
|
<!-- .br -->
|
||
|
|
char *sp_pwdp; /* encrypted password */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_lstchg; /* last password change */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_min; /* days until change allowed. */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_max; /* days before change required */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_warn; /* days warning for expiration */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_inact; /* days before account inactive */
|
||
|
|
<!-- .br -->
|
||
|
|
long int sp_expire; /* date when account expires */
|
||
|
|
<!-- .br -->
|
||
|
|
unsigned long int sp_flag; /* reserved for future use */
|
||
|
|
<!-- .br -->
|
||
|
|
<!-- .in \-.5i -->
|
||
|
|
}
|
||
|
|
</para>
|
||
|
|
|
||
|
|
<para>The meanings of each field are</para>
|
||
|
|
|
||
|
|
<para>sp_namp - pointer to null-terminated user name.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_pwdp - pointer to null-terminated password.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_lstchg - days since Jan 1, 1970 password was last changed.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_min - days before which password may not be changed.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_max - days after which password must be changed.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_warn - days before password is to expire that user is warned
|
||
|
|
of pending password expiration.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_inact - days after password expires that account is considered
|
||
|
|
inactive and disabled.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_expire - days since Jan 1, 1970 when account will be disabled.
|
||
|
|
<!-- .br -->
|
||
|
|
sp_flag - reserved for future use.
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='description2'>
|
||
|
|
<title>DESCRIPTION</title>
|
||
|
|
<para>
|
||
|
|
<emphasis remap='B'>getspent</emphasis>, <emphasis
|
||
|
|
remap='B'>getspname</emphasis> <emphasis
|
||
|
|
remap='B'>fgetspent</emphasis>, and <emphasis
|
||
|
|
remap='B'>sgetspent</emphasis> each return a pointer to a <emphasis
|
||
|
|
remap='B'>struct spwd</emphasis>. <emphasis
|
||
|
|
remap='B'>getspent</emphasis> returns the next entry from the file,
|
||
|
|
and <emphasis remap='B'>fgetspent</emphasis> returns the next entry
|
||
|
|
from the given stream, which is assumed to be a file of the proper
|
||
|
|
format. <emphasis remap='B'>sgetspent</emphasis> returns a pointer to
|
||
|
|
a <emphasis remap='B'>struct spwd</emphasis> using the provided string
|
||
|
|
as input. <emphasis remap='B'>getspnam</emphasis> searches from the
|
||
|
|
current position in the file for an entry matching <emphasis
|
||
|
|
remap='B'>name</emphasis>.
|
||
|
|
</para>
|
||
|
|
<para><emphasis remap='B'>setspent</emphasis> and <emphasis
|
||
|
|
remap='B'>endspent</emphasis> may be used to begin and end,
|
||
|
|
respectively, access to the shadow password file.
|
||
|
|
</para>
|
||
|
|
<para>The <emphasis remap='B'>lckpwdf</emphasis> and <emphasis
|
||
|
|
remap='B'>ulckpwdf</emphasis> routines should be used to insure
|
||
|
|
exclusive access to the <filename>/etc/shadow</filename> file.
|
||
|
|
<emphasis remap='B'>lckpwdf</emphasis> attempts to acquire a lock
|
||
|
|
using <emphasis remap='B'>pw_lock</emphasis> for up to 15 seconds. It
|
||
|
|
continues by attempting to acquire a second lock using <emphasis
|
||
|
|
remap='B'>spw_lock</emphasis> for the remainder of the initial 15
|
||
|
|
seconds. Should either attempt fail after a total of 15 seconds,
|
||
|
|
<emphasis remap='B'>lckpwdf</emphasis> returns -1. When both locks are
|
||
|
|
acquired 0 is returned.
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='diagnostics'>
|
||
|
|
<title>DIAGNOSTICS</title>
|
||
|
|
<para>Routines return NULL if no more entries are available or if an
|
||
|
|
error occurs during processing. Routines which have <emphasis
|
||
|
|
remap='B'>int</emphasis> as the return value return 0 for success and
|
||
|
|
-1 for failure.
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='caveats'>
|
||
|
|
<title>CAVEATS</title>
|
||
|
|
<para>These routines may only be used by the super user as access to the
|
||
|
|
shadow password file is restricted.
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='files'>
|
||
|
|
<title>FILES</title>
|
||
|
|
<variablelist>
|
||
|
|
<varlistentry>
|
||
|
|
<term><filename>/etc/shadow</filename></term>
|
||
|
|
<listitem>secure user account information</listitem>
|
||
|
|
</varlistentry>
|
||
|
|
</variablelist>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='see_also'>
|
||
|
|
<title>SEE ALSO</title>
|
||
|
|
<para>
|
||
|
|
<citerefentry>
|
||
|
|
<refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum>
|
||
|
|
</citerefentry>,
|
||
|
|
<citerefentry>
|
||
|
|
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
|
||
|
|
</citerefentry>
|
||
|
|
</para>
|
||
|
|
</refsect1>
|
||
|
|
|
||
|
|
<refsect1 id='author'>
|
||
|
|
<title>AUTHOR</title>
|
||
|
|
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
|
||
|
|
</refsect1>
|
||
|
|
</refentry>
|