|
Packit |
7cfc04 |
.\" Copyright (c) 2003 Andries Brouwer (aeb@cwi.nl) and
|
|
Packit |
7cfc04 |
.\" Walter Harms (walter.harms@informatik.uni-oldenburg.de)
|
|
Packit |
7cfc04 |
.\"
|
|
Packit |
7cfc04 |
.\" %%%LICENSE_START(GPL_NOVERSION_ONELINE)
|
|
Packit |
7cfc04 |
.\" Distributed under GPL
|
|
Packit |
7cfc04 |
.\" %%%LICENSE_END
|
|
Packit |
7cfc04 |
.\"
|
|
Packit |
7cfc04 |
.TH GETSPNAM 3 2017-09-15 "GNU" "Linux Programmer's Manual"
|
|
Packit |
7cfc04 |
.SH NAME
|
|
Packit |
7cfc04 |
getspnam, getspnam_r, getspent, getspent_r, setspent, endspent,
|
|
Packit |
7cfc04 |
fgetspent, fgetspent_r, sgetspent, sgetspent_r, putspent,
|
|
Packit |
7cfc04 |
lckpwdf, ulckpwdf \- get shadow password file entry
|
|
Packit |
7cfc04 |
.SH SYNOPSIS
|
|
Packit |
7cfc04 |
.nf
|
|
Packit |
7cfc04 |
/* General shadow password file API */
|
|
Packit |
7cfc04 |
.B #include <shadow.h>
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "struct spwd *getspnam(const char *" name );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.B struct spwd *getspent(void);
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.B void setspent(void);
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.B void endspent(void);
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "struct spwd *fgetspent(FILE *" stream );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "struct spwd *sgetspent(const char *" s );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "int putspent(const struct spwd *" p ", FILE *" stream );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.B int lckpwdf(void);
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.B int ulckpwdf(void);
|
|
Packit |
7cfc04 |
|
|
Packit |
7cfc04 |
/* GNU extension */
|
|
Packit |
7cfc04 |
.B #include <shadow.h>
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "int getspent_r(struct spwd *" spbuf ,
|
|
Packit |
7cfc04 |
.BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "int getspnam_r(const char *" name ", struct spwd *" spbuf ,
|
|
Packit |
7cfc04 |
.BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "int fgetspent_r(FILE *" stream ", struct spwd *" spbuf ,
|
|
Packit |
7cfc04 |
.BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.BI "int sgetspent_r(const char *" s ", struct spwd *" spbuf ,
|
|
Packit |
7cfc04 |
.BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
|
|
Packit |
7cfc04 |
.fi
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.in -4n
|
|
Packit |
7cfc04 |
Feature Test Macro Requirements for glibc (see
|
|
Packit |
7cfc04 |
.BR feature_test_macros (7)):
|
|
Packit |
7cfc04 |
.in
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.ad l
|
|
Packit |
7cfc04 |
.BR getspent_r (),
|
|
Packit |
7cfc04 |
.BR getspnam_r (),
|
|
Packit |
7cfc04 |
.BR fgetspent_r (),
|
|
Packit |
7cfc04 |
.BR sgetspent_r ():
|
|
Packit |
7cfc04 |
Since glibc 2.19:
|
|
Packit |
7cfc04 |
_DEFAULT_SOURCE
|
|
Packit |
7cfc04 |
Glibc 2.19 and earlier:
|
|
Packit |
7cfc04 |
_BSD_SOURCE || _SVID_SOURCE
|
|
Packit |
7cfc04 |
.ad b
|
|
Packit |
7cfc04 |
.SH DESCRIPTION
|
|
Packit |
7cfc04 |
Long ago it was considered safe to have encrypted passwords openly
|
|
Packit |
7cfc04 |
visible in the password file.
|
|
Packit |
7cfc04 |
When computers got faster and people
|
|
Packit |
7cfc04 |
got more security-conscious, this was no longer acceptable.
|
|
Packit |
7cfc04 |
Julianne Frances Haugh implemented the shadow password suite
|
|
Packit |
7cfc04 |
that keeps the encrypted passwords in
|
|
Packit |
7cfc04 |
the shadow password database
|
|
Packit |
7cfc04 |
(e.g., the local shadow password file
|
|
Packit |
7cfc04 |
.IR /etc/shadow ,
|
|
Packit |
7cfc04 |
NIS, and LDAP),
|
|
Packit |
7cfc04 |
readable only by root.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The functions described below resemble those for
|
|
Packit |
7cfc04 |
the traditional password database
|
|
Packit |
7cfc04 |
(e.g., see
|
|
Packit |
7cfc04 |
.BR getpwnam (3)
|
|
Packit |
7cfc04 |
and
|
|
Packit |
7cfc04 |
.BR getpwent (3)).
|
|
Packit |
7cfc04 |
.\" FIXME . I've commented out the following for the
|
|
Packit |
7cfc04 |
.\" moment. The relationship between PAM and nsswitch.conf needs
|
|
Packit |
7cfc04 |
.\" to be clearly documented in one place, which is pointed to by
|
|
Packit |
7cfc04 |
.\" the pages for the user, group, and shadow password functions.
|
|
Packit |
7cfc04 |
.\" (Jul 2005, mtk)
|
|
Packit |
7cfc04 |
.\"
|
|
Packit |
7cfc04 |
.\" This shadow password setup has been superseded by PAM
|
|
Packit |
7cfc04 |
.\" (pluggable authentication modules), and the file
|
|
Packit |
7cfc04 |
.\" .I /etc/nsswitch.conf
|
|
Packit |
7cfc04 |
.\" now describes the sources to be used.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR getspnam ()
|
|
Packit |
7cfc04 |
function returns a pointer to a structure containing
|
|
Packit |
7cfc04 |
the broken-out fields of the record in the shadow password database
|
|
Packit |
7cfc04 |
that matches the username
|
|
Packit |
7cfc04 |
.IR name .
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR getspent ()
|
|
Packit |
7cfc04 |
function returns a pointer to the next entry in the shadow password
|
|
Packit |
7cfc04 |
database.
|
|
Packit |
7cfc04 |
The position in the input stream is initialized by
|
|
Packit |
7cfc04 |
.BR setspent ().
|
|
Packit |
7cfc04 |
When done reading, the program may call
|
|
Packit |
7cfc04 |
.BR endspent ()
|
|
Packit |
7cfc04 |
so that resources can be deallocated.
|
|
Packit |
7cfc04 |
.\" some systems require a call of setspent() before the first getspent()
|
|
Packit |
7cfc04 |
.\" glibc does not
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR fgetspent ()
|
|
Packit |
7cfc04 |
function is similar to
|
|
Packit |
7cfc04 |
.BR getspent ()
|
|
Packit |
7cfc04 |
but uses the supplied stream instead of the one implicitly opened by
|
|
Packit |
7cfc04 |
.BR setspent ().
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR sgetspent ()
|
|
Packit |
7cfc04 |
function parses the supplied string
|
|
Packit |
7cfc04 |
.I s
|
|
Packit |
7cfc04 |
into a struct
|
|
Packit |
7cfc04 |
.IR spwd .
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR putspent ()
|
|
Packit |
7cfc04 |
function writes the contents of the supplied struct
|
|
Packit |
7cfc04 |
.I spwd
|
|
Packit |
7cfc04 |
.I *p
|
|
Packit |
7cfc04 |
as a text line in the shadow password file format to
|
|
Packit |
7cfc04 |
.IR stream .
|
|
Packit |
7cfc04 |
String entries with value NULL and numerical entries with value \-1
|
|
Packit |
7cfc04 |
are written as an empty string.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR lckpwdf ()
|
|
Packit |
7cfc04 |
function is intended to protect against multiple simultaneous accesses
|
|
Packit |
7cfc04 |
of the shadow password database.
|
|
Packit |
7cfc04 |
It tries to acquire a lock, and returns 0 on success,
|
|
Packit |
7cfc04 |
or \-1 on failure (lock not obtained within 15 seconds).
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR ulckpwdf ()
|
|
Packit |
7cfc04 |
function releases the lock again.
|
|
Packit |
7cfc04 |
Note that there is no protection against direct access of the shadow
|
|
Packit |
7cfc04 |
password file.
|
|
Packit |
7cfc04 |
Only programs that use
|
|
Packit |
7cfc04 |
.BR lckpwdf ()
|
|
Packit |
7cfc04 |
will notice the lock.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
These were the functions that formed the original shadow API.
|
|
Packit |
7cfc04 |
They are widely available.
|
|
Packit |
7cfc04 |
.\" Also in libc5
|
|
Packit |
7cfc04 |
.\" SUN doesn't have sgetspent()
|
|
Packit |
7cfc04 |
.SS Reentrant versions
|
|
Packit |
7cfc04 |
Analogous to the reentrant functions for the password database, glibc
|
|
Packit |
7cfc04 |
also has reentrant functions for the shadow password database.
|
|
Packit |
7cfc04 |
The
|
|
Packit |
7cfc04 |
.BR getspnam_r ()
|
|
Packit |
7cfc04 |
function is like
|
|
Packit |
7cfc04 |
.BR getspnam ()
|
|
Packit |
7cfc04 |
but stores the retrieved shadow password structure in the space pointed to by
|
|
Packit |
7cfc04 |
.IR spbuf .
|
|
Packit |
7cfc04 |
This shadow password structure contains pointers to strings, and these strings
|
|
Packit |
7cfc04 |
are stored in the buffer
|
|
Packit |
7cfc04 |
.I buf
|
|
Packit |
7cfc04 |
of size
|
|
Packit |
7cfc04 |
.IR buflen .
|
|
Packit |
7cfc04 |
A pointer to the result (in case of success) or NULL (in case no entry
|
|
Packit |
7cfc04 |
was found or an error occurred) is stored in
|
|
Packit |
7cfc04 |
.IR *spbufp .
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The functions
|
|
Packit |
7cfc04 |
.BR getspent_r (),
|
|
Packit |
7cfc04 |
.BR fgetspent_r (),
|
|
Packit |
7cfc04 |
and
|
|
Packit |
7cfc04 |
.BR sgetspent_r ()
|
|
Packit |
7cfc04 |
are similarly analogous to their nonreentrant counterparts.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
Some non-glibc systems also have functions with these names,
|
|
Packit |
7cfc04 |
often with different prototypes.
|
|
Packit |
7cfc04 |
.\" SUN doesn't have sgetspent_r()
|
|
Packit |
7cfc04 |
.SS Structure
|
|
Packit |
7cfc04 |
The shadow password structure is defined in \fI<shadow.h>\fP as follows:
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
.in +4n
|
|
Packit |
7cfc04 |
.EX
|
|
Packit |
7cfc04 |
struct spwd {
|
|
Packit |
7cfc04 |
char *sp_namp; /* Login name */
|
|
Packit |
7cfc04 |
char *sp_pwdp; /* Encrypted password */
|
|
Packit |
7cfc04 |
long sp_lstchg; /* Date of last change
|
|
Packit |
7cfc04 |
(measured in days since
|
|
Packit |
7cfc04 |
1970-01-01 00:00:00 +0000 (UTC)) */
|
|
Packit |
7cfc04 |
long sp_min; /* Min # of days between changes */
|
|
Packit |
7cfc04 |
long sp_max; /* Max # of days between changes */
|
|
Packit |
7cfc04 |
long sp_warn; /* # of days before password expires
|
|
Packit |
7cfc04 |
to warn user to change it */
|
|
Packit |
7cfc04 |
long sp_inact; /* # of days after password expires
|
|
Packit |
7cfc04 |
until account is disabled */
|
|
Packit |
7cfc04 |
long sp_expire; /* Date when account expires
|
|
Packit |
7cfc04 |
(measured in days since
|
|
Packit |
7cfc04 |
1970-01-01 00:00:00 +0000 (UTC)) */
|
|
Packit |
7cfc04 |
unsigned long sp_flag; /* Reserved */
|
|
Packit |
7cfc04 |
};
|
|
Packit |
7cfc04 |
.EE
|
|
Packit |
7cfc04 |
.in
|
|
Packit |
7cfc04 |
.SH RETURN VALUE
|
|
Packit |
7cfc04 |
The functions that return a pointer return NULL if no more entries
|
|
Packit |
7cfc04 |
are available or if an error occurs during processing.
|
|
Packit |
7cfc04 |
The functions which have \fIint\fP as the return value return 0 for
|
|
Packit |
7cfc04 |
success and \-1 for failure, with
|
|
Packit |
7cfc04 |
.I errno
|
|
Packit |
7cfc04 |
set to indicate the cause of the error.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
For the nonreentrant functions, the return value may point to static area,
|
|
Packit |
7cfc04 |
and may be overwritten by subsequent calls to these functions.
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The reentrant functions return zero on success.
|
|
Packit |
7cfc04 |
In case of error, an error number is returned.
|
|
Packit |
7cfc04 |
.SH ERRORS
|
|
Packit |
7cfc04 |
.TP
|
|
Packit |
7cfc04 |
.B EACCES
|
|
Packit |
7cfc04 |
The caller does not have permission to access the shadow password file.
|
|
Packit |
7cfc04 |
.TP
|
|
Packit |
7cfc04 |
.B ERANGE
|
|
Packit |
7cfc04 |
Supplied buffer is too small.
|
|
Packit |
7cfc04 |
.SH FILES
|
|
Packit |
7cfc04 |
.TP
|
|
Packit |
7cfc04 |
.I /etc/shadow
|
|
Packit |
7cfc04 |
local shadow password database file
|
|
Packit |
7cfc04 |
.TP
|
|
Packit |
7cfc04 |
.I /etc/.pwd.lock
|
|
Packit |
7cfc04 |
lock file
|
|
Packit |
7cfc04 |
.PP
|
|
Packit |
7cfc04 |
The include file
|
|
Packit |
7cfc04 |
.I <paths.h>
|
|
Packit |
7cfc04 |
defines the constant
|
|
Packit |
7cfc04 |
.B _PATH_SHADOW
|
|
Packit |
7cfc04 |
to the pathname of the shadow password file.
|
|
Packit |
7cfc04 |
.SH ATTRIBUTES
|
|
Packit |
7cfc04 |
For an explanation of the terms used in this section, see
|
|
Packit |
7cfc04 |
.BR attributes (7).
|
|
Packit |
7cfc04 |
.TS
|
|
Packit |
7cfc04 |
allbox;
|
|
Packit |
7cfc04 |
lbw13 lb lbw30
|
|
Packit |
7cfc04 |
l l l.
|
|
Packit |
7cfc04 |
Interface Attribute Value
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR getspnam ()
|
|
Packit |
7cfc04 |
T} Thread safety T{
|
|
Packit |
7cfc04 |
MT-Unsafe race:getspnam locale
|
|
Packit |
7cfc04 |
T}
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR getspent ()
|
|
Packit |
7cfc04 |
T} Thread safety T{
|
|
Packit |
7cfc04 |
MT-Unsafe race:getspent
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
race:spentbuf locale
|
|
Packit |
7cfc04 |
T}
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR setspent (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR endspent (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR getspent_r ()
|
|
Packit |
7cfc04 |
T} Thread safety T{
|
|
Packit |
7cfc04 |
MT-Unsafe race:getspent locale
|
|
Packit |
7cfc04 |
T}
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR fgetspent ()
|
|
Packit |
7cfc04 |
T} Thread safety MT-Unsafe race:fgetspent
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR sgetspent ()
|
|
Packit |
7cfc04 |
T} Thread safety MT-Unsafe race:sgetspent
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR putspent (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR getspnam_r (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR sgetspent_r ()
|
|
Packit |
7cfc04 |
T} Thread safety MT-Safe locale
|
|
Packit |
7cfc04 |
T{
|
|
Packit |
7cfc04 |
.BR lckpwdf (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR ulckpwdf (),
|
|
Packit |
7cfc04 |
.br
|
|
Packit |
7cfc04 |
.BR fgetspent_r ()
|
|
Packit |
7cfc04 |
T} Thread safety MT-Safe
|
|
Packit |
7cfc04 |
.TE
|
|
Packit |
7cfc04 |
.sp 1
|
|
Packit |
7cfc04 |
In the above table,
|
|
Packit |
7cfc04 |
.I getspent
|
|
Packit |
7cfc04 |
in
|
|
Packit |
7cfc04 |
.I race:getspent
|
|
Packit |
7cfc04 |
signifies that if any of the functions
|
|
Packit |
7cfc04 |
.BR setspent (),
|
|
Packit |
7cfc04 |
.BR getspent (),
|
|
Packit |
7cfc04 |
.BR getspent_r (),
|
|
Packit |
7cfc04 |
or
|
|
Packit |
7cfc04 |
.BR endspent ()
|
|
Packit |
7cfc04 |
are used in parallel in different threads of a program,
|
|
Packit |
7cfc04 |
then data races could occur.
|
|
Packit |
7cfc04 |
.SH CONFORMING TO
|
|
Packit |
7cfc04 |
The shadow password database and its associated API are
|
|
Packit |
7cfc04 |
not specified in POSIX.1.
|
|
Packit |
7cfc04 |
However, many other systems provide a similar API.
|
|
Packit |
7cfc04 |
.SH SEE ALSO
|
|
Packit |
7cfc04 |
.BR getgrnam (3),
|
|
Packit |
7cfc04 |
.BR getpwnam (3),
|
|
Packit |
7cfc04 |
.BR getpwnam_r (3),
|
|
Packit |
7cfc04 |
.BR shadow (5)
|
|
Packit |
7cfc04 |
.SH COLOPHON
|
|
Packit |
7cfc04 |
This page is part of release 4.15 of the Linux
|
|
Packit |
7cfc04 |
.I man-pages
|
|
Packit |
7cfc04 |
project.
|
|
Packit |
7cfc04 |
A description of the project,
|
|
Packit |
7cfc04 |
information about reporting bugs,
|
|
Packit |
7cfc04 |
and the latest version of this page,
|
|
Packit |
7cfc04 |
can be found at
|
|
Packit |
7cfc04 |
\%https://www.kernel.org/doc/man\-pages/.
|