SHADOW(3)
NAME
shadow - encrypted password file routines
SYNTAX
#include <�<shadow.h>�>
struct spwd *getspent();
struct spwd *getspnam(char *name);
void setspent();
void endspent();
struct spwd *fgetspent(FILE *fp);
struct spwd *sgetspent(char *cp);
int putspent(struct spwd *p, FILE *fp);
int lckpwdf();
int ulckpwdf();
DESCRIPTION
shadow manipulates the contents of the shadow password
file, /etc/shadow. The structure in the #include file is
struct spwd {
char *sp_namp; /* user login name */
char *sp_pwdp; /* encrypted password */
long sp_lstchg; /* last password change */
int sp_min; /* days until change allowed. */
int sp_max; /* days before change required */
int sp_warn; /* days warning for expiration */
int sp_inact; /* days before account inactive
*/
int sp_expire; /* date when account expires */
int sp_flag; /* reserved for future use */
}
The meanings of each field are
sp_namp - pointer to null-terminated user name.
sp_pwdp - pointer to null-terminated password.
sp_lstchg - days since Jan 1, 1970 password was last
changed.
sp_min - days before which password may not be changed.
sp_max - days after which password must be changed.
sp_warn - days before password is to expire that user is
warned of pending password expiration.
sp_inact - days after password expires that account is
considered inactive and disabled.
sp_expire - days since Jan 1, 1970 when account will be
disabled.
sp_flag - reserved for future use.
DESCRIPTION
getspent, getspname, fgetspent, and sgetspent each return
a pointer to a struct spwd. getspent returns the next
entry from the file, and fgetspent returns the next entry
from the given stream, which is assumed to be a file of
the proper format. sgetspent returns a pointer to a
struct spwd using the provided string as input. getspnam
searches from the current position in the file for an
entry matching name.
setspent and endspent may be used to begin and end,
respectively, access to the shadow password file.
The lckpwdf and ulckpwdf routines should be used to insure
exclusive access to the /etc/shadow file. lckpwdf
attempts to acquire a lock using pw_lock for up to 15 sec-
onds. It continues by attempting to acquire a second lock
using spw_lock for the remainder of the initial 15 sec-
onds. Should either attempt fail after a total of 15 sec-
onds, lckpwdf returns -1. When both locks are acquired 0
is returned.
DIAGNOSTICS
Routines return NULL if no more entries are available or
if an error occurs during processing. Routines which have
int as the return value return 0 for success and -1 for
failure.
CAVEATS
These routines may only be used by the super user as
access to the shadow password file is restricted.
FILES
/etc/shadow - encrypted user passwords
SEE ALSO
getpwent(3) shadow(5)
AUTHOR
Julianne Frances Haugh jfh@tab.com