SHADOW(3) SHADOW(3)
NAME
shadow(3,5) - encrypted password file(1,n) routines
SYNTAX
#include <shadow.h>
struct spwd *getspent();
struct spwd *getspnam(char *name);
void setspent();
void endspent();
struct spwd *fgetspent(FILE *fp);
struct spwd *sgetspent(char *cp);
int putspent(struct spwd *p, FILE *fp);
int lckpwdf();
int ulckpwdf();
DESCRIPTION
shadow(3,5) manipulates the contents of the shadow(3,5) password file(1,n),
/etc/shadow(3,5). The structure in(1,8) the #include file(1,n) is:
struct spwd {
char *sp_namp; /* user login(1,3,5) name */
char *sp_pwdp; /* encrypted password */
long int sp_lstchg; /* last password change */
long int sp_min; /* days until change allowed. */
long int sp_max; /* days before change required */
long int sp_warn; /* days warning for expiration */
long int sp_inact; /* days before account inactive */
long int sp_expire; /* date when account expires */
unsigned long int sp_flag; /* reserved for future use */
}
The meanings of each field are:
sp_namp - pointer to null-terminated user name
sp_pwdp - pointer to null-terminated password
sp_lstchg - days since Jan 1, 1970 password was last changed
sp_min - days before which password may not be changed
sp_max - days after which password must be changed
sp_warn - days before password is to expire that user is warned of
pending password expiration
sp_inact - days after password expires that account is considered
inactive and disabled
sp_expire - days since Jan 1, 1970 when account will be disabled
sp_flag - reserved for future use
DESCRIPTION
getspent, getspname fgetspent, and sgetspent each return a pointer to
a struct spwd. getspent returns the next entry from the file(1,n), and fget-
spent returns the next entry from the given stream, which is assumed to
be a file(1,n) of the proper format. sgetspent returns a pointer to a struct
spwd using the provided string(3,n) as input. getspnam searches from the
current position in(1,8) the file(1,n) for an entry matching name.
setspent and endspent may be used to begin and end, respectively,
access(2,5) to the shadow(3,5) password file.
The lckpwdf and ulckpwdf routines should be used to insure exclusive
access(2,5) to the /etc/shadow(3,5) file. lckpwdf attempts to acquire a lock
using pw_lock for up to 15 seconds. It continues by attempting to
acquire a second lock using spw_lock for the remainder of the initial
15 seconds. Should either attempt fail after a total of 15 seconds,
lckpwdf returns -1. When both locks are acquired 0 is returned.
DIAGNOSTICS
Routines return NULL if(3,n) no more entries are available or if(3,n) an error(8,n)
occurs during processing. Routines which have int as the return value
return 0 for success and -1 for failure.
CAVEATS
These routines may only be used by the super user as access(2,5) to the
shadow(3,5) password file(1,n) is restricted.
FILES
/etc/shadow(3,5)
secure user account information
SEE ALSO
getpwent(3), shadow(3,5)(5)
AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
SHADOW(3)