GETPRPWENT(S) UNIX System V GETPRPWENT(S)
Name
getprpwent, getprpwuid, getprpwnam, setprpwent, endprpwent,
putprpwnam - manipulate protected password database entry
Syntax
#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>
struct pr_passwd *getprpwent ()
struct pr_passwd *getprpwuid (uid);
int uid;
struct pr_passwd *getprpwnam (name);
char *name;
void setprpwent ();
void endprpwent ();
int putprpwnam (name, pr)
char *name;
struct pr_passwd *pr;
Description
getprpwent, getprpwuid and getprpwnam each returns a pointer
to an object with the following structure containing the
broken-out fields of a line in the protected password
database. Only entries in the database dealing with users
are scanned. Each line in the database contains a
``pr_passwd'' structure, declared in the <prot.h> header
file:
struct pr_field {
/* Identity: */
/* uses 8 character maximum from utmp */
char fd_name[9];
/* uid associated with name above */
ushort fd_uid;
/* Encrypted password */
char fd_encrypt[14];
/* user type - see user_type */
priv_t fd_type;
/* if a pseudo -user, the user behind it */
char fd_owner[9];
/* nice value with which to login */
/* command privilege vector */
int fd_nice
mask_t fd_cprivs[AUTH_CPRIVVEC_SIZE];
/* system privilege vector */
mask_t fd_sprivs[SEC_SPRIVVEC_SIZE];
/* audit control */
mask_t fd_auditcntl[AUTH_AUDITMASKVEC_SIZE];
/* audit disposition */
mask_t fd_auditdisp[AUTH_AUDITMASKVEC_SIZE];
/* Password maintenance parameters: */
/* min time between pswd changes */
time_t fd_min;
/* maximum length of password */
int fd_maxlen;
/* expiration time duration in secs */
time_t fd_expire;
/* account death time duration in secs */
time_t fd_lifetime;
/* last successful change */
time_t fd_schange;
/* last unsuccessful change */
time_t fd_uchange;
/* who can change this user's password */
ushort fd_pswduser;
/* can user pick his own passwords? */
char fd_pick_pwd;
/* can user get pswds generated for him? */
char fd_gen_pwd;
/* should generated pswds be restricted? */
char fd_restrict;
/* Login parameters: */
/* last successful login */
time_t fd_slogin;
/* last unsuccessful login */
time_t fd_ulogin;
/* consecutive unsuccessful logins */
short fd_nlogins;
/* maximum unsuc login tries allowed */
short fd_max_tries;
/* Unconditionally lock account? */
char fd_lock;
/* System parameters: */
/* Require a password on single user shell? */
char fd_standpswd;
/* System security class */
mask_t fd_secclass[AUTH_SECCLASSVEC_SIZE];
};
struct pr_flag {
unsigned
/* Identity: */
fg_name:1, /* Is fd_name set? */
fg_uid:1, /* Is fd_uid set? */
fg_encrypt:1, /* Is fd_encrypt set? */
fg_type:1, /* Is fd_type set? */
fg_owner:1, /* Is fd_owner set? */
fg_nice:1, /* Is fd_nice set? */
fg_cprivs:1, /* Is fd_sprivs set? */
fg_sprivs:1, /* Is fd_sprivs set? */
fg_auditcntl:1, /* Is fd_auditcntl set? */
fg_auditdisp:1, /* Is fd_auditdisp set? */
/* Password maintenance parameters: */
fg_min:1, /* Is fd_min set? */
fg_maxlen:1, /* Is fd_maxlen set? */
fg_expire:1, /* Is fd_expire set? */
fg_lifetime:1, /* Is fd_lifetime set? */
fg_schange:1, /* Is fd_schange set? */
fg_uchange:1, /* Is fd_fchange set? */
fg_pswduser:1, /* Is fd_pswduser set? */
fg_pick_pwd:1, /* Is fd_pick_pwd set? */
fg_gen_pwd:1, /* Is fd_gen_pwd set? */
fg_restrict:1, /* Is fd_restrict set? */
/* Login parameters: */
fg_slogin:1, /* Is fd_slogin set? */
fg_ulogin:1, /* Is fd_ulogin set? */
fg_nlogins:1, /* Is fd_nlogins set? */
fg_max_tries:1, /* Is fd_max_tries set? */
fg_lock:1, /* Is fd_lock set? */
fg_standpswd:1, /* Is fd_standpswd set? */
fg_secclass:1, /* Is fd_secclass set? */
fg_reserved:5; /* Reserved, leave set to 0 */
};
struct pr_passwd {
/* Fields assoc with this user */
struct pr_field ufld;
/* Flags assoc with this user */
struct pr_flag uflg;
/* Fields assoc with system */
struct pr_field sfld;
/* Flags assoc with system */
struct pr_flag sflg;
};
This structure is declared in <prot.h> so it is not
necessary to redeclare it.
getprpwent when first called returns a pointer to the first
user pr_passwd structure in the database; thereafter, it
returns a pointer to the next pr_passwd structure in the
database; so successive calls can be used to search the
database. Note that entries without a corresponding entry
in /etc/passwd are skipped. The entries are scanned in the
order they appear in /etc/passwd . getprpwuid searches from
the beginning of the database until a numerical user id
matching uid is found and returns a pointer to the
particular structure in which it was found. getprpwnam
searches from the beginning of the file until a login name
matching name is found, and returns a pointer to the
particular structure in which it was found. If an end-of-
file or an error is encountered on reading, these functions
return a NULL pointer.
A call to setprpwent has the effect of rewinding the
protected password files to allow repeated searches.
Endprpwent may be called to close the protected password
files when processing is complete.
Putprpwnam puts a new or replaced protected password entry
pr with key name into the appropriate file(s). If the
"uflg.fg_name" field is 0, the requested entry is deleted
from the protected password database. Putprpwnam locks the
database for all update operations, and performs a
endprpwent after the update or failed attempt.
Files
/etc/passwd
/tcb/files/auth/*/*
See Also
getpwent(S), getprpwent(S), getprtcent(S), getprfient(S),
getprdfent(S), authcap(S), authcap(F)
Diagnostics
A NULL pointer is returned on EOF or error.
Notes
All information is contained in a static area, so it must be
copied if it is to be saved.
getprpwent assumed one name per UID and one UID per name.
The sequential scan will loop between the first two
instances of a multiple UID.
Value Added
endprpwent, getprpwent, getprpwnam, getprpwuid, putprpwnam
and setprpwent are extensions of AT&T System V provided by
the Santa Cruz Operation.
(printed 6/20/89)