OpenBSD manual page server

Manual Page Search Parameters

GETPWNAM(3) Library Functions Manual GETPWNAM(3)

getpwnam, getpwuid, getpwnam_r, getpwuid_r, setpassentpassword database operations

#include <sys/types.h>
#include <pwd.h>

struct passwd *
getpwnam(const char *login);

struct passwd *
getpwuid(uid_t uid);

int
getpwnam_r(const char *login, struct passwd *pwstore, char *buf, size_t buflen, struct passwd **result);

int
getpwuid_r(uid_t uid, struct passwd *pwstore, char *buf, size_t buflen, struct passwd **result);

int
setpassent(int stayopen);

These functions operate on the password database file which is described in passwd(5). Each entry in the database is defined by the structure struct passwd found in the include file ⟨pwd.h⟩:

struct passwd {
	char	*pw_name;	/* user name */
	char	*pw_passwd;	/* encrypted password */
	uid_t	pw_uid;		/* user uid */
	gid_t	pw_gid;		/* user gid */
	time_t	pw_change;	/* password change time */
	char	*pw_class;	/* user access class */
	char	*pw_gecos;	/* Honeywell login info */
	char	*pw_dir;	/* home directory */
	char	*pw_shell;	/* default shell */
	time_t	pw_expire;	/* account expiration */
};

The functions () and () search the password database for the given login name or user ID, respectively, always returning the first one encountered.

The re-entrant versions, () and (), behave similarly but the various strings associated with the result are stored in buf, and pwstore is updated to reference those strings.

() accomplishes two purposes. First, it causes getpwent(3) to “rewind” to the beginning of the database. Additionally, if stayopen is non-zero, file descriptors are left open, significantly speeding up subsequent accesses for the lookup routines. These file descriptors can be closed by a call to endpwent(3).

It is dangerous for long-running programs to keep the file descriptors open as the database will become out of date if it is updated while the program is running. Furthermore, programs that run child processes should be careful to call endpwent(3) to close these descriptors before calling execve(2) or system(3).

These routines have been written to “shadow” the password file, that is, allow only certain programs to have access to the encrypted password. If the process which calls them has an effective UID of 0 or has the “_shadow” group in its group vector, the encrypted password will be returned, otherwise, the password field of the returned structure will point to the string ‘*’.

If YP is active, the functions () and getpwnam_r() also use the master.passwd.byname YP map (if available) or the passwd.byname YP map; and the functions getpwuid() and getpwuid_r() also use the master.passwd.byuid YP map (if available) or the passwd.byuid YP map. This is in addition to the passwd file, and respects the order of both normal and YP entries in the passwd file.

The functions getpwnam() and getpwuid() return a valid pointer to a passwd structure on success or a null pointer if end-of-file is reached or an error occurs.

The functions getpwnam_r() and getpwuid_r() update result to point to pwstore and then return 0 on success.

The setpassent() function returns 0 on failure or 1 on success.

/etc/pwd.db
insecure password database file
/etc/spwd.db
secure password database file
/etc/master.passwd
current password file
/etc/passwd
a Version 7 format password file

getlogin(2), getgrent(3), getgrouplist(3), getpwent(3), pw_dup(3), passwd(5), Makefile.yp(8), pwd_mkdb(8), vipw(8), yp(8)

The getpwnam() and getpwuid() functions appeared in Version 7 AT&T UNIX. The setpassent() function appeared in 4.3BSD-Reno.

The getpwnam() and getpwuid() functions store their results in an internal static buffer and return a pointer to that buffer. Subsequent calls to getpwent(), getpwnam(), or getpwuid() will overwrite the same buffer.

June 2, 2009 OpenBSD-5.1