utility functions for interactive
passwd file updates
notsetuid, const char
ffd, int tfd,
const struct passwd *pw,
const struct passwd
*bp, struct passwd
char *name, int
err, int eval);
These functions are designed as conveniences for interactive programs which update the passwd file and do nothing else. They generally handle errors by printing out a message to the standard error stream and possibly aborting the process.
function prepares for a passwd update by unlimiting all resource
constraints, disabling core dumps (thus preventing dumping the contents of
the passwd database into a world-readable file), and disabling most
function sets an alternative directory where the rest of the functions look
for password-related files. Use this if you are writing utilities that
should be able to handle password files outside of
function transforms filenames so that they end up in the directory specified
to the latest
pw_setdir() call. The rule is that all
directories are stripped of the given name and only the filename is appended
to the directory.
function runs an editor (named by the environment variable EDITOR, or
/usr/bin/vi if EDITOR is not set) on the file
filename (or /etc/ptmp if
filename is NULL). If notsetuid
pw_edit() will set the effective user
and group ID to the real user and group ID before running the editor.
function asks the user whether they want to re-edit the password file; if
the answer is no,
pw_prompt() deletes the lock file
and exits the process.
function reads a passwd file from ffd and writes it to
tfd, updating the entry corresponding to
pw->pw_name with the information in pw. If
opw is not NULL, opw->pw_name will be used for
matching instead. Additionally, if the existing entry does not match
opw, the operation is aborted. The use of
opw allows the caller to change the user name in an
entry as well as guarantee that the entry being replaced has not changed in
function accepts in bp a passwd entry as it would be
represented in /etc/master.passwd and fills in
pw with corresponding values; string fields in
pw will be pointers into bp.
Some characters in bp will be overwritten with 0s in
order to terminate the strings pointed to by pw. If
flags is non-null, it is filled in with the following
- The uid field of bp is empty.
- The gid field of bp is empty.
- The change field of bp is empty.
- The expire field of bp is empty.
function displays an error message, aborts the current passwd update, and
exits the current process. If err is non-zero, a
warning message beginning with name is printed for the
current value of errno. The process exits with status
pw_scan() function prints a warning
message and returns 0 if the string in the bp argument
is not a valid passwd string. Otherwise,
- Current password file.
- Legacy password file.
- Password lock file.
- Insecure password database file.
- Secure password database file.