Scroll to navigation

SHADOW(3) 库函数调用 SHADOW(3)

名称

shadow, getspnam - 加密密码文件工具函数

SYNTAX

#include <shadow.h>

struct spwd *getspent();

struct spwd *getspnam(char*name);

void setspent();

void endspent();

struct spwd *fgetspent(FILE*fp);

struct spwd *sgetspent(char*cp);

int putspent(struct spwd*p,FILE*fp);

int lckpwdf();

int ulckpwdf();

描述

shadow manipulates the contents of the shadow password file, /etc/shadow. The structure in the #include file is:

struct spwd {

char *sp_namp; /* user login name */
char *sp_pwdp; /* encrypted password */
long int sp_lstchg; /* last password change */
long int sp_min; /* days until change allowed. */
long int sp_max; /* days before change required */
long int sp_warn; /* days warning for expiration */
long int sp_inact; /* days before account inactive */
long int sp_expire; /* date when account expires */
unsigned long int sp_flag; /* reserved for future use */ }

每个字段的含义是:

•sp_namp - 指向以 null 结束的用户名的指针

•sp_pwdp - 指向 null 结束的密码的指针

•sp_lstchg - 最近更改密码的日期(日期计算方法是从1970年1月1日开始的天数)

•sp_min - days before which password may not be changed

•sp_max - days after which password must be changed

•sp_warn - days before password is to expire that user is warned of pending password expiration

•sp_inact - days after password expires that account is considered inactive and disabled

•sp_expire - days since Jan 1, 1970 when account will be disabled

•sp_flag - reserved for future use

描述

getspent, getspname, fgetspent, and sgetspent each return a pointer to a struct spwd. getspent returns the next entry from the file, and fgetspent returns the next entry from the given stream, which is assumed to be a file of the proper format. sgetspent returns a pointer to a struct spwd using the provided string as input. getspnam searches from the current position in the file for an entry matching name.

setspent and endspent may be used to begin and end, respectively, access to the shadow password file.

The lckpwdf and ulckpwdf routines should be used to insure exclusive access to the /etc/shadow file. lckpwdf attempts to acquire a lock using pw_lock for up to 15 seconds. It continues by attempting to acquire a second lock using spw_lock for the remainder of the initial 15 seconds. Should either attempt fail after a total of 15 seconds, lckpwdf returns -1. When both locks are acquired 0 is returned.

DIAGNOSTICS

Routines return NULL if no more entries are available or if an error occurs during processing. Routines which have int as the return value return 0 for success and -1 for failure.

CAVEATS

这些函数只能由超级用户使用,因为对影子密码文件的访问是受限的。

文件

/etc/shadow

安全用户账户信息。

参见

getpwent(3), shadow(5).

2019-08-07 shadow-utils 4.6