Add Book to My BookshelfPurchase This Book Online

Chapter 8 - Users and Groups

UNIX Systems Programming for SVR4
David A. Curry
 Copyright © 1996 O'Reilly & Associates, Inc.

The Password File
The password file, /etc/passwd, stores most of the commonly maintained information about each user of the system, including login name, user ID number, full name, home directory, and preferred login shell. On older versions of UNIX, this file also stores each user's encrypted password. However, most newer versions of UNIX have taken the encrypted password out of this file, storing it in another file called a shadow password file that is readable only by the superuser. This is described in the following section.
Each line in the password file describes a single user, and is divided into several colon-separated fields. The include file pwd.h describes this format for programs with the struct passwd structure, which contains at least the following members:
    struct passwd {
        char    *pw_name;
        char    *pw_passwd;
        uid_t    pw_uid;
        gid_t    pw_gid;
        char    *pw_age;
        char    *pw_comment;
        char    *pw_gecos;
        char    *pw_dir;
        char    *pw_shell;
    };
The meanings of the fields are:
pw_name
The user's login name.
pw_passwd
The user's encrypted password; if the system uses a shadow password file, this field is meaningless.
pw_uid
The user's user-id number.
pw_gid
The user's login group ID number.
pw_age
On many BSD-based systems, this field is an integer called pw_quota. The field is not used for anything, and does not appear in the password file line. (Some System V-based systems do make use of this field for password aging, but this has been superseded in SVR4 by the aging information stored in the shadow password file.)
pw_comment
This field is also unused, and does not appear in the password file line. Although this field has been around since Version 7, it has never been used, and yet nobody has ever removed it from the structure.
pw_gecos
This field contains the user's full name. It derives its name (pronounced “JEE-kohs”) from its original use at Bell Laboratories to define an accounting identifier that was used to submit remote jobs to a General Electric mainframe computer. The operating system on the mainframe was called GECOS (General Electric Comprehensive Operating System). (When General Electric's computer division was bought out by Honeywell, GECOS was renamed GCOS, but the password file field retained its original name.)
On many systems, the pw_gecos field is used to store more than just the user's full name. Its content varies with the local environment in which it is used. One method, used by most versions of BSD UNIX (although many vendors' BSD-based systems do not support it), subdivides the pw_gecos field into four comma-separated fields. The first field is the user's full name, the second is the user's office telephone number, the third is the user's office room number, and the last is the user's home telephone number. Any of the fields may be left blank, but commas must appear between fields. Trailing commas may be dropped.
pw_dir
The absolute pathname to the user's home directory.
pw_shell
The absolute pathname to the user's login  shell, the program that will be started when he logs in. If this field is left blank, the Bourne shell (/bin/sh) is the default.
The following functions are provided for reading the password file:
    #include <pwd.h>
    struct passwd *getpwnam(const char *name);
    struct passwd *getpwuid(uid_t uid);
    struct passwd *getpwent(void);
    void setpwent(void);
    void endpwent(void);
The getpwnam function searches the password file for a line whose login name field is equal to name, and returns a pointer to a structure of type struct passwd containing the broken-out fields of the entry. The getpwuid function searches for a line whose user ID field is equal to uid. The getpwent function reads the password file sequentially; each successive call returns the next entry in the file. All three functions return pointers to static data that is overwritten on each call; if the calling program needs to retain the data across successive calls, it must copy it to other storage. If an entry cannot be found, or if the end of the file is reached, the routines return the constant NULL.
The setpwent function opens the password file if it is not already open, and resets the read/write offset to the beginning of the file. All three of the functions described above call setpwent internally. The endpwent function closes the password file.
System V-based versions of UNIX, including SVR4, provide a function to bypass the system password file, fgetpwent:
    #include <stdio.h>
    #include <pwd.h>
    struct passwd *fgetpwent(FILE *fp);
This function reads a line from the file referenced by fp instead of the system password file, and returns a pointer to a structure of type struct passwd containing the broken-out fields. It returns the constant NULL when the end of the file is encountered.
BSD-based systems support a different method for reading alternate password files:
    #include <pwd.h>
    void setpwfile(const char *filename);
This changes the routine's notion of the name of the password file to the filename contained in filename. This has an advantage over the System V method, since it allows the program to continue to make use of the getpwnam and getpwuid functions.
Example 8-1, shown later in this chapter, demonstrates the use of these functions.

Previous SectionNext Section
Books24x7.com, Inc © 2000 –  Feedback