getting password expiry on *nix systems
in [Unix Programming]
|
Prev: comprimes de phentermine en France bon marche phentermine suisse le plus bon marche comprimes de phentermine phentermine canada pharmacie acheter phentermine bon marche phentermine us usa a vendre
Next: Not able to get client address
From: johnmmcparland on 15 Apr 2008 11:55 Hi all, how might I get whether a given user's password has expired on *nix systems. I know on HP-UX there is the getprpwnam() method which returns a pr_passwd struct. From that I can work out whether the password has expired or not. Is there somthing universal that will work on all *nix systems? Regards, John
From: johnmmcparland on 17 Apr 2008 12:11 my question could be phrased; "how can I tell if a user's password has been expired in Unix systems?" I know on unix systems you can do passwd -f to expire them but how might I in my program tell if the user's password has been expired? Regards, John
From: Joachim Schmitz on 17 Apr 2008 12:36 johnmmcparland wrote: > my question could be phrased; > > "how can I tell if a user's password has been expired in Unix > systems?" I know on unix systems you can do passwd -f to expire them > but how might I in my program tell if the user's password has been > expired? I guess it depends on what UNIX you're using, not all of them support passwords to expire. On those that do, I believe you'd find the information in /etc/shadow and 'man shadow' will give details about the file's format. As far as I see it is the 8th field (colon separated), which is the number of days since January 1, 1970 on which it will expire (or has expired). Then ther's the sum of the 3rd files (last changed, counted in days since the epoch) and the 5th filed (maximum number of days the passwd is valid). Not sure whether that's true everywhere, I've checked a SysV 4.2 and Linux Problem is that this file is only readable to root. The utilities that may be available to you (e.g. passwd -s or passwd -S) work because they are SUID. Bye, Jojo
From: John Gordon on 17 Apr 2008 12:44 In <d762bc95-96b6-4c8d-add5-1839e706ddd1(a)a22g2000hsc.googlegroups.com> johnmmcparland <johnmmcparland(a)googlemail.com> writes: > my question could be phrased; > "how can I tell if a user's password has been expired in Unix > systems?" I know on unix systems you can do passwd -f to expire them > but how might I in my program tell if the user's password has been > expired? The getpwent() system call returns information about a user's password entry. Among the information returned is a date object that specifies when the user's password will expire. If this date is in the past, the password has expired. Of course, you must be root to access this information. -- John Gordon A is for Amy, who fell down the stairs gordon(a)panix.com B is for Basil, assaulted by bears -- Edward Gorey, "The Gashlycrumb Tinies"
From: Joachim Schmitz on 17 Apr 2008 12:57
John Gordon wrote: > In > <d762bc95-96b6-4c8d-add5-1839e706ddd1(a)a22g2000hsc.googlegroups.com> > johnmmcparland <johnmmcparland(a)googlemail.com> writes: > >> my question could be phrased; > >> "how can I tell if a user's password has been expired in Unix >> systems?" I know on unix systems you can do passwd -f to expire them >> but how might I in my program tell if the user's password has been >> expired? > > The getpwent() system call returns information about a user's password > entry. Among the information returned is a date object that specifies > when the user's password will expire. If this date is in the past, > the password has expired. Nope, it does not. Not on the systems I checked at least. As the name implies getpwent returns an entry from the /etc/passwd file and tat doesn't contain this information. Same applies to getpwnam and getpwuid, they all return a stuct passwd * and that does not contain expiry information. On system with /etc/shadow it doesn't even contain a(nencrypted) password > Of course, you must be root to access this information. Nope, you don't, as /etc/passwd is world readable Bye, Jojo |