Operating System - HP-UX
1839152 Members
3254 Online
110136 Solutions
New Discussion

Re: Problem using calls - getprpwnam, getspnam, getspwnam

 
SOLVED
Go to solution
Alex Feng
Advisor

Problem using calls - getprpwnam, getspnam, getspwnam

Hi everybody,

I have been trying to use the calls
getprpwnam, getspnam, getspwnam to retrieve the login record, but all 3 calls are returning NULL. I have tried using HP-UX 11i
and HP-UX 11.23 with the same result.

The only call that seems to work is getpwnam.
Does anyone have an idea why?

Thanks.
4 REPLIES 4
James R. Ferguson
Acclaimed Contributor

Re: Problem using calls - getprpwnam, getspnam, getspwnam

Hi Alex:

These calls are for use with trusted password databases *only*.

http://www.docs.hp.com/en/B3921-60631/getspwent.3X.html

http://www.docs.hp.com/en/B3921-60631/getprpwent.3.html

Unless your server is a trusted one, you should use 'getpwent' calls:

http://www.docs.hp.com/en/B3921-60631/getpwent.3C.html

Regards!

...JRF...
Matti_Kurkela
Honored Contributor
Solution

Re: Problem using calls - getprpwnam, getspnam, getspwnam

Nitpick: HP-UX 11.23 *is* 11i, specifically 11i v2.

I assume that by 11i, you mean 11i v1 which is better known as 11.11.

The getpwnam() function gets the information from /etc/passwd, which should always exist, so it always works.

The getprpwnam() and the getspwnam() functions get information from the /tcb directory structure, so they work only if Trusted System Mode is enabled.

The getspnam() function is for getting info from the Shadow Password file (/etc/shadow), so it will work only if the shadow password mode has been enabled.

The Trusted System Mode and shadow passwords cannot be activated simultaneously, as they are two different methods for the same purpose. The TSM is the old "HP Way" of secure password storage, while the shadow password method is fairly new in HP-UX world but it's more compatible in a multi-platform Unix environment.

The shadow password mode is an optional extra in 11.11 (available for free from http://software.hp.com). In 11.23 and above it's a standard option.

So my guess is, your machine is not configured for either TSM nor shadow passwords - so only the getpwnam() can get meaningful results.

MK
MK
Alex Feng
Advisor

Re: Problem using calls - getprpwnam, getspnam, getspwnam

Thanks for the Info, Since I don't have Shadow Passwords and the system is not trusted, I am getting NULL.

My problem is I was hoping to use those functions to check the password expiry and/or account is locked for a particular user.

Is there any calls I can use to do that?
Alex Feng
Advisor

Re: Problem using calls - getprpwnam, getspnam, getspwnam

Oh I figured it out. When a password is expired the passwd->pw_age is ".." so this allows me to check it.

Thanks for all your help guys.