NAME
getpwent,
setpwent, endpwent —
sequential password database
access
SYNOPSIS
#include
<pwd.h>
struct passwd *
getpwent(void);
void
setpwent(void);
void
endpwent(void);
DESCRIPTION
These functions operate on the password database file which is
described in passwd(5). Each entry in the database is defined by the structure
struct passwd found in the include file
<pwd.h>:
struct passwd {
char *pw_name; /* user name */
char *pw_passwd; /* encrypted password */
uid_t pw_uid; /* user uid */
gid_t pw_gid; /* user gid */
time_t pw_change; /* password change time */
char *pw_class; /* user access class */
char *pw_gecos; /* Honeywell login info */
char *pw_dir; /* home directory */
char *pw_shell; /* default shell */
time_t pw_expire; /* account expiration */
};
The
getpwent()
function sequentially reads the password database and is intended for
programs that wish to process the complete list of users.
It is dangerous for long-running programs to keep the file descriptors open as the database will become out of date if it is updated while the program is running. However the file descriptors are automatically closed when execve(2) is called.
setpwent()
causes getpwent() to “rewind” to the
beginning of the database.
The
endpwent()
function closes any file descriptors opened by
setpwent() or
getpwent().
These routines have been written to “shadow” the
password file, that is, allow only certain programs to have access to the
encrypted password. If the process which calls them has an effective UID of
0 or has the “_shadow” group in its group vector, the
encrypted password will be returned, otherwise, the password field of the
returned structure will point to the string
‘*’.
YP SUPPORT
If YP is active,
getpwent()
also uses the master.passwd.byname YP map (if
available) or the passwd.byname YP map. This is in
addition to the passwd file, and respects the order of both normal and YP
entries in the passwd file.
RETURN VALUES
The getpwent() function returns a valid
pointer to a passwd structure on success or a null pointer if end-of-file is
reached or an error occurs. Subsequent calls to
getpwent(), getpwnam(),
getpwnam_shadow(),
getpwuid() or
getpwuid_shadow() may invalidate the returned
pointer or overwrite the contents of the passwd structure it points to.
The endpwent() and
setpwent() functions have no return value.
FILES
- /etc/pwd.db
- insecure password database file
- /etc/spwd.db
- secure password database file
- /etc/master.passwd
- current password file
- /etc/passwd
- legacy password file
ERRORS
The getpwent() function may fail for any
of the errors specified for
dbopen(3)
and its get() routine.
If YP is active, it may also fail due to errors caused by the YP subsystem.
SEE ALSO
getlogin(2), getgrent(3), getgrouplist(3), getpwnam(3), pw_dup(3), passwd(5), Makefile.yp(8), pwd_mkdb(8), vipw(8), yp(8)
STANDARDS
These functions are compliant with the X/Open System Interfaces option of the IEEE Std 1003.1-2008 (“POSIX.1”) specification.
HISTORY
The getpwent(),
setpwent(), and endpwent()
functions appeared in Version 7 AT&T
UNIX.
The historic function setpwfile(), which
allowed the specification of alternate password databases, has been
deprecated and is no longer available.
BUGS
The routines getpwent(),
endpwent(), and setpwent()
are fairly useless in a networked environment and should be avoided, if
possible.