SHADOW(3)                                               SHADOW(3)

NAME
       shadow - encrypted password file routines

SYNTAX
       #include <shadow.h>

       struct spwd *getspent();

       struct spwd *getspnam(char *name);

       void setspent();

       void endspent();

       struct spwd *fgetspent(FILE *fp);

       struct spwd *sgetspent(char *cp);

       int putspent(struct spwd *p, FILE *fp);

       int lckpwdf();

       int ulckpwdf();

DESCRIPTION
       shadow  manipulates  the  contents  of the shadow password
       file, /etc/shadow.  The structure in the #include file is

       struct spwd {
                 char *sp_namp; /* user login name */
                 char *sp_pwdp; /* encrypted password */
                 long sp_lstchg; /* last password change */
                 int  sp_min; /* days until change allowed. */
                 int  sp_max; /* days before change required */
                 int  sp_warn; /* days warning for expiration */
                 int  sp_inact; /* days before  account  inactive
            */
                 int  sp_expire; /* date when account expires */
                 int  sp_flag; /* reserved for future use */
       }

       The meanings of each field are

       sp_namp - pointer to null-terminated user name.
       sp_pwdp - pointer to null-terminated password.
       sp_lstchg  -  days  since  Jan  1,  1970 password was last
       changed.
       sp_min - days before which password may not be changed.
       sp_max - days after which password must be changed.
       sp_warn - days before password is to expire that  user  is
       warned of pending password expiration.
       sp_inact  -  days  after  password expires that account is
       considered inactive and disabled.
       sp_expire - days since Jan 1, 1970 when  account  will  be
       disabled.
       sp_flag - reserved for future use.

DESCRIPTION
       getspent,  getspname, fgetspent, and sgetspent each return
       a pointer to a struct spwd.   getspent  returns  the  next
       entry  from the file, and fgetspent returns the next entry
       from the given stream, which is assumed to be  a  file  of
       the  proper  format.   sgetspent  returns  a  pointer to a
       struct spwd using the provided string as input.   getspnam
       searches  from  the  current  position  in the file for an
       entry matching name.

       setspent and endspent  may  be  used  to  begin  and  end,
       respectively, access to the shadow password file.

       The lckpwdf and ulckpwdf routines should be used to insure
       exclusive  access  to  the  /etc/shadow   file.    lckpwdf
       attempts to acquire a lock using pw_lock for up to 15 sec-
       onds.  It continues by attempting to acquire a second lock
       using  spw_lock  for  the remainder of the initial 15 sec-
       onds.  Should either attempt fail after a total of 15 sec-
       onds,  lckpwdf returns -1.  When both locks are acquired 0
       is returned.

DIAGNOSTICS
       Routines return NULL if no more entries are  available  or
       if an error occurs during processing.  Routines which have
       int as the return value return 0 for success  and  -1  for
       failure.

CAVEATS
       These  routines  may  only  be  used  by the super user as
       access to the shadow password file is restricted.

FILES
       /etc/shadow - encrypted user passwords

SEE ALSO
       getpwent(3), shadow(5)

AUTHOR
       Julianne Frances Haugh (jfh@tab.com)

                                                                1