Re: how to use /etc/passwd with perl programs

Although sauoq has alredy answered your question, I'd like to point out few things that you might find useful:

Rarely this days passwords are stored in /etc/passwd. Most probably you'll need to make use of /etc/shadow.
Rarely this days system passwords are stored plainly crypt()-ed. Most probably you'll need to work with MD5 or some other stronger cryptography.
If your system is using PAM, then you should do so too. Cpan has modules for you. With PAM you will not have to care about crypt/md5, /etc/passwd or /etc/shador, or even LDAP authentication for that matter.

Comment on Re: how to use /etc/passwd with perl programs

Replies are listed 'Best First'.
Re: Re: how to use /etc/passwd with perl programs by sgifford (Prior) on Jul 03, 2003 at 06:10 UTC
Those are good points except for the second one. On my system at least, and I believe on all systems that provide nonstandard crypt(3) implementations, crypt will detect and use the right hash function if you pass the entire crypted password as the SALT. For example, I have a user with a password "test". His crypted password is `$1$V80MC/nB$s/9nJGRaDB3xtUNpI7k0O.`. Running this Perl code: `print crypt('test', '$1$V80MC/nB$s/9nJGRaDB3xtUNpI7k0O.'), "\n";` [download] prints the correctly encrypted password.	[reply] [d/l]
Re: Re: Re: how to use /etc/passwd with perl programs by TVSET (Chaplain) on Jul 04, 2003 at 12:36 UTC
Good catch - you are mostly right. Here is a quote from the man page: GNU EXTENSION The glibc2 version of this function has the following addition +al fea- tures. If salt is a character string starting with the three + charac- ters "$1$" followed by at most eight characters, and optionally + termi- nated by "$", then instead of using the DES machine, the gli +bc crypt function uses an MD5-based algorithm, and outputs up to 34 + bytes, namely "$1$<string>$", where "<string>" stands for the up to 8 + charac- ters following "$1$" in the salt, followed by 22 bytes chosen f +rom the set [a-zA-Z0-9./]. The entire key is significant here (instead + of only the first 8 bytes). Programs using this function must be linked with -lcrypt. [download] ++ Leonid Mamtchenkov aka TVSET	[reply] [d/l]