User authentication on Solaris

dbush has asked for the wisdom of the Perl Monks concerning the following question:

Hi,

I'm in the process of converting a program from Windows to Solaris and am having some problems with authenticating a user's password. The code that I'm using is shown below and comes from what I found when searching for code examples. The problem is that it doesn't seem to work for me. Any help would be very much appreciated.

use strict;
use warnings;

my $szUser = 'any_user';
my $szPassword = 'for_me_to_know';

my ($szOther, $szEncryptedPwd) = getpwnam($szUser);
my $bValid = (crypt($szPassword, $szEncryptedPwd) eq $szEncryptedPwd);

print $bValid ? 'Yes' : 'No';
print "\n";
[download]

Regards,
Dom.

Comment on User authentication on Solaris Download Code

Replies are listed 'Best First'.
Re: User authentication on Solaris (use Passwd::Solaris) by grinder (Bishop) on Jul 28, 2004 at 20:15 UTC
Solaris [...] having some problems with authenticating a user's password There's a module (of course) that will take care of dealing with the shadow password file for you: `#! /usr/bin/perl -w use strict; use Passwd::Solaris qw/mgetpwnam/; my( $user, $user_passwd ) = @ARGV; my $shadow = (mgetpwnam $user)[1]; my ($salt, $passwd) = ($shadow =~ /^(..)(.*)$/); if( $shadow ne crypt( $user_passwd, $salt )) { print "No\n"; } else { print "Yes\n"; }` [download] Oh, and please, drop the Hungarian notation? It is completely irrelevant in Perl and just adds noise. Perl scalars can morph from integers to strings and back without coercion as the need arises. - another intruder with the mooring of the heat of the Perl	[reply] [d/l]
Re: User authentication on Solaris by Eimi Metamorphoumai (Deacon) on Jul 28, 2004 at 19:59 UTC
Note that that code will only work if your passwords are stored in /etc/passwd (or possibly in /etc/shadow, been too long since I've used that). It will not work if you're using PAM or something fancy like that to do your authentication. Your first step should probably be to check whether getpwnam is returning an encrypted password. If it's not, you may be out of luck (unless you're willing to delve pretty deeply into the magic).	[reply]
Re: User authentication on Solaris by fglock (Vicar) on Jul 28, 2004 at 19:51 UTC
It works here (ActivePerl 5.8.4): `SunOS sun114 5.9 Generic_112233-04 sun4u sparc SUNW,Sun-Blade-100`	[reply] [d/l]
Re: User authentication on Solaris by gaal (Parson) on Jul 28, 2004 at 19:59 UTC
How long is a password on your system? If it's more than 13 characters, you're not using classic crypt(3) -- probably an MD5 password setup. For example, here's my root password: `$1$A469w7Sp$QogiLx6226R0c5Sgsoapi4` [download] (Some bits may have been flipped. :-)	[reply] [d/l]
Re: User authentication on Solaris by lhoward (Vicar) on Jul 28, 2004 at 20:13 UTC
You may want to try using Authen::PAM so you don't have to go directly against the system password file. Will make it easier to convert your script to using other auth in the future. L	[reply]
Re: User authentication on Solaris by mifflin (Curate) on Jul 28, 2004 at 19:56 UTC
Works for me... # uname -a SunOS cosmora02d 5.9 Generic_112233-11 sun4u sparc SUNW,Ultra-Enterprise # perl -v This is perl, v5.8.0 built for sun4-solaris (with 1 registered patch, see perl -V for more detail) Copyright 1987-2002, Larry Wall Binary build 805 provided by ActiveState Corp. http://www.ActiveState.com Built 12:45:24 Feb 17 2003 Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5 source kit. Complete documentation for Perl, including FAQ lists, should be found on this system using `man perl' or `perldoc perl'. If you have access to the Internet, point your browser at http://www.perl.com/, the Perl Home Page.	[reply]