Re: Submitting password changes to external program

Why interact with the system tools at all? Why not just collect the new PW, encrypt it, and write directly to /etc/shadow? (Or write direct to /etc/passwd if AIX still stores passwords there.) That would seem to be a more direct and simple way to work.

Be Appropriate && Follow Your Curiosity

Comment on Re: Submitting password changes to external program

Replies are listed 'Best First'.
Re^2: Submitting password changes to external program by Celada (Monk) on Dec 09, 2005 at 15:26 UTC
Because the system tools are the published API! Using the system tools will allow the software to work unchanged if the passwd database backend is not flat files. Perhaps more importantly in the case that you do not expect to be using anything other than flat files as the backend, the system tools will respect all the conventions regarding updates to `/etc/passwd` and `/etc/shadow` like making a backup file after changes (`/etc/opasswd`, maybe), file locking, and use of MD5 passwords versus traditional `crypt`, all of which you might not know about and which may vary from system to system. Using a pty is a pain, but it's worth it.	[reply]

Replies are listed 'Best First'.

Re^2: Submitting password changes to external program
by Celada (Monk) on Dec 09, 2005 at 15:26 UTC

Because the system tools are the published API!

Using the system tools will allow the software to work unchanged if the passwd database backend is not flat files. Perhaps more importantly in the case that you do not expect to be using anything other than flat files as the backend, the system tools will respect all the conventions regarding updates to /etc/passwd and /etc/shadow like making a backup file after changes (/etc/opasswd, maybe), file locking, and use of MD5 passwords versus traditional crypt, all of which you might not know about and which may vary from system to system.

Using a pty is a pain, but it's worth it.

[reply]