Re: processing system user login

Most systems don't store the encrypted password in /etc/passwd anymore but move it to a file with stricter access control (often /etc/shadow). In these cases what you get from getpwnam() under a non-privileged account is just a dummy that has nothing to do with the actual user password. Only a user who has access to the shadow file (root) can verify a password using your code. Try running it under root.

Anno

Comment on Re: processing system user login

Replies are listed 'Best First'.
Re^2: processing system user login by rvosa (Curate) on Feb 26, 2007 at 10:21 UTC
Thanks for the reply. On my system, in any case, there is no /etc/shadow - so I guess what I'm looking for is a module that abstracts this a little bit, taking these OS differences into account. Any suggestions?	[reply]
Re^3: processing system user login by GrandFather (Saint) on Feb 26, 2007 at 10:25 UTC
In reply to a previous question radiantmatrix offers Re: Unix Password for validation which may help. DWIM is Perl's answer to Gödel	[reply]
Re^3: processing system user login by Anno (Deacon) on Feb 26, 2007 at 10:37 UTC
Never mind whether it's /etc/shadow or something else, the usual behavior is that getpwnam() retrieves the useless entry from /etc/passwd for non-privileged users and the encryption of the real password for root. Your code is fine. What you need is not a module but sufficient privileges. Anno	[reply]