Solved

Need API call that authentificates against Linux' user/pass database.

Posted on 2004-08-17
3
225 Views
Last Modified: 2010-04-22
Is there an API call, to which you pass a user name and password and says if they are correct by looking at the Linux's user/password database (/etc/passwd or shadowed passwords)?. I would like it to be portable to Unix and *BSD if possible.
If there is a way to get all the OS's user and password database that would do the job too.

I first asked here: http://www.experts-exchange.com/Programming/Programming_Languages/Cplusplus/Q_21095702.html
But as this question is somewhat different and specific to Linux/*nix/*BSD platform, I'm posting it here.
0
Comment
Question by:pulupul
3 Comments
 
LVL 23

Accepted Solution

by:
brettmjohnson earned 300 total points
Comment Utility
0
 
LVL 3

Author Comment

by:pulupul
Comment Utility
I've been looking at http://www.freebsd.org/cgi/man.cgi?query=pam_unix&sektion=8, and it might be what I need. But, how do you use it from a C++ program? is it shared library?
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
Comment Utility
If you want it portable across various flavors of Linux & Unix you don't want to be using PAM as it's implementation differs and it isn't supported by all variants.

What will work on all platforms that use local authentication is to take the plaintext user password, the salt from the encrupted copy of the password and compute a DES or MD5 password. Compare that to what's in the passwd/shadow file and if the match the user is authenticated.

The problem with that approach is that you need read access to the encrypted passwords, which is only granted to root on any modern Linux/Unix. Additionally the system may not be using local authentication and could be authenticating via Kerberos, LDAP, or any of a number of other methods (usually via PAM).

To see how this is done on a variety of platforms I'd suggest that you look thorugh the source code to OpenSSH's sshd.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now