Solved

Need API call that authentificates against Linux' user/pass database.

Posted on 2004-08-17
3
243 Views
Last Modified: 2010-04-22
Is there an API call, to which you pass a user name and password and says if they are correct by looking at the Linux's user/password database (/etc/passwd or shadowed passwords)?. I would like it to be portable to Unix and *BSD if possible.
If there is a way to get all the OS's user and password database that would do the job too.

I first asked here: http://www.experts-exchange.com/Programming/Programming_Languages/Cplusplus/Q_21095702.html
But as this question is somewhat different and specific to Linux/*nix/*BSD platform, I'm posting it here.
0
Comment
Question by:pulupul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Accepted Solution

by:
brettmjohnson earned 300 total points
ID: 11821288
0
 
LVL 3

Author Comment

by:pulupul
ID: 11823047
I've been looking at http://www.freebsd.org/cgi/man.cgi?query=pam_unix&sektion=8, and it might be what I need. But, how do you use it from a C++ program? is it shared library?
0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 100 total points
ID: 11823724
If you want it portable across various flavors of Linux & Unix you don't want to be using PAM as it's implementation differs and it isn't supported by all variants.

What will work on all platforms that use local authentication is to take the plaintext user password, the salt from the encrupted copy of the password and compute a DES or MD5 password. Compare that to what's in the passwd/shadow file and if the match the user is authenticated.

The problem with that approach is that you need read access to the encrypted passwords, which is only granted to root on any modern Linux/Unix. Additionally the system may not be using local authentication and could be authenticating via Kerberos, LDAP, or any of a number of other methods (usually via PAM).

To see how this is done on a variety of platforms I'd suggest that you look thorugh the source code to OpenSSH's sshd.
0

Featured Post

Interactive Way of Training for the AWS CSA Exam

An interactive way of learning that will help you visualize core concepts so that you can be more effective when taking your AWS certification exam.  Built for students by a student to help them understand the concepts that they are being taught.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question