1 .\" Copyright (c) 2003 Andries Brouwer (aeb@cwi.nl) and
2 .\" Walter Harms (walter.harms@informatik.uni-oldenburg.de)
4 .\" Distributed under GPL
6 .\" Japanese Version Copyright (c) 2004 Yuichi SATO
7 .\" all rights reserved.
8 .\" Translated 2004-08-20, Yuichi SATO <ysato444@yahoo.co.jp>
10 .TH GETSPNAM 3 2010-02-25 "GNU" "Linux Programmer's Manual"
13 .\"O getspnam, getspnam_r, getspent, getspent_r, setspent, endspent,
14 .\"O fgetspent, fgetspent_r, sgetspent, sgetspent_r, putspent,
15 .\"O lckpwdf, ulckpwdf \- get shadow password file entry
16 getspnam, getspnam_r, getspent, getspent_r, setspent, endspent,fgetspent, fgetspent_r, sgetspent, sgetspent_r, putspent, lckpwdf, ulckpwdf \- shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Î¥¨¥ó¥È¥ê¤ò¼èÆÀ¤¹¤ë
20 .\"O /* General shadow password file API */
21 /* °ìÈÌŪ¤Ê shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë API */
23 .B #include <shadow.h>
25 .BI "struct spwd *getspnam(const char *" name );
27 .B struct spwd *getspent(void);
29 .B void setspent(void);
31 .B void endspent(void);
33 .BI "struct spwd *fgetspent(FILE *" fp );
35 .BI "struct spwd *sgetspent(const char *" s );
37 .BI "int putspent(struct spwd *" p ", FILE *" fp );
41 .B int ulckpwdf(void);
43 .\"O /* GNU extension */
44 /* GNU ÈǤˤª¤±¤ë³ÈÄ¥ */
46 .B #include <shadow.h>
48 .BI "int getspent_r(struct spwd *" spbuf ,
50 .BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
52 .BI "int getspnam_r(const char *" name ", struct spwd *" spbuf ,
54 .BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
56 .BI "int fgetspent_r(FILE *" fp ", struct spwd *" spbuf ,
58 .BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
60 .BI "int sgetspent_r(const char *" s ", struct spwd *" spbuf ,
62 .BI " char *" buf ", size_t " buflen ", struct spwd **" spbufp );
66 .\"O Feature Test Macro Requirements for glibc (see
67 .\"O .BR feature_test_macros (7)):
68 glibc ¸þ¤±¤Îµ¡Ç½¸¡ºº¥Þ¥¯¥í¤ÎÍ×·ï
69 .RB ( feature_test_macros (7)
79 _BSD_SOURCE || _SVID_SOURCE
84 .\"O Long ago it was considered safe to have encrypted passwords openly
85 .\"O visible in the password file.
86 .\"O When computers got faster and people
87 .\"O got more security-conscious, this was no longer acceptable.
88 ÀΤϰŹ沽¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤ò¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Ë
89 ¸«¤¨¤ë¤è¤¦¤Ë¸ø³«¤·¤Æ¤ª¤¤¤Æ¤â°ÂÁ´¤À¤È¹Í¤¨¤é¤ì¤Æ¤¤¤¿¡£
90 .\"O Julianne Frances Haugh implemented the shadow password suite
91 .\"O that keeps the encrypted passwords in
92 .\"O the shadow password database
93 .\"O (e.g., the local shadow password file
94 .\"O .IR /etc/shadow ,
96 .\"O readable only by root.
97 Julianne Frances Haugh ¤Ï shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥¹¥¤¡¼¥È¤ò¼ÂÁõ¤·¤¿¡£
98 ¤³¤ì¤Ï°Å¹æ²½¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤ò¡¢root ¤Î¤ß¤¬Æɤळ¤È¤¬¤Ç¤¤ë
99 shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹ (Î㤨¤Ð¡¢
100 ¥í¡¼¥«¥ë¤Î shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë
105 .\"O The functions described below resemble those for
106 .\"O the traditional password database
108 .\"O .BR getpwnam (3)
110 .\"O .BR getpwent (3)).
111 °Ê²¼¤ÇÀâÌÀ¤¹¤ë´Ø¿ô¤Ï¡¢ÅÁÅýŪ¤Ê¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤ËÂФ¹¤ë
112 ´Ø¿ô¤Ë»÷¤Æ¤¤¤ë (Î㤨¤Ð
117 .\"O .\" FIXME I've commented out the following for the
118 .\"O .\" moment. The relationship between PAM and nsswitch.conf needs
119 .\"O .\" to be clearly documented in one place, which is pointed to by
120 .\"O .\" the pages for the user, group, and shadow password functions.
121 .\"O .\" (Jul 2005, mtk)
123 .\"O .\" This shadow password setup has been superseded by PAM
124 .\"O .\" (pluggable authentication modules), and the file
125 .\"O .\" .I /etc/nsswitch.conf
126 .\"O .\" now describes the sources to be used.
127 .\" FIXME °Ê²¼¤ò°ì»þŪ¤Ë¥³¥á¥ó¥È¥¢¥¦¥È¤·¤¿¡£
128 .\" PAM ¤È nsswitch.conf ¤Î´Ø·¸¤Ë¤Ä¤¤¤Æ¤Ï¡¢¥æ¡¼¥¶¡¢¥°¥ë¡¼¥×¡¢shadow
129 .\" ¥Ñ¥¹¥ï¡¼¥É¤Î´Ø¿ô¤Ë¤Ä¤¤¤Æ¤Î¥Ú¡¼¥¸¤«¤é»²¾È¤µ¤ì¤ë¤É¤³¤«¤Ë¤Ï¤Ã¤¤ê¤È
130 .\" µºÜ¤·¤Æ¤ª¤¯É¬Íפ¬¤¢¤ë¡£
133 .\" ¤³¤Î shadow ¥Ñ¥¹¥ï¡¼¥É¤ÎÀßÄê¤Ï
134 .\" PAM (pluggable authentication modules) ¤Ç¼è¤êÂؤ¨¤ë¤³¤È¤¬¤Ç¤¤ë¡£
135 .\" ¸½ºß¤Î¤È¤³¤í¡¢¤É¤Î¾ðÊ󸻤ò»ÈÍѤ¹¤ë¤«¤Ï
136 .\" .I /etc/nsswitch.conf
137 .\" ¥Õ¥¡¥¤¥ë¤Ëµ½Ò¤µ¤ì¤ë¡£
141 .\"O function returns a pointer to a structure containing
142 .\"O the broken-out fields of the record in the shadow password database
143 .\"O that matches the username
148 ¤Ë¥Þ¥Ã¥Á¤¹¤ë shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤Î¥¨¥ó¥È¥ê¤ò
149 Í×ÁÇËè¤Ëʬ²ò¤·¡¢³ÆÍ×ÁǤò³ÊǼ¤·¤¿¹½Â¤ÂΤؤΥݥ¤¥ó¥¿¤òÊÖ¤¹¡£
153 .\"O function returns a pointer to the next entry in the shadow password
156 ´Ø¿ô¤Ï shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤Ë¤ª¤±¤ë¼¡¤Î¥¨¥ó¥È¥ê¤Ø¤Î¥Ý¥¤¥ó¥¿¤òÊÖ¤¹¡£
157 .\"O The position in the input stream is initialized by
158 .\"O .BR setspent ().
159 ÆþÎÏ¥¹¥È¥ê¡¼¥à¤Ë¤ª¤±¤ë°ÌÃ֤ϡ¢
162 .\"O When done reading, the program may call
164 .\"O so that resources can be deallocated.
165 Æɤ߹þ¤ß¤¬½ª¤ï¤Ã¤¿¸å¤Ë¡¢
167 ¤ò¸Æ¤Ó½Ð¤¹¤È¡¢¥ê¥½¡¼¥¹¤ò²òÊü¤Ç¤¤ë¡£
168 .\"O .\" some systems require a call of setspent() before the first getspent()
169 .\"O .\" glibc does not
170 .\" ºÇ½é¤Ë getspent() ¤ò¸Æ¤Ó½Ð¤¹Á°¤Ë¡¢
171 .\" setspent() ¤ò¸Æ¤Ó½Ð¤µ¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¥·¥¹¥Æ¥à¤â¤¢¤ë¡£
172 .\" glibc ¤Ç¤Ï¤½¤ÎɬÍפ¬¤Ê¤¤¡£
175 .\"O .BR fgetspent ()
176 .\"O function is similar to
178 .\"O but uses the supplied stream instead of the one implicitly opened by
179 .\"O .BR setspent ().
185 ¤Ç°ÅÌۤΤ¦¤Á¤Ë¥ª¡¼¥×¥ó¤µ¤ì¤ë¥¹¥È¥ê¡¼¥à¤Ç¤Ï¤Ê¤¯¡¢Í¿¤¨¤é¤ì¤¿¥¹¥È¥ê¡¼¥à¤ò»È¤¦¡£
188 .\"O .BR sgetspent ()
189 .\"O function parses the supplied string
194 ´Ø¿ô¤ÏÍ¿¤¨¤é¤ì¤¿Ê¸»úÎó
202 .\"O function writes the contents of the supplied struct
205 .\"O as a text line in the shadow password file format to the stream
208 ´Ø¿ô¤ÏÍ¿¤¨¤é¤ì¤¿ struct
211 ¤ÎÆâÍƤò shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë·Á¼°¤Î¥Æ¥¥¹¥È¹Ô¤Ç¥¹¥È¥ê¡¼¥à
214 .\"O String entries with value NULL and numerical entries with value \-1
215 .\"O are written as an empty string.
217 Ãͤ¬ NULL ¤Îʸ»úÎ󥨥ó¥È¥ê¤ÈÃͤ¬ \-1 ¤Î¿ôÃÍ¥¨¥ó¥È¥ê¤¬
222 .\"O function is intended to protect against multiple simultaneous accesses
223 .\"O of the shadow password database.
224 .\"O It tries to acquire a lock, and returns 0 on success,
225 .\"O or \-1 on failure (lock not obtained within 15 seconds).
227 ´Ø¿ô¤Ï¡¢ shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤ò
228 ¿½ÅƱ»þ¥¢¥¯¥»¥¹¤«¤é¼é¤ë¤¿¤á¤Î¤â¤Î¤Ç¤¢¤ë¡£
229 ¤³¤Î´Ø¿ô¤Ï¥í¥Ã¥¯¤Î³ÍÆÀ¤ò»î¤ß¡¢
230 À®¸ù¤·¤¿¾ì¹ç¤Ï 0 ¤òÊÖ¤¹¡£
231 ¼ºÇÔ¤·¤¿¾ì¹ç (15 ÉðÊÆâ¤Ë¥í¥Ã¥¯¤¬¼èÆÀ¤Ç¤¤Ê¤«¤Ã¤¿¾ì¹ç) ¤Ï \-1 ¤òÊÖ¤¹¡£
234 .\"O function releases the lock again.
236 ´Ø¿ô¤Ï¥í¥Ã¥¯¤òºÆ¤Ó²òÊü¤¹¤ë¡£
237 .\"O Note that there is no protection against direct access of the shadow
239 .\"O Only programs that use
241 .\"O will notice the lock.
242 shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Ø¤ÎľÀÜ¥¢¥¯¥»¥¹¤«¤é
243 Êݸ¤ë¼êÃʤ¬¤Ê¤¤ÅÀ¤ËÃí°Õ¤¹¤ë¤³¤È¡£
245 ¤ò»È¤¦¥×¥í¥°¥é¥à¤À¤±¤¬¥í¥Ã¥¯¤òÄÌÃΤǤ¤ë¡£
247 .\"O These were the functions that formed the original shadow API.
248 .\"O They are widely available.
249 .\"O .\" Also in libc5
250 .\"O .\" SUN doesn't have sgetspent()
251 ¤³¤ì¤é¤Î´Ø¿ô¤Ï¥ª¥ê¥¸¥Ê¥ë¤Î shadow API ¤ò¹½À®¤·¤Æ¤¤¤¿´Ø¿ô¤Ç¤¢¤ê¡¢
252 ¤¤¤í¤¤¤í¤Ê¥·¥¹¥Æ¥à¤Ç¹¤¯ÍøÍѲÄǽ¤Ç¤¢¤ë¡£
253 .\" libc5 ¤Ç¤âÍøÍѲÄǽ¤Ç¤¢¤ë¡£
254 .\" SUN ¤Ë¤Ï sgetspent() ¤¬¤Ê¤¤¡£
255 .\"O .SS "Reentrant versions"
257 .\"O Analogous to the reentrant functions for the password database, glibc
258 .\"O also has reentrant functions for the shadow password database.
259 ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤ËÂФ¹¤ë¥ê¥¨¥ó¥È¥é¥ó¥ÈÈǤÈƱ¤¸¤è¤¦¤Ë¡¢
260 glibc ¤Ë¤Ï shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤ËÂФ·¤Æ¥ê¥¨¥ó¥È¥é¥ó¥ÈÈǤ¬¤¢¤ë¡£
262 .\"O .BR getspnam_r ()
263 .\"O function is like
265 .\"O but stores the retrieved shadow password structure in the space pointed to by
270 ¤È»÷¤Æ¤¤¤ë¤¬¡¢¼èÆÀ¤·¤¿ shadow ¥Ñ¥¹¥ï¡¼¥É¹½Â¤ÂΤò
272 ¤¬»Ø¤¹Îΰè¤Ë³ÊǼ¤¹¤ë¡£
273 .\"O This shadow password structure contains pointers to strings, and these strings
274 .\"O are stored in the buffer
278 shadow ¥Ñ¥¹¥ï¡¼¥É¹½Â¤ÂΤÏʸ»úÎ󷲤ؤΥݥ¤¥ó¥¿¤ò´Þ¤ß¡¢
279 ¤³¤ì¤é¤Îʸ»úÎ󷲤ϥµ¥¤¥º
284 .\"O A pointer to the result (in case of success) or NULL (in case no entry
285 .\"O was found or an error occurred) is stored in
288 ¤Ë¤Ï (À®¸ù¤·¤¿¾ì¹ç¤Ï) ·ë²Ì¤Ø¤Î¥Ý¥¤¥ó¥¿¤¬³ÊǼ¤µ¤ì¡¢
289 (¥¨¥ó¥È¥ê¤¬¸«¤Ä¤«¤é¤Ê¤«¤Ã¤¿¾ì¹ç¤Þ¤¿¤Ï¥¨¥é¡¼¤¬µ¯¤³¤Ã¤¿¾ì¹ç¤Ï)
293 .\"O .BR getspent_r (),
294 .\"O .BR fgetspent_r (),
296 .\"O .BR sgetspent_r ()
297 .\"O are similarly analogous to their nonreentrant counterparts.
302 ¤Ï¤½¤ì¤¾¤ì¥ê¥¨¥ó¥È¥é¥ó¥È¤Ç¤Ê¤¤¥Ð¡¼¥¸¥ç¥ó¤ÈƱÍͤε¡Ç½¤ò»ý¤Ä¡£
304 .\"O Some non-glibc systems also have functions with these names,
305 .\"O often with different prototypes.
306 .\"O .\" SUN doesn't have sgetspent_r()
307 glibc ¤Ç¤Ê¤¤¥·¥¹¥Æ¥à¤Ë¤â¤³¤ì¤é¤ÈƱ¤¸Ì¾Á°¤Î´Ø¿ô¤¬¤¢¤ë¤¬¡¢
308 ¥×¥í¥È¥¿¥¤¥×¤¬°Û¤Ê¤ë¤³¤È¤â¿¤¤¡£
309 .\" SUN ¤Ë¤Ï sgetspent_r() ¤¬¤Ê¤¤¡£
312 .\"O The shadow password structure is defined in \fI<shadow.h>\fP as follows:
313 shadow ¥Ñ¥¹¥ï¡¼¥É¹½Â¤ÂÎ¤Ï \fI<shadow.h>\fP ¤Ç°Ê²¼¤Î¤è¤¦¤ËÄêµÁ¤µ¤ì¤Æ¤¤¤ë:
318 .\"O char *sp_namp; /* Login name */
319 .\"O char *sp_pwdp; /* Encrypted password */
320 .\"O long sp_lstchg; /* Date of last change (measured
321 .\"O in days since 1970-01-01 00:00:00 +0000 (UTC)) */
322 .\"O long sp_min; /* Min # of days between changes */
323 .\"O long sp_max; /* Max # of days between changes */
324 .\"O long sp_warn; /* # of days before password expires
325 .\"O to warn user to change it */
326 .\"O long sp_inact; /* # of days after password expires
327 .\"O until account is disabled */
328 .\"O long sp_expire; /* Date when account expires (measured
329 .\"O in days since 1970-01-01 00:00:00 +0000 (UTC)) */
330 .\"O unsigned long sp_flag; /* Reserved */
331 char *sp_namp; /* ¥í¥°¥¤¥ó̾ */
332 char *sp_pwdp; /* °Å¹æ²½¤µ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É */
333 long sp_lstchg; /* ºÇ½ª¹¹¿·Æü
334 (1970-01-01 00:00:00 +0000 (UTC)) ¤«¤é¤ÎÆü¿ô) */
335 long sp_min; /* Êѹ¹¤¬½ÐÍè¤ë¤è¤¦¤Ë¤Ê¤ë¤Þ¤Ç¤ÎºÇûÆü¿ô */
336 long sp_max; /* Êѹ¹¤ò¤·¤Ê¤¯¤Æ¤â¤è¤¤ºÇĹÆü¿ô */
337 long sp_warn; /* ¥Ñ¥¹¥ï¡¼¥É¤¬´ü¸ÂÀÚ¤ì¤Ë¤Ê¤ëÁ°¤Ë
338 ¥æ¡¼¥¶¤ËÊѹ¹¤Î·Ù¹ð¤ò½Ð¤¹Æü¿ô */
339 long sp_inact; /* ¥Ñ¥¹¥ï¡¼¥É¤¬´ü¸ÂÀÚ¤ì¤Ë¤Ê¤Ã¤Æ¤«¤é
340 ¥¢¥«¥¦¥ó¥È¤¬Ìµ¸ú¤Ë¤Ê¤ë¤Þ¤Ç¤ÎÆü¿ô */
341 long sp_expire; /* ¥¢¥«¥¦¥ó¥È¤¬Ìµ¸ú¤Ë¤Ê¤ëÆüÉÕ
342 (1970-01-01 00:00:00 +0000 (UTC)) ¤«¤é¤ÎÆü¿ô) */
343 unsigned long sp_flag; /* ͽÌó¥Õ¥£¡¼¥ë¥É */
347 .\"O .SH "RETURN VALUE"
349 .\"O The functions that return a pointer return NULL if no more entries
350 .\"O are available or if an error occurs during processing.
351 ¥Ý¥¤¥ó¥¿¤òÊÖ¤¹´Ø¿ô¤Ï¡¢¤³¤ì°Ê¾å¥¨¥ó¥È¥ê¤¬¤Ê¤¤¾ì¹ç¤ä
352 ½èÍýÃæ¤Ë¥¨¥é¡¼¤¬È¯À¸¤·¤¿¾ì¹ç NULL ¤òÊÖ¤¹¡£
353 .\"O The functions which have \fIint\fP as the return value return 0 for
354 .\"O success and \-1 for failure.
355 \fIint\fP ¤òÊÖ¤êÃͤȤ·¤Æ»ý¤Ä´Ø¿ô¤Ï¡¢
356 À®¸ù¤·¤¿¾ì¹ç 0 ¤òÊÖ¤·¡¢¼ºÇÔ¤·¤¿¾ì¹ç \-1 ¤òÊÖ¤¹¡£
358 .\"O For the nonreentrant functions, the return value may point to static area,
359 .\"O and may be overwritten by subsequent calls to these functions.
360 ¥ê¥¨¥ó¥È¥é¥ó¥ÈÈǤǤʤ¤´Ø¿ô¤Ç¤Ï¡¢ÊÖ¤êÃͤ¬ÀÅŪ¤ÊÎΰè¤ò»Ø¤·¤Æ¤ª¤ê¡¢
361 °ú¤Â³¤¤¤Æ¤³¤ì¤é¤Î´Ø¿ô¤ò¸Æ¤Ó½Ð¤·¤¿¾ì¹ç¤Ë¾å½ñ¤¤µ¤ì¤ë²ÄǽÀ¤¬¤¢¤ë¡£
363 .\"O The reentrant functions return zero on success.
364 ¥ê¥¨¥ó¥È¥é¥ó¥ÈÈǤδؿô¤Ï¡¢À®¸ù¤·¤¿¾ì¹ç¤Ë 0 ¤òÊÖ¤¹¡£
365 .\"O In case of error, an error number is returned.
366 ¥¨¥é¡¼¤Î¾ì¹ç¤Ï¡¢¥¨¥é¡¼Èֹ椬ÊÖ¤µ¤ì¤ë¡£
371 .\"O Supplied buffer is too small.
372 Í¿¤¨¤é¤ì¤¿¥Ð¥Ã¥Õ¥¡¤¬¾®¤µ¤¹¤®¤ë¡£
377 .\"O local shadow password database file
378 ¥í¡¼¥«¥ë¤Î shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¥Õ¥¡¥¤¥ë
384 .\"O The include file
386 .\"O defines the constant
388 .\"O to the pathname of the shadow password file.
394 ¤³¤ì¤Ï shadow ¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤Î¥Ñ¥¹Ì¾¤Ç¤¢¤ë¡£
395 .\"O .SH "CONFORMING TO"
397 .\"O The shadow password database and its associated API are
398 .\"O not specified in POSIX.1-2001.
399 .\"O However, many other systems provide a similar API.
400 shadow ¥Ñ¥¹¥ï¡¼¥É¡¦¥Ç¡¼¥¿¥Ù¡¼¥¹¤È´ØÏ¢ API ¤Ï POSIX.1-2001
401 ¤Ë¤ÏµºÜ¤µ¤ì¤Æ¤¤¤Ê¤¤¡£¤·¤«¤·¤Ê¤¬¤é¡¢Â¿¤¯¤Î¾¤Î¥·¥¹¥Æ¥à¤Ç¤â
402 ƱÍͤΠAPI ¤¬Ä󶡤µ¤ì¤Æ¤¤¤ë¡£