smp_pw_change(S)
smp_pw_change --
check user authorization to change password
Syntax
cc . . . -lprot
#include <sys/types.h>
#include <prot.h>
int smp_pw_change(usrp, reasonp)
struct smp_user_info *usrp;
char **reasonp;
Description
smp_pw_change queries whether the invoking user
is allowed to change the password of the account specified
previously by a call to smp_check_user. For this
routine to be meaningful, smp_check_user should
have been called with the typ argument specified
as SMP_PASSWD.
usrp points to a smp_user_info
structure which has been created by the previous call to
smp_check_user. If the invoker is not changing
their own password, this is used by smp_pw_change
to check whether the invoking user is authorized to change
the password of the account.
Before checking whether the invoker is authorized to change
the password, smp_pw_change ensures that the
invoker has permission to either generate or pick a
password (flags u_genpwd and u_pickpw
respectively, see
prpw(F)
).
Authorization to change the password is given if any one of the following
four conditions exist:
-
The invoker has auth subsystem authorization, see
auths(C)
and
authorize(F).
-
The invoker has passwd secondary subsystem
authorization and the account for which the password is to
be changed does not have auth subsystem
authorization.
-
The UID of the invoker matches the UID
permitted to change the password for the account (field
u_pswduser, see
prpw(F)).
-
The invoker is changing his or her own password.
smp_pw_change will return an error if it is
unable to read the subsystem authorization file.
If the invoker is changing his or her own password and an
old password exists, the calling program should prompt for
the old password before allowing the change.
reasonp is used with certain return values to
store a descriptive message.
Return values
Note that this routine also stores its return value
for later use in auditing of failures.
SMP_NOTOWNER-
Returned in two cases:
-
the invoking user is not allowed to generate or pick a passwd
-
the invoking user does not own the account and none of the above conditions
which entitle the invoker to change the passwd have been met
The operation should not continue.
SMP_HASPW-
The account belongs to the invoking user and the account already has
a passwd. The calling program should prompt the user for the old
password and check it before allowing the password to be changed.
SMP_NULLPW-
One of the above four authorization conditions is true. In all cases
the account's password can be changed without providing the old password.
If the invoker is changing his or her own password, no password currently
exists.
SMP_EXTFAIL-
External failure - returned in two cases:
-
the subsystem authorization file could not be read
-
auth subsystem authorization is missing from the authorization file
reasonp points to a character string explaining the cause of the
error. The operation should not continue.
Diagnostics
All diagnostics are returned as strings pointed to by the
argument reasonp. It is up to the calling
program to display these for the user. In each case the
return value is also noted.
Can't parse /etc/auth/system/authorize
-
The subsystem authorization file cannot be found or cannot be read.
SMP_EXTFAIL is returned.
Can't find auth in /etc/auth/system/authorize
-
The auth subsystem authorization is not present in the subsystem
authorization file. SMP_EXTFAIL is returned.
Examples
The following example illustrates the usage of smp_pw_change:
...
switch (smp_check_user(SMP_PASSWD, username, NULL,
starting_ruid(), &userp, &pwtries, &reason)) {
...
}
switch (smp_pw_change(userp, &reason)) {
case SMP_NOTOWNER:
put("can't change that password\n");
smp_audit_fail(userp);
exit(1);
case SMP_EXTFAIL:
put(reason);
put("\n");
exit(1);
case SMP_HASPW:
noecho();
put("old password: ");
switch (smp_check_pw(gets(line), userp, &reason)) {
...
}
put("\n");
echo();
case SMP_NULLPW:
break;
}
Files
/lib/libprot.a-
security subsystem library routines
/usr/lib/libp/libprot.a-
as above but used for profiling
/usr/include/prot.h-
defines the smp_user_info structure
/etc/auth/system/authorize-
subsystem authorizations, see
authorize(F)
/etc/auth/subsystems/dflt_users-
authorization default users, see
authcap(F)
/etc/auth/system/default-
system default database, see
default(F)
See also
smp_check_user(S),
smp_generate_pw(S),
smp_get_messages(S),
smp_pw_choice(S),
smp_set_identity(S),
smp_set_pw(S),
smp_try_pw(S)
Standards conformance
smp_pw_change is not part of any currently
supported standard; it is an extension of AT&T System V
provided by The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003