DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

smp_pw_choice(S)

smp_pw_choice -- check password types

Syntax

cc . . . -lprot 
#include <sys/types.h>
#include <prot.h>


int smp_pw_choice(usrp, reasonp)
struct smp_user_info *usrp;
char **reasonp;

Description

smp_pw_choice is used to determine whether the password for an account can be picked by the user or generated using the password generator, see randomword(S).

usrp points to an smp_user_info structure which has been created by a previous call to smp_check_user. If SMP_LOGIN was specified as the typ argument for smp_user_info, then smp_pw_choice returns information for the account specified by the name argument. If SMP_PASSWD is specified, then the information returned is for the account of the invoker. In both case permission is determined by checking the u_genpwd and u_pickpw flags, see prpw(F), for appropriate account and system defaults.

If SMP_PASSWD has been specified and the invoker is not checking their own account, then smp_pw_choice first checks to see if the invoker has auth subsystem authorization, see auths(C) and authorize(F), in which case SMP_CHOOSE is returned.

reasonp is used with certain return values to store a descriptive message.

Return values

Note that this routine also stores its return value for later use in auditing of failures.

SMP_CHOOSE
The account password can be either picked by the user or generated using a password generator.

SMP_GENERATE
The account password can only be generated using a password generator.

SMP_PICK
The account password can only be picked by the user.

SMP_EXTFAIL
The account password cannot be changed. reasonp points to a character string which contains an explanation.

Diagnostics

All diagnostics are returned as strings pointed to by the argument reasonp. It is up to the calling program to display these for the user. In each case the return value is also noted.

User cannot set passwords
The invoker does not have permission to change the password on the specified account. SMP_EXTFAIL is returned.

Examples

The following example illustrates the usage of smp_pw_choice: 
...
int pwtype;
...
switch (smp_check_user(SMP_LOGIN, gets(line), ttyname(0), 0,
                      &usrp, &pwtry, &reason)) {
...
    case SMP_PWREQ:
        put("\nmust set password now\n");


        if ((pwtype=smp_pw_choice(userp, &reason)) == SMP_CHOOSE) {
            put("generate a password? ");
            if (tolower(*gets(line))=='y')
                pwtype = SMP_GENERATE;
            else
                pwtype = SMP_PICK;
        } else if (pwtype == SMP_EXTFAIL) {
            put(reason);
            put("\n");
            exit(1);
        }
...
}

Files


/lib/libprot.a
security subsystem library routines

/usr/lib/libp/libprot.a
as above but used for profiling

/usr/include/prot.h
defines the smp_user_info structure

/etc/auth/system/authorize
subsystem authorizations, see authorize(F)

/etc/auth/subsystems/dflt_users
authorization default users, see authcap(F)

/etc/auth/system/default
system default database, see default(F)

See also

smp_check_user(S), smp_check_pw(S), smp_generate_pw(S), smp_get_messages(S), smp_pw_change(S), smp_set_identity(S), smp_set_pw(S), smp_try_pw(S)

Standards conformance

smp_pw_choice is not part of any currently supported standard; it is an extension of AT&T System V provided by The Santa Cruz Operation, Inc.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003