Subject: Re: passwd.conf(5), pw_getconf(3), and the structure of pw_passwd
To: None <>
From: Greg A. Woods <>
List: tech-userlevel
Date: 09/30/2002 13:17:51
[ On Monday, September 30, 2002 at 13:32:41 (+0300), Alistair G. Crooks wrote: ]
> Subject: CVS commit: basesrc/usr.sbin/user
> Module Name:	basesrc
> Committed By:	agc
> Date:		Mon Sep 30 10:32:41 UTC 2002
> Modified Files:
> 	basesrc/usr.sbin/user: user.c
> Log Message:
> Handle PR 18474 in a more safe and scalable fashion - keep a table of
> password types, and their associated lengths, and check in useradd or
> usermod whether the given encrypted password has the correct length.
> This removes the (duplicated) hardcoded lengths which had crept in
> with the last commit, and also checks the length of the given password
> against the expected length.

When I first encountered passwd.conf(5) and pw_getconf(3) I wondered if
maybe this information describing the structure of the pw_passwd field
shouldn't also be made available to callers.   It's probably best if
this information is hard-coded in libc (not much point in specifying it
in a user-modifiable table if the code like crypt(3) can't honour the
table's specifications).

With the help of a tiny user-land utility to retrieve such additional
information then the consistency checks in places like /etc/security
could be better parameterized too.

user(8) should probably enforce, at least by default, the settings in
/etc/passwd.conf too.....

								Greg A. Woods

+1 416 218-0098;            <>;           <>
Planix, Inc. <>; VE3TCP; Secrets of the Weird <>