Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!mstan!tli From: tli@Morgan.COM ( IBM) Newsgroups: comp.unix.aix Subject: Re: Password Verification Message-ID: <3533@s5.Morgan.COM> Date: 17 Jun 91 18:13:00 GMT References: <16390@smoke.brl.mil> Organization: IBM Corporation, NYC Lines: 48 In article <16390@smoke.brl.mil> somsky@brl.mil (William R. Somsky) writes: >I'd like to put 'xlock' onto our systems, but I'm having difficulty >with the unlock user verification part. What xlock normally does is ask >for the user's password and compares this (via the appropriate encryption >routines) with the entry found in /etc/passwd. With the passwords stored >in /etc/security/passwd, however, this fails. Has anyone worked this out? >Should I make xlock be suid root? What would be needed to read the >/etc/security/passwd file? For getting the info out of /etc/passwd, >there is some library routin (I forget the name just now) which reads >the /etc/passwd file and extracts the relevant information. Is there >an appropriate function for the /etc/security/passwd file? Does anyone >have any suggestions? (And yes, I've already dealt with Ctl-Alt-Backspace.) >William R. Somsky somsky@brl.mil The following are the modifications I made to the code. modified xlock.c getPassword() to read: XWindowAttributes xgwa; int y, /* moved the int declaration aft xgwa */ left, done; #ifdef _AIX uid_t uuid; char user[10]; uuid = getuid(); pw = getpwuid(uuid); strcpy(user,pw->pw_name); strcpy(userpass, pw->pw_passwd); #else char *user = getenv(USERNAME); #endif .. .. .. /* added if not def since user and userpass was set at start of getPassword */ #ifndef _AIX pw = getpwnam(user); strcpy(userpass, pw->pw_passwd); #endif =============================================================== Thomas Y. Li Email: tli@nycvmic4.iinus1.ibm.com IBM Corporation tli%nycvmic4@iinus1.ibm.com 33 Maiden Lane 10th Floor tli@morgan.com New York, NY 10038 (212) 493-2516 T/L 340 VNET: tli at nycvmic4