getpwnam() works, but not getspwnam()

[msc0tt]

I've got a script (runs as root) that needs the crypt'd passwd entry for a user. Using the getpwnam() function, all I get is the 'x' (from /etc/passwd). I really need the long hash from /etc/shadow. Is there a trick, or do I need a 'shadow password' Perl module?
My Perl version is: 5.8.0
-thanks

 

[nix45]

I did some googling and found that this will return the encrypted password for you...


#!/usr/bin/perl

($user, $pw, $uid, $gid, $home, $shell) = getpwnam(username);

print "username = $user, encrypted password = $pw\n";


Chris

 

[msc0tt]

Hey Chris,

Thanks for your reply, but your example was my first attempt prior to posting. It returns the value 'x' for $pw (which is the actual value stored in the /etc/passwd file). My goal is to retrieve the 'true' passwd value, which is stored in /etc/shadow on my Linux system.
I too Googled around, and discovered that this is quite a moving target with many behaviours.

I chose to roll-my-own solution, posted below:


sub getspwnam {
my ($login) = @_;
my (@entry, @elements);
my ($line);

@entry = getspwnam($login);
return (@entry) if (@entry == 0);
open(SPW, "/etc/shadow&quot || return (@entry);
while ($line = <SPW>) {
@elements = split(/:/, $line);
next if ($elements[0] ne &quot;$login&quot;
$entry[1] = $elements[1];
last;
}
close(SPW);
return (@entry);
}


Note: this is a quick-and-dirty sub() to get the job done. I does little errorchecking, and might even have a bug or two. Coding improvments are welcome, but please keep it constructive. -thanks, Mike.

 

[fluid11]

Thats odd because it works on my RH90 system.

[chrisp@pulse chrisp]$ su -c &quot;perl pw.pl&quot;
Password:
username = chrisp, encrypted password = $1$cuIg/0nV$rZeEI1sx/meUj88CiQGnn0

What Unix/Linux distro are you running? I googled and found a few Debian users who are having the same problem as you.

Chris

 

[fluid11]

...posted under the wrong user account above. Should have been from nix45.

 

[msc0tt]

Different member accounts??? Hmmm.... Curious.... ;-{)

As I indicated, the differing behaviours are due to philosophical differences, specifically security.

In my situation, I was using an older Slackware box (not sure which version). I just tried the exact code on my newest Slackware 9 box, and lo-and-behold, the getpwnam() does return the true crypt password. Go figure.

-later

 

[nix45]

fyi, the reason for the different user accounts is because I use one for work (nix45), and the other at home (fluid11). I had a reason for this in the past, but I would love to consolidate them now if thats at all possible (keep the nix45 name, and fluid11's MVP votes and FAQs).