Previous Next Contents

3.3 Standard entries in pwdb structures

The following are standard entries in the pwdb structure. They can be read/written with calls to pwdb_g/set_entry.

First, we consider the "user" class of databases. For these, two entries are mandatory. They correspond to the name of the user and the user's uid.

user

character string; the user's login id.

uid

uid_t; the user's user-id.

The next entries are named by convention. Where possible new database functions should map these entries into their corresponding fields. These entries correspond to the entries in the /etc/passwd file.

passwd

character string; the encrypted password for the user.

defer_pass

This entry is intended to take care of situations that the normal passwd field is not used for the password. The defer_pass entry contains a character string that has typically two functions:

For example, for a unix+shadow setup, defer_pass would have the value ``x''. The unix (no shadow) value for this entry is ``U'' which implies that the passwd field came from the user's entry in the /etc/passwd file.

gid

gid_t; the user's principal group-id.

group

character string; naming the user's principal group.

gecos

character string; giving a more complete name for the user. It is conventional for this field to contain office and other information concerning the real-world identity of the user.

dir

character string; the home directory of the user.

shell

character string; the shell that the user prefers to use.

These entries correspond to the entries in the /etc/group file in addition to the user and gid entries above. They can be pwdb_request()d from the "group" class of databases.

groups

character string; listing the group memberships of the user. The field separators are commas -- no spaces.

groupids

array of gid_t; an array containing the group id's of the user in numerical form.

The following are intended to correspond to /etc/shadow entries.

last_change

long integer; day of last change of password

min_change

long integer; minimum number of days between password changes

max_change

integer; maximum number of days between password changes

warn_change

long integer; number of days to warn user to change their password before it expires

defer_change

long integer; number of days after a user's password has expired before the user is denied access

expire

long integer; day the user's account expires

The following is the entry used to supply a clear-text password for access to the database.

pass_phrase

character string; this is the password required to access the user's record in a database

When integrating another database format the implementor is strongly encouraged to try to reuse the entries above to the extent they are appropriate. Should there be an absent entry in any database, the database management functions should be able to supply a reasonable default but only when updating its database.


Previous Next Contents