Passwd::Linux - Perl module for manipulating the passwd and shadow files
use Passwd::Linux qw(modpwinfo setpwinfo rmpwnam mgetpwnam); $err = modpwinfo(@info); $err = setpwinfo(@info); $err = rmpwnam(@logins); $err = rmpwnam($login); @info = mgetpwnam($name);
Passwd::Linux provides additional password routines. It augments the getpw* functions with setpwinfo, modpwinfo, rmpwnam, mgetpwnam. You need to run the functions as root or as someone who has permission to read/modify the shadow file.
setpwinfo and modpwinfo are called with arrays containing (in order): name, crypted_password, uid, gid, gecos, home_directory, shell, [ days_since_epoch_password_last_change, days_before_password_may_be_changed, days_after_which_password_must_be_changed, days_before_expire_user_is_warned, days_after_expire_password_is_disabled, days_since_epoch_account_is_disabled ] The optional fields are filled in as <days since the epoch>, 0, 99999, 7, <empty>, <empty>, when not given a value. Read the shadow manpage for additional details of the optional fields from the shadow file
rmpwnam is called with a list of names to remove
mgetpwnam returns the same array that getpwnam returns without the 'unused' age or comment fields it also returns the crypted password and the other shadow file fields if run with root permissions.
setpwinfo does a create/modify of the user. modpwinfo only does a modify, it will return an error if the user doesn't exist.
rmpwnam removes the users with the given logins from both the password and shadow files.
You must be running as root in order to use this module. If it successfully completes an operation and you are not root then you have a huge security problem on your box.
This module as distributed does not allow operations to occur on uid 0 files
Return values: < 0 system error occurred, error value should be in $! 0 no error 1 operation attempt on uid 0 2 user does not exist
modpwinfo setpwinfo rmpwnam mgetpwnam
Eric Estabrooks, email@example.com