SECURITY-PASSWORD(2)                         SECURITY-PASSWORD(2)

     NAME
          password: get, put, setpwfile - read and write password
          entries in the password file

     SYNOPSIS
          include "keyring.m";
          include "security.m";
          pw := load Password Password->PATH;

          PW: adt {
              id:     string;         # user id
              pw:     array of byte;  # hashed password
              expire: int;            # expiration time
              other:  string;         # about the account
          };

          get:    fn(id: string): ref PW;
          put:    fn(pass: ref PW): int;
          setpwfile:   fn(file: string): string;

     DESCRIPTION
          This module provides a convenient interface to a server's
          password file (default: /keydb/password).  Each entry in the
          file contains information corresponding to the members of
          the PW adt, with the following members:

          id      user identification string (should be less than
                  Sys->NAMELEN bytes)

          pw      password hashed by the SHA algorithm (see keyring-
                  sha(2)) into a byte array

          expire  password entry expiry date expressed as seconds from
                  the epoch (1 Jan 1970 00:00:00 GMT); see daytime(2)

          other   arbitrary administrative comment

          The functions provide access to the file.  If user id has
          got a corresponding entry in the password file, get returns
          a PW adt with the data from that entry.  Otherwise, it
          returns a nil reference.

          Put creates or updates the password entry for pass.id, with
          the data in pass. The password file itself is created if
          necessary.

          The standard system password file is used by default, but an
          application might maintain a set of passwords of its own.
          It can use the Password module to access the file, by first

     Page 1                       Plan 9             (printed 3/28/24)

     SECURITY-PASSWORD(2)                         SECURITY-PASSWORD(2)

          calling setpwfile to name the file to be used by get and
          put.

     FILES
          /keydb/password

     SOURCE
          /appl/lib/password.b

     SEE ALSO
          changelogin(8), logind(8)

     BUGS
          Access to the password file is not serialised; the password
          file entries should be protected by encryption.  Both prob-
          lems will be solved by replacing these routines by a file
          server to manage the entries.

     Page 2                       Plan 9             (printed 3/28/24)