checkpassword - check a password
checkpassword reads descriptor 3 through end of file and then closes
descriptor 3. There must be at most 512 bytes of data before end of
The information supplied on descriptor 3 is a login name terminated by
\0, a password terminated by \0, a timestamp terminated by \0, and
possibly more data. There are no other restrictions on the form of the
login name, password, and timestamp.
If the password is unacceptable, checkpassword exits 1. If
checkpassword is misused, it may instead exit 2. If there is a
temporary problem checking the password, checkpassword exits 111.
If the password is acceptable, checkpassword runs prog. prog consists
of one or more arguments.
There are other tools that offer the same interface as checkpassword.
Applications that use checkpassword are encouraged to take the
checkpassword name as an argument, so that they can be used with
Note that these tools do not follow the getopt(3) interface. Optional
features are controlled through (1) the tool name and (2) environment
THE PASSWORD DATABASE
checkpassword checks the login name and password against /etc/passwd,
using the operating system’s getpwnam(3) and crypt(3) functions,
supplemented by getspnam. It rejects accounts with empty passwords.
It ignores the timestamp.
Other checkpassword-compatible tools have different interpretations of
login names, passwords, and timestamps. Both the login name and the
password should be treated as secrets by the application calling
checkpassword; the only distinction is for administrative convenience.
The timestamp should include any other information that the password is
based on; for example, the challenge in a challenge-response system
such as APOP.
WARNING: getpwnam is inherently unreliable. It fails to distinguish
between temporary errors and nonexistent users. Future versions of
getpwnam(3) should return ETXTBSY to indicate temporary errors and
ESRCH to indicate nonexistent users.
Before invoking prog, checkpassword sets up $USER, $HOME, $SHELL, its
supplementary groups, its gid, its uid, and its working directory.
Other checkpassword-compatible tools may make different changes to the
process state. It is crucial for these effects to be documented;
different applications have different requirements.