Alternate Password Library 1.2.0 review
DownloadAlternate Password Library (libaltpw) adds alternate password support dynamically with LD_PRELOAD or by linking the shared library wi
|
|
Alternate Password Library (libaltpw) adds alternate password support dynamically with LD_PRELOAD or by linking the shared library with the executable.
Useful, for example, to make sendmail, procmail, and pop3d use an alternate password if you are an ISP.
Works with any program that uses the getpw* family of functions and the password file is configurable through the environment.
Basically this is just another library, you can link against it and it overrides getpw* to point at an alternate password file specified by the environment variable ALTPASSWD.
So the normal way to use it, in non SUID form, would be:
# export ALTPASSWD=/some/other/passwd.file
# export LD_PRELOAD=/usr/local/lib/libaltpw.so.X
# < some command >
And some command will see the alternate password file. This does not work in an SUID contect because LD_PRELOAD is ignored for SUID binaries. To help determine when things will and will not work like expected, there is the runaltpw command. So the above becomes this:
# runaltpw /some/other/passwd.file < some command > < arg > < arg >
And if it thinks things look OK, i.e. not SUID, passwd exists and everything else, it will exec the command after setting up the environment. If things look strange, if will exit instead.
There are also some README.* files that deal with specific programs I had trouble with, either because they had a strange build process, were SUID by default, or both.
What's New in This Release:
Added support for the getgr* group handling functions, and a /etc/group.switch and ALTGROUP in the environment, all similar to how the altpw functions work but for groups, as suggested by Bruce Richardson.
Alternate Password Library 1.2.0 search tags