__passwd(), __passwd_applid() — Verify or change user password

Standards

Standards / Extensions C or C++ Dependencies
z/OS® UNIX both  

Format

#include <pwd.h>

int __passwd(const char *username, const char *oldpass, const char *newpass);
int __passwd_applid(const char *username, const char *oldpass, 
                    const char *newpass, const char *applid);

General description

The __passwd() function verifies or changes the username password or the password phrase. The username is a NULL-terminated character string of 1 to 8 bytes. The oldpass is the current password or password phrase for user username, and is a NULL-terminated character string of a password or a password phrase. When newpass is NULL, then oldpass represents the password or password phrase to be verified, and no password or password phrase change is performed. Otherwise, newpass is a NULL-terminated character string of a password or a password phrase. Other installation-dependent restrictions on passwords or password phrases may apply, both in terms of length and content. Length restrictions may be imposed by the security product.

The __passwd_applid() function is equivalent to __passwd() with the added feature that it also allows the application identifier (APPLID) to be supplied that will be passed on to the security product to assist with authentication. When applid is NULL or a pointer to NULL, no application identifier will be passed on to the security product.

The function has the following parameters:
Parameter
Description
applid
Specifies the application identifier that will be used for authentication with the security product.

If the BPX.DAEMON facility class profile is defined, then all modules within the address space must be loaded from a controlled library. This includes all modules in the application and runtime libraries. See also "Checking Which Module is not Defined to Program Control" in z/OS UNIX System Services Planning.

Returned value

If successful, __passwd() returns 0. When newpass is NULL, the password or the password phrase has been verified. When newpass is not NULL, the new password or password phrase has been set.

If a user specifies password for oldpass and new password phrase for newpass or password phrase for oldpass and new password for newpass, then __passwd() returns -1 and sets errno to EMVSPASSWORD and the current password or password phrase is not changed.

If unsuccessful, __passwd() returns -1 and sets errno to one of the following values:
Error Code
Description
EACCES
The oldpass is not authorized.
EINVAL
The username, oldpass, newpass, or applid argument is invalid.
EMVSERR
The specified function is not supported in an address space where a load was done from an uncontrolled library.
EMVSEXPIRE
The oldpass has expired and no newpass has been provided.
EMVSPASSWORD
The newpass is not valid, or does not meet the installation-exit requirements.
EMVSSAF2ERR
Internal processing error.
EMVSSAFEXTRERR
An internal SAF/RACF extract error has occurred. A possible reason is that the username access has been revoked. errno2 contains the BPX1PWD reason code. For more information, see z/OS UNIX System Services Programming: Assembler Callable Services Reference.
ESRCH
The username provided is not defined to the security product or does not have an OMVS segment defined.

For more information, refer to the z/OS UNIX System Services Messages and Codes , z/OS UNIX System Services Programming: Assembler Callable Services Reference

Related information

Parent topic: Library functions