Mac OS X 10.5+ and POSIX

Question

Hello,

I need to program an authentication module that has to work with Mac OS X 10.6 Snow Leopard and at the same time needs to be POSIX-compliant.

I read here: developer.apple.com/leopard/overview/osfoundations.html

that since Mac OS X 10.5 Leopard, Mac OS X is POSIX-compliant (to POSIX 1003.1), but working under MAC OS X 10.5 Leopard myself, I can't find any trace of my user name neither in /etc/passwd nor in its successor /etc/master.passwd, which is mentioned here: developer.apple.com/mac/library/DOCUMENTATION/Darwin/Reference/ManPages/man5/passwd.5.html

Instead it says in both files OpenDirectory Service is used, which should be OpenLDAP according to the OpenDirectoryService man-page.

Is this still POSIX-compliant ? I guess not. I wonder how Mac OS X would handle my 100% POSIX-compliant code which depends on /etc/passwd ?

I would be gratefull if someone could explain the way this works to me.

Thank you for your time and trouble.

Best regards

Phil.

Answer 1

I don't think the way that users and passwords are stored is covered by POSIX (or at least by POSIX 1003.1) - look at the POSIX Wikipedia page for a quick overview of what is covered.

Answer 2

You may use getpwuid or getpwnam functions from pwd.h for searching of user name/ID. It is a part of the 1003.1 standard.

Answer 3

Thank you very much, I have the UIDs and GIDs, what I need is a way to authenticate users to a VM that depends on the user having a valid account in the underlying OS. Therefore I need access to a password file, where I can compare the encrypted passwords with the encrypted user input, or something like that.

Best

Phil.

Answer 4

It looks like POSIX doesn't cover this, but most major Unices seem to use PAM these days. You could try checking out how to authenticate users using PAM...