Checks the user's password to determine if it has expired.
The passwdexpired subroutine checks a user's password to determine if it has expired. The subroutine checks the registry variable in the /etc/security/user file to ascertain where the user is administered. If the registry variable is not defined, the passwdexpired subroutine checks the local, NIS, and DCE databases for the user definition and expiration time.
The passwdexpired subroutine may pass back informational messages, such as how many days remain until password expiration.
Item | Description |
---|---|
UserName | Specifies the user's name whose password is to be checked. |
Message | Points to a pointer that the passwdexpired subroutine allocates memory for and fills in. This string is suitable for printing and issues messages, such as in how many days the password will expire. |
Upon successful completion, the passwdexpired subroutine returns a value of 0. If this subroutine fails, it returns one of the following values:
The passwdexpired subroutine returns 0 when the user password is set to * in the /etc/security/passwd file. The new unix_passwd_compat attribute is introduced under the usw stanza in the /etc/security/login.cfg file. When this attribute is set as true, the passwdexpired subroutine returns a non-zero value, compatible with other UNIX and AIX® 5.2. The default value of this attribute is false. Valid values are true or false.
The passwdexpired subroutine returns a value of 2 when the user's maxage attribute is set to a value greater than zero and the user password is set to * in the /etc/security/passwd file.
Item | Description |
---|---|
1 | Indicates that the password is expired, and the user must change it. |
2 | Indicates that the password is expired, and only a system administrator may change it. |
-1 | Indicates that an internal error has occurred, such as a memory allocation (malloc) failure or database corruption. |
The passwdexpired subroutine fails if one or more of the following values is true:
Item | Description |
---|---|
ENOENT | Indicates that the user could not be found. |
EACCES | Indicates that the user did not have permission to check password expiration. |
ENOMEM | Indicates that memory allocation (malloc) failed. |
EINVAL | Indicates that the parameters are not valid. |