USERHELPER

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXIT STATUS
FILES
SEE ALSO
AUTHOR

NAME

userhelper − A helper interface to pam.

SYNOPSIS

userhelper [ -t ] [ -d in,out,err ] [ -w prog args ] [ -c ] [ −f full-name ] [ −o office ] [ −p office-phone ] [ −h home-phone ] [ −s shell ] [ username ]

DESCRIPTION

NOTE this program is NOT intended to be run interactively. If you want to change this information on the command line use passwd(1), chfn(1), or chsh(1).

This program provides a basic interface to change a user’s password, gecos information, and shell. The main differnce between this program and its traditional equivilents is that prompts come out on standard out to make it easy for a GUI program to interface it as a child process.

The output is in the form of:

<number> <string>

Where the number is the type of prompt returned from pamlib, and the string is the prompt to give the user.

The prompt numbers are as follows:

1

Prompt with visible input.

2

Prompt with invisible input.

3

Informational message.

4

Error message.

5

Count of messages sent in this block so far.

6

The name of the service being used.

7

Whether or not the command will be executed as the user if authentication fails.

8

The name of the user being authenticated.

OPTIONS

-d

A comma-separated list of three descriptors which need to be reattached to the standard handles before the command is executed; only used with -w.

-t

Text mode authentication instead of the numbered message types just described; only used with -w.

-w

Specify a program name and arguments to be passed through. userhelper will look up in the file /etc/security/console.apps/programname the username to authenticate stored as USER=value (value is normally "root" or the magic token "<user>" which indicates to authenticate the current user) and the program to run stored as PROGRAM=value (value must be an absolute path or it will be ignored). If USER is not specified, the current user is used, and if PROGRAM is not specified, userhelper looks for programname in /sbin and /usr/sbin/. userhelper will then authenticate the user via pam and then run the named program. If SESSION=true is specified, then userhelper establishes a pam session and forks and execs, then waits around for the child to exit; otherwise, it simply execs the child. userhelper is normally called from consolehelper via a symlink. If FALLBACK=true is specified, the program will run as user if authentication fails. Authentication will be retried twice (three times total) unless something other than RETRY=2 is specified.

-c

Change the current user’s password. Note that this option cannot be used with any of the other options. This is due to the limitation in the interface to pamlib.

-f

Specify a new Full Name.

-o

Specify a new Office.

-p

Specify a new Office Phone.

-h

Specify a new Home Phone.

-s

Specify a new shell.

EXIT STATUS

A non-zero exit status indicates an error occured. Those errors are:

1

The authentication passwords was incorrect.

2

One or more of the GECOS fields is invalid. This occurs when there is a colon supplied in one of the fields.

3

Password resetting error.

4

Some system files are locked.

5

User unknown.

6

Insufficent rights.

7

Invalid call to this program.

8

The shell provided is not valid (i.e., does not exist in /etc/shells).

9

Ran out of memory.

10

Could not find the program.

11

exec failed even though program exists.

255

Unknown error.

FILES

/etc/passwd

The gecos and shell information is stored in this file.

/etc/shells

This file is checked to see if the new shell supplied is valid.

SEE ALSO

userpasswd(1), userinfo(1), consolehelper(8), chfn(1), chsh(1), passwd(5)

AUTHOR

Otto Hammersmith <otto@redhat.com>
Michael K. Johnson <johnsonm@redhat.com>