site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com The getpass() function displays a prompt to, and reads in a password from, /dev/tty. If this file is not accessible, getpass() displays the prompt on the standard error output and reads from the standard input. $ cat foo ; echo this is the password for mrgumby $ /usr/libexec/chkpasswd mrgumby < foo Checking password for mrgumby. Password: <<< lo, it still prompts S+E -- Quinn "The Eskimo!" <http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... At 7:09 -0500 14/11/06, Jerry Krinock wrote: But chkpasswd seems to work fine in my program. Is there a reason to not "just" call chkpasswd()? I'm not a great fan of fork/exec'ing command line tools to do work that can be done with a real API (although I know that other folks on the list have diametrically opposed views on this topic). One thing to be careful of is that chkpasswd gets the password using <x-man-page://3/getpass> which, to quote the man page: If you call it from a GUI program, /dev/tty won't work and so the stdin trick will. OTOH, if you call it from a command line tool (or from a GUI program that you happened to have opened from an environment that has a valid /dev/tty, like Terminal), the stdin trick won't work. For example: In this case, you'd have to use a pseudo-terminal to get it to work, and that's way more hassle than it's worth. There's a nice, high-level, password checking function available in Mac OS X ("checkpw") but, alas, it's not public <rdar://problem/3879510>. This email sent to site_archiver@lists.apple.com