能帮忙看一下这个用户和密码验证的脚本吗？

我输入两个参数，用户名和密码，如果系统存在这个帐户而且密码正确，返回0，否则返回1。那个/bin下的checkpassword是qmail的作者写的验证函数接口。可是我用useradd加了用户，再用passwd设好密码后，用这个脚本验证有时通过有时不通过。郁闷。　　　　　　

(不好意思, 擅自修改了你的帖子)

1) 没用过 checkpassword, 不知其语法
2) printf 中的 \0 是何用意?　　　　　　

谢谢你对帖子格式的整理，这样好看多了
我以后发贴也会注意这样作的

那个checkpassword可能是关键
可以从这个链接看一下，很短
http://cr.yp.to/checkpwd.html　　　　　　

我记得好像是要下载编译这样一个工具。　　　　　　

我编译通过了，验证root密码没问题的。
但是我又建了一个新用户，
用我上面写的那句脚本验证并不是每次都通过
很多时候密码正确，用su 都可以的，但是就是用它没法验证通过
是不是用法不对
我对它说明里的那个文件描述符3还是有点疑惑


D. J. Bernstein
Internet mail
checkpassword
The checkpassword interface
     checkpassword prog

checkpassword reads descriptor 3 through end of file and then closes descriptor 3. There must be at most 512 bytes of data before end of file.
The information supplied on descriptor 3 is a login name terminated by \0, a password terminated by \0, a timestamp terminated by \0, and possibly more data. There are no other restrictions on the form of the login name, password, and timestamp.

If the password is unacceptable, checkpassword exits 1. If checkpassword is misused, it may instead exit 2. If there is a temporary problem checking the password, checkpassword exits 111.

If the password is acceptable, checkpassword runs prog. prog consists of one or more arguments.

Compatible tools
There are other tools that offer the same interface as checkpassword. Applications that use checkpassword are encouraged to take the checkpassword name as an argument, so that they can be used with different tools.
Note that these tools do not follow the getopt interface. Optional features are controlled through (1) the tool name and (2) environment variables.

The password database
checkpassword checks the login name and password against /etc/passwd, using the operating system's getpwnam and crypt functions, supplemented by getuserpw and getspnam if necessary. It rejects accounts with empty passwords. It ignores the timestamp.
Other checkpassword-compatible tools have different interpretations of login names, passwords, and timestamps. Both the login name and the password should be treated as secrets by the application calling checkpassword; the only distinction is for administrative convenience. The timestamp should include any other information that the password is based on; for example, the challenge in a challenge-response system such as APOP.

WARNING: getpwnam is inherently unreliable. It fails to distinguish between temporary errors and nonexistent users. Future versions of getpwnam should return ETXTBSY to indicate temporary errors and ESRCH to indicate nonexistent users.

Process-state changes
Before invoking prog, checkpassword sets up $USER, $HOME, $SHELL, its supplementary groups, its gid, its uid, and its working directory.
Other checkpassword-compatible tools may make different changes to the process state. It is crucial for these effects to be documented; different applications have different requirements.　　　　　　

主要就是这句code:
printf "$USERID\0$PASSWORD\0Y123456\0" | /bin/checkpassword logger " $USERID pass ." 3<&0 || exit 1　　　　　　

我用 guest 用户试过你的脚本了, 可以的呀　　　　　　

我这边是这样：
是字母或下划线的密码可以用它验证通过
但是密码中有数字就不能验证通过。
你测过带数字的密码吗？
是否是这个函数的问题呢？
不过Qmail的密码好像是可以有数字的，记不清了
密码里怎么可能不允许有数字呢　　　　　　

是userid/password以数字开头就不能工作
我修改了一下

code：
    printf "%s\0%s\0%s\0" $USERID $PASSWORD Y123456 | /bin/checkpassword echo 0 3<&0

这样可以工作
但是我要个通过标志

如下几种方式好像不行，checkpassword后面跟的命令好像没有执行
用变量：
printf "%s\0%s\0%s\0" $USERID $PASSWORD Y123456 | /bin/checkpassword ACCOUNTRIGHT=0 3<&0
用set
printf "%s\0%s\0%s\0" $USERID $PASSWORD Y123456 | /bin/checkpassword set ACCOUNTRIGHT=0 3<&0
用export

printf "%s\0%s\0%s\0" $USERID $PASSWORD Y123456 | /bin/checkpassword export ACCOUNTRIGHT=0 3<&0

我只好先建立一个文件，用通过后就用echo写个标志进去
在接下来的脚本里检查这个文件中的标志。
不知还有没有更好的办法。
我对checkpassword接口研究的还不够，再好好看看