Multi-part question: /etc/passwd and /etc/shadow and how to load modules with a full path

[meow]

Coltrey Mather <Sinistrad at penguinpowered.com> wrote:

>     Are there any modules that could be easily incorporated into a
> program to get the password for a user from /etc/shadow (e.g.: for user
> authentication in a server process) that would check to see if the
> password given for the username given is the right combination?

Yeah, the pwd module is generally going to get its info from
/etc/passwd, which isn't usually what you want these days.

I don't know if someone's written a module to get shadow info, but let
me try to talk you out of doing this directly.  Reading the shadow
file generally requires being root or in a privileged group, so you
want to isolate that from user apps as much as you can.  You'll also
run into portability problems -- not all shadow systems use the same
API, not all password files use crypt(), and some systems out there
are still running without shadow passwords.  In a word, yecch.

One sorta neat and easy safe-ish method I've seen to get this info
(while leaving the safety problems to others) is to run a POP3 server
on the host in question, and use that to handle the password ugliness.
Just see if you can log in, skip doing silly things like checking for
mail.  The standard poplib module will work just fine here.  And, it
will even work on systems that don't run UNIX.

Or, you could write a tiny separate setuid program (daemon or not,
your call) to do just the password checking part.

> Also, if I want load a module, /home/me/mymodule.py, from a python
> program, /usr/local/bin/thisprogram.py, how do I go about doing that?

One way would be:

import sys
sys.path.insert(0, '/home/me')
import mymodule