Basically this is just another library, you can link against it and it overrides getpw* to point at an alternate password file specified by the environment variable ALTPASSWD. So the normal way to use it, in non SUID form, would be: # export ALTPASSWD=/some/other/passwd.file # export LD_PRELOAD=/usr/local/lib/libaltpw.so.X # <some command> And some command will see the alternate password file. This does not work in an SUID contect because LD_PRELOAD is ignored for SUID binaries. To help determine when things will and will not work like expected, there is the runaltpw command. So the above becomes this: # runaltpw /some/other/passwd.file <some command> <arg> <arg> And if it thinks things look OK, i.e. not SUID, passwd exists and everything else, it will exec the command after setting up the environment. If things look strange, if will exit instead. There are also some README.* files that deal with specific programs I had trouble with, either because they had a strange build process, were SUID by default, or both.
