1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
|
.\" $OpenBSD: passwd.5,v 1.29 2004/10/05 14:18:22 millert Exp $
.\" $NetBSD: passwd.5,v 1.4 1995/07/28 06:46:05 phil Exp $
.\"
.\" Copyright (c) 1988, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.\" Portions Copyright (c) 1994, Jason Downs. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)passwd.5 8.1 (Berkeley) 6/5/93
.\"
.Dd July 18, 1995
.Dt PASSWD 5
.Os
.Sh NAME
.Nm passwd ,
.Nm master.passwd
.Nd format of the password file
.Sh DESCRIPTION
The
.Nm master.passwd
file, readable only by root, consists of newline-separated records,
one per user, containing ten colon
.Pq Ql \&:
separated fields.
These fields are as follows:
.Pp
.Bl -tag -width password -offset indent -compact
.It name
User's login name.
.It password
User's
.Em encrypted
password.
.It uid
User's login user ID.
.It gid
User's login group ID.
.It class
User's general classification (see
.Xr login.conf 5 ) .
.It change
Password change time.
.It expire
Account expiration time.
.It gecos
General information about the user.
.It home_dir
User's home directory.
.It shell
User's login shell.
.El
.Pp
The publicly-readable
.Nm passwd
file is generated from the
.Nm master.passwd
file by
.Xr pwd_mkdb 8
and has the class, change, and expire fields removed.
Also, the encrypted password field is replaced by an asterisk
.Pq Ql \&* .
.Pp
The
.Ar name
field is the login used to access the computer account, and the
.Ar uid
field is the number associated with it.
They should both be unique across the system (and often across a group of
systems) since they control file access.
.Pp
While it is possible to have multiple entries with identical login names
and/or identical user IDs, it is usually a mistake to do so.
Routines that manipulate these files will often return only one of the
multiple entries, and that one by random selection.
.Pp
The login name may be up to 31 characters long.
For compatibility with legacy software, a login name should start
with a letter and consist solely of letters, numbers, dashes and
underscores.
The login name must never begin with a hyphen
.Pq Ql \&- ;
also, it is strongly
suggested that neither uppercase characters nor dots
.Pq Ql \&.
be part of the name, as this tends to confuse mailers.
No field may contain a colon
as this has been used historically to separate the fields
in the user database.
.Pp
The password field is the
.Em encrypted
form of the password.
If the
.Ar password
field is empty, no password will be required to gain access to the machine.
This is almost invariably a mistake.
By convention, accounts that are not intended to be logged in to
(e.g. bin, daemon, sshd) have a star
.Pq Ql *
in the
.Ar password
field.
Note that there is nothing special about
.Ql * ,
it is just one of many strings that is not a valid encrypted password
(see
.Xr crypt 3 ) .
Because
.Nm master.passwd
contains the encrypted user passwords, it should not be readable by anyone
without appropriate privileges.
.Pp
Which type of cipher is used to encrypt the password information
depends on the configuration in
.Xr login.conf 5 .
It can be different for local and YP passwords.
.Pp
The
.Ar group
field is the group that the user will be placed in upon login.
Since this system supports multiple groups (see
.Xr groups 1 )
this field currently has little special meaning.
.Pp
The
.Ar class
field is used by
.Xr login 1
and other programs to determine which entry in the
.Xr login.conf 5
database should be used.
.Pp
The
.Ar change
field is the number in seconds, GMT, from the epoch, until the
password for the account must be changed.
This field may be left empty to turn off the password aging feature.
.Pp
The
.Ar expire
field is the number in seconds, GMT, from the epoch, until the
account expires.
This field may be left empty to turn off the account aging feature.
.Pp
The
.Ar gecos
field normally contains comma
.Pq Ql \&,
separated subfields as follows:
.Pp
.Bl -tag -width office -offset indent -compact
.It name
User's full name.
.It office
User's office location.
.It wphone
User's work phone number.
.It hphone
User's home phone number.
.El
.Pp
The full name may contain an ampersand
.Pq Ql \&& ,
which will be replaced by the capitalized login name when the gecos field
is displayed or used by various programs such as
.Xr finger 1 ,
.Xr sendmail 8 ,
etc.
.Pp
The office and phone number subfields, if they exist, are used by the
.Xr finger 1
program and possibly by other applications.
.Pp
The user's home directory is the full
.Tn UNIX
path name where the user will be placed on login.
.Pp
The
.Ar shell
field is the command interpreter the user prefers.
If there is nothing in the
.Ar shell
field, the Bourne shell
.Pq Pa /bin/sh
is assumed.
Accounts that are not intended to be logged in to usually have
a shell of
.Pa /sbin/nologin .
.Sh YP SUPPORT
If YP is active, the
.Nm passwd
file also supports standard YP exclusions and inclusions, based on user
names and netgroups.
.Pp
Lines beginning with a
.Ql \&-
(minus sign) are entries marked as being excluded
from any following inclusions, which are marked with a
.Ql +
(plus sign).
.Pp
If the second character of the line is a
.Ql @
(at sign), the operation involves the user fields of all entries in the
netgroup specified by the remaining characters of the
.Ar name
field.
Otherwise, the remainder of the
.Ar name
field is assumed to be a specific user name.
.Pp
The
.Ql +
token may also be alone in the
.Ar name
field, which causes all users from the
.Pa passwd.byname
and
.Pa passwd.byuid
YP maps to be included.
.Pp
If the entry contains non-empty
.Ar uid
or
.Ar gid
fields, the specified numbers will override the information retrieved
from the YP maps.
Additionally, if the
.Ar gecos ,
.Ar dir ,
or
.Ar shell
entries contain text, it will override the information included via YP.
On some systems, the
.Ar passwd
field may also be overridden.
It is recommended that the standard way to enable YP passwd support in
.Pa /etc/master.passwd
is:
.Pp
+:*::::::::
.Pp
which after
.Xr pwd_mkdb 8
will result in
.Pa /etc/passwd
containing:
.Pp
+:*:0:0:::
.Sh SEE ALSO
.Xr chpass 1 ,
.Xr login 1 ,
.Xr passwd 1 ,
.Xr crypt 3 ,
.Xr getpwent 3 ,
.Xr login.conf 5 ,
.Xr netgroup 5 ,
.Xr adduser 8 ,
.Xr pwd_mkdb 8 ,
.Xr vipw 8 ,
.Xr yp 8
.Pp
.%T "Managing NFS and NIS"
(O'Reilly & Associates)
.Sh STANDARDS
The password file format has changed since
.Bx 4.3 .
The following
.Xr awk 1
script can be used to convert your old-style password
file into a new style password file.
The additional fields
.Dq class ,
.Dq change ,
and
.Dq expire
are added, but are turned off by default.
To set
.Ar change
and
.Ar expire
use the current day in seconds from the epoch plus the number of seconds
of offset desired.
.Bd -literal -offset indent
BEGIN { FS = ":"}
{ print $1 ":" $2 ":" $3 ":" $4 "::0:0:" $5 ":" $6 ":" $7 }
.Ed
.Sh HISTORY
A
.Nm passwd
file format appeared in
.At v3 .
.Pp
The YP file format first appeared in SunOS.
.Sh BUGS
User information should (and eventually will) be stored elsewhere.
.Pp
Placing YP exclusions in the file after any inclusions will have
unexpected results.
|