NAME
passwd,
master.passwd —
format of the password file
DESCRIPTION
The
passwd files are the local source of password information.
They can be used in conjunction with the Hesiod domain ‘passwd’
and the NIS maps ‘passwd.byname’, ‘passwd.byuid’,
‘master.passwd.byname’, and ‘master.passwd.byuid’, as
controlled by
nsswitch.conf(5).
The
master.passwd file is readable only by root, and consists
of newline separated ASCII records, one per user, containing ten colon
(“:”) separated fields.
Each line has the form:
name:password:uid:gid:class:change:expire:gecos:home_dir:shell
These fields are as follows:
- name
- User's login name.
- password
- User's encrypted password.
- uid
- User's id.
- gid
- User's login group id.
- class
- User's login class.
- change
- Password change time.
- expire
- Account expiration time.
- gecos
- General information about the user.
- home_dir
- User's home directory.
- shell
- User's login shell.
Be aware that each line is limited to 1024 characters; longer ones will be
ignored. This limit can be queried through
sysconf(3) by using the
_SC_GETPW_R_SIZE_MAX
parameter.
The
passwd file is generated from the
master.passwd file by
pwd_mkdb(8), has the
class,
change, and
expire fields removed, and the
password
field replaced by a “*”.
The
name field is the login used to access the computer
account, and the
uid field is the number associated with it.
They should both be unique across the system (and often across a group of
systems) since they control file access.
While it is possible to have multiple entries with identical login names and/or
identical user id's, it is usually a mistake to do so. Routines that
manipulate these files will often return only one of the multiple entries, and
that one by random selection.
The login name must never begin with a hyphen (“-”); also, it is
strongly suggested that neither upper-case characters nor dots
(“.”) be part of the name, as this tends to confuse mailers. No
field may contain a colon (“:”) as this has been used historically
to separate the fields in the user database.
The
password field is the
encrypted form of
the password. If the
password field is empty, no password
will be required to gain access to the machine. This is almost invariably a
mistake. Because these files contain the encrypted user passwords, they should
not be readable by anyone without appropriate privileges. For the possible
ciphers used in this field see
passwd.conf(5).
The
gid field is the group that the user will be placed in
upon login. Since this system supports multiple groups (see
groups(1)) this field currently
has little special meaning.
The
class field is a key for a user's login class. Login
classes are defined in
login.conf(5), which is a
capfile(5) style database of
user attributes, accounting, resource and environment settings.
The
change field is the number of seconds from the epoch,
UTC
, until the password for the account must be
changed. This field may be left empty to turn off the password aging feature.
If this is set to “-1” then the user will be prompted to change
their password at the next login.
The
expire field is the number of seconds from the epoch,
UTC
, until the account expires. This field may be left
empty to turn off the account aging feature.
If either of the
change or
expire fields are
set, the system will remind the user of the impending change or expiry if they
login within a configurable period (defaulting to 14 days) before the event.
The
gecos field normally contains comma (“,”)
separated subfields as follows:
- name
- user's full name
- office
- user's office number
- wphone
- user's work phone number
- hphone
- user's home phone number
The full name may contain an ampersand (“&”) which will be
replaced by the capitalized login name when the gecos field is displayed or
used by various programs such as
finger(1),
sendmail(1), etc.
The office and phone number subfields are used by the
finger(1) program, and possibly
other applications.
The user's home directory is the full
UNIX path name
where the user will be placed on login.
The shell field is the command interpreter the user prefers. If there is nothing
in the
shell field, the Bourne shell
(
/bin/sh) is assumed.
HESIOD SUPPORT
If ‘dns’ is specified for the ‘passwd’ database in
nsswitch.conf(5), then
passwd lookups occur from the ‘passwd’ Hesiod
domain.
NIS SUPPORT
If ‘nis’ is specified for the ‘passwd’ database in
nsswitch.conf(5), then
passwd lookups occur from the ‘passwd.byname’,
‘passwd.byuid’, ‘master.passwd.byname’, and
‘master.passwd.byuid’ NIS maps.
COMPAT SUPPORT
If ‘compat’ is specified for the ‘passwd’ database, and
either ‘dns’ or ‘nis’ is specified for the
‘passwd_compat’ database in
nsswitch.conf(5), then
the
passwd file also supports standard ‘+/-’
exclusions and inclusions, based on user names and netgroups.
Lines beginning with a minus sign (“-”) are entries marked as being
excluded from any following inclusions, which are marked with a plus sign
(“+”).
If the second character of the line is an at sign (“@”), the
operation involves the user fields of all entries in the netgroup specified by
the remaining characters of the
name field. Otherwise, the
remainder of the
name field is assumed to be a specific user
name.
The “+” token may also be alone in the
name field,
which causes all users from either the Hesiod domain
passwd
(with ‘passwd_compat: dns’) or ‘passwd.byname’ and
‘passwd.byuid’ NIS maps (with ‘passwd_compat: nis’) to
be included.
If the entry contains non-empty
uid or
gid
fields, the specified numbers will override the information retrieved from the
Hesiod domain or the NIS maps. As well, if the
gecos,
home_dir or
shell entries contain text, it
will override the information included via Hesiod or NIS. On some systems, the
passwd field may also be overridden.
COMPATIBILITY
The password file format has changed since
4.3BSD. The
following awk script can be used to convert your old-style password file into
a new style password file. The additional fields “class”,
“change” and “expire” are added, but are turned off by
default. To set them, use the current day in seconds from the epoch + whatever
number of seconds of offset you want.
BEGIN { FS = ":"}
{ print $1 ":" $2 ":" $3 ":" $4 "::0:0:" $5 ":" $6 ":" $7 }
SEE ALSO
chpass(1),
login(1),
newgrp(1),
passwd(1),
pwhash(1),
getpwent(3),
login_getclass(3),
login.conf(5),
netgroup(5),
passwd.conf(5),
pwd_mkdb(8),
useradd(8),
vipw(8),
yp(8)
Managing NFS and NIS (O'Reilly & Associates)
HISTORY
A
passwd file format appeared in
Version 6 AT&T UNIX.
The NIS
passwd file format first appeared in SunOS.
The Hesiod support first appeared in
NetBSD 1.4.
The
login.conf(5) capability
first appeared in
NetBSD 1.5.
BUGS
User information should (and eventually will) be stored elsewhere.
Placing ‘compat’ exclusions in the file after any inclusions will
have unexpected results.