passwd - password file

---

SYNOPSIS

DESCRIPTION

The passwd file contains basic information about each user's account. This file contains a one-line entry for each authorized user, of the form:

username:password:uid:gid:gcos-field:home-dir:login-shell

where

username

is the user's login name. This field contains no uppercase characters, and must not be more than eight characters in length.

password

is the user's encrypted password, or a string of the form: ##name if the encrypted password is in the /etc/security/passwd.adjunct file (see passwd.adjunct.5 If this field is empty, login.1 does not request a password before logging the user in.

uid

is the user's numerical ID for the system, which must be unique. uid is generally a value between 0 and 32767.

gid

is the numerical ID of the group that the user belongs to. gid is generally a value between 0 an 32767.

gcos-field

is the user's real name, along with information to pass along in a mail-message heading. It is called the gcos-field for historical reasons. A & in this field stands for the login name (in cases where the login name appears in a user's real name).

home-dir

is the pathname to the directory in which the user is initially positioned upon logging in.

login-shell

is the user's initial shell program. If this field is empty, the default shell is /usr/bin/sh.

The passwd file can also have lines beginning with a `+' (plus sign) which means to incorporate entries from the Network Information Service (NIS). There are three styles of + entries in this file: by itself, + means to insert the entire contents of the NIS password file at that point; +name means to insert the entry (if any) for name from the NIS service at that point; +@netgroup means to insert the entries for all members of the network group netgroup at that point. If a +name entry has a non-null password, gcos, home-dir, or login-shell field, the value of that field overrides what is contained in the NIS service. The uid and gid fields cannot be overridden.

The passwd file can also have lines beginning with a `-' (minus sign) which means to disallow entries from the NIS service. There are two styles of `-' entries in this file: -name means to disallow any subsequent entries (if any) for name (in this file or in the NIS service); -@netgroup means to disallow any subsequent entries for all members of the network group netgroup.

The password file is an ASCII file that resides in the /etc directory. Because the encrypted passwords on a secure system are kept in the passwd.adjunct file, /etc/passwd has general read permission on all systems, and can be used by routines that map numerical user IDs to names.

Appropriate precautions must be taken to lock the /etc/passwd file against simultaneous changes if it is to be edited with a text editor; vipw.8 does the necessary locking.

EXAMPLE

Here is a sample passwd file when passwd.adjunct does not exist:

root:q.mJzTnu8icF.:0:10:God:/:/bin/csh
fred:6k/7KCFRPNVXg:508:10:% Fredericks:/usr2/fred:/bin/csh
+john:
+@documentation:no-login:
+::::Guest

root:##root:0:10:God:/:/bin/csh
fred:##fred:508:10:& Fredericks:/usr2/fred:/bin/csh
+john:
+@documentation:no-login:
+::::Guest

FILES

/etc/passwd

/etc/security/passwd.adjunct

SEE ALSO

BUGS

mail.1 and sendmail.8 use the gcos-field to compose the From: line for addressing mail messages, but these programs get confused by nested parentheses when composing replies. This problem can be avoided by using different types of brackets within the gcos-field; for example:

(& Fredricks [Podunk U <EE/CIS>] {818}-555-5555)

NOTES

The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed.

Created by unroff & hp-tools. © somebody (See intro for details). All Rights Reserved. Last modified 11/5/97