passwd(4) passwd(4)
NAME
passwd - password file
SYNOPSIS
/etc/passwd
DESCRIPTION
The passwd file contains for each user the following
information:
name User's login name - contains no upper case
characters and must not be greater than eight
characters long.
password encrypted password
numerical user ID
This is the user's ID in the system and it must be
unique.
numerical group ID
This is the number of the group that the user
belongs to.
user's real name
In some versions of UNIX®, this field also
contains the user's office, extension, home phone,
and so on. For historical reasons this field is
called the GCOS field.
initial working directory
The directory that the user is positioned in when
they log in - this is known as the `home'
directory.
shell program to use as Shell when the user logs in.
The user's real name field may contain `&', meaning insert
the login name.
The password file is an ASCII file. Each field within each
user's entry is separated from the next by a colon. Each
user is separated from the next by a newline. If the
password field is null, no password is demanded; if the
Shell field is null, /bin/sh is used.
This file resides in directory /etc. Because of the
encrypted passwords, it can and does have general read
permission and can be used, for example, to map numerical
user IDs to names.
The encrypted password consists of 13 characters chosen from
Page 1 (last mod. 1/14/87)
passwd(4) passwd(4)
a 64-character alphabet (., /, 0-9, A-Z, a-z), except when
the password is null, in which case the encrypted password
is also null. Password aging is effected for a particular
user if his encrypted password in the password file is
followed by a comma and a non-null string of characters from
the above alphabet. (Such a string must be introduced in
the first instance by the super-user.)
The first character of the age, M say, denotes the maximum
number of weeks for which a password is valid. A user who
attempts to login after his password has expired will be
forced to supply a new one. The next character, m say,
denotes the minimum period in weeks which must expire before
the password may be changed. The remaining characters
define the week (counted from the beginning of 1970) when
the password was last changed. (A null string is equivalent
to zero.) M and m have numerical values in the range 0-63
that correspond to the 64-character alphabet shown above
(i.e., / = 1 week; z = 63 weeks). If m = M = 0 (derived
from the string . or ..) the user will be forced to change
his password the next time he logs in (and the ``age'' will
disappear from his entry in the password file). If m > M
(signified, e.g., by the string ./) only the super-user will
be able to change the password.
The passwd file can also have line beginning with a plus
(+), which means to incorporate entries from the yellow
pages. There are three styles of + entries: all by itself,
+ means to insert the entire contents of the yellow pages
password file at that point; +name means to insert the entry
(if any) for name from the yellow pages at that point;
+@name means to insert the entries for all members of the
network group name at that point. If a + entry has a non-
null password, directory, gecos, or shell field, they will
overide what is contained in the yellow pages. The
numerical user ID and group ID fields cannot be overridden.
EXAMPLE
Here is a sample /etc/passwd file:
root:q.mJzTnu8icF.:0:10:God:/:/bin/csh
bs:6k/7KCFRPNVXg:508:10:Bill Smith:/usr2/bs:/bin/csh
+john:
+@documentation:no-login:
+:::Guest
In this example, there are specific entries for users root
and bs, in case the yellow pages are out of order. The user
john will have his password entry in the yellow pages
incorporated without change; anyone in the netgroup
documentation will have their password field disabled, and
anyone else will be able to log in with their usual
password, shell, and home directory, but with a gecos field
Page 2 (last mod. 1/14/87)
passwd(4) passwd(4)
of Guest.
The password file resides in the /etc directory. Because of
the encrypted passwords, it has general read permission and
can be used, for example, to map numerical user ID's to
names.
Appropriate precautions must be taken to lock the
/etc/passwd file against simultaneous changes if it is to be
edited with a text editor; vipw(1M) does the necessary
locking.
FILES
/etc/passwd
SEE ALSO
getpwent(3), login(1), crypt(3), passwd(1), group(4),
vipw(1M).
Page 3 (last mod. 1/14/87)