Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ passwd(4) — DG/UX 5.4.2T

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

login(1)

mail(1)

passwd(1)

pwck(1M)

sendmail(1C)

useradd(1M)

vipw(1M)

crypt(3C)

crypt(3X)

getpwent(3C)

group(4)

limits(4)



passwd(4)                  C2 Trusted DG/UX 5.4.2T                 passwd(4)


NAME
       passwd - password file

SYNOPSIS
       /etc/passwd

DESCRIPTION
       The passwd file is an ASCII file containing basic information about
       each user's account.  The file contains a one-line entry for each
       user allowed to log in to the system.  Each entry has the following
       format:

              username:password:uid:gid:gcos-field:home-dir:login-shell

       where

              username       User's login name.  This field contains no up­
                             percase characters, and must not be more than
                             USR_NAME [see limits(4)] characters long.

              password       The user's encrypted password.  If this field
                             is empty, login(1) does not request a password
                             before logging the user in.  (On a Trusted
                             DG/UX system, login(1) always requests a pass­
                             word.)

              uid            The user's user identification number (UID) for
                             the system.  The UID must be unique; otherwise,
                             users with the same UID will be able to access
                             each other's files.  uid is generally a value
                             between 0 and 32767.

              gid            The user's group identification number (GID)
                             for the system.  gid is generally a value be­
                             tween 0 an 32767.

              gcos-field     The user's real name, along with information to
                             pass along in a mail-message heading.  Some
                             system administrators use this field to contain
                             the user's office, extension, home phone, and
                             so on.  It is called the GCOS field for histor­
                             ical reasons.  An ampersand (&) in this field
                             stands for the login name (in cases where the
                             login name appears in a user's real name).

              home-dir       The pathname of the directory to which the user
                             is initially positioned when logging in.

              login-shell    The user's initial shell program.  If this
                             field is empty, the default shell is /bin/sh
                             unless you are running the Network File System
                             (NFS); in that case the default is /usr/bin/sh.

       The encrypted password consists of 13 characters chosen from a



Licensed material--property of copyright holder(s)                         1




passwd(4)                  C2 Trusted DG/UX 5.4.2T                 passwd(4)


       64-character alphabet ( . , / , 0-9 , A-Z , a-z ), except when the
       password is null.  In that case, the encrypted password is also null.
       Password aging is affected for a particular user if the user's en­
       crypted password in the password file is followed by a comma and a
       non-null string of characters from the above alphabet (such a string
       must first be introduced by the superuser).

       The first character of the age denotes the maximum number of weeks
       for which a password is valid.  If you try to login after your pass­
       word has expired, you must supply a new one.  The next character de­
       notes the minimum period in weeks that must elapse before the pass­
       word may be changed.  The remaining characters define the week
       (counted from the beginning of 1970) when the password was last
       changed ( a null string is equivalent to zero).  The first and second
       characters have numerical values in the range 0-63 that correspond to
       the 64-character alphabet shown above (i.e., / = 1 week; z = 63
       weeks).  If both characters are equal to zero (derived from the
       string "." or ".."), you must change your password the next time you
       login.  The age will disappear from your entry in the password file.
       If the second character is greater than the first (signified, e.g.,
       by the string "./"), then only the superuser will be able to change
       the password.

       On a Trusted DG/UX system, login(1) and password aging are handled
       differently -- see Trusted Facility Manual for the C2 Trusted DG/UX
       System.  Also, the passwd file is automatically rewritten whenever
       sysadm(1M) is used to add, delete, or modify a user or group entry in
       the A&A database, and whenever a user changes their password.  Any
       changes intended to persist should be made using sysadm(1M), not in
       the passwd file itself.  (An exception is made for a + as the last
       line of the passwd file -- see below.)

   ONC/NFS Features
       If you are using DG/UX Open Network Computing/Network File System
       (ONC/NFS), additional features are available.  The passwd file can
       also have lines beginning with a plus (+), which means to incorporate
       entries from the Network Information Service (NIS).

       There are three styles of + entries: by itself, + means to insert the
       entire contents of the NIS password file at that point; +name means
       to insert the entry (if any) for name from NIS at that point; +@net­
       group means to insert the entries for all members of the network
       group netgroup at that point.  If a +name entry has a non-null pass­
       word, gcos-field, home-dir, or login-shell field, they will override
       what is contained in NIS.  The uid and gid fields cannot be overrid­
       den.

       Entries beginning with a minus sign (-) are also allowed.  They have
       two formats:  -name and -@name.  The meaning of these formats is the
       same as for +name and +@name, respectively, except that the action is
       reversed; all members matched are considered to be excluded from the
       password file, regardless of subsequent entries.  Minus entries can
       be used to exclude specific entries from NIS.




Licensed material--property of copyright holder(s)                         2




passwd(4)                  C2 Trusted DG/UX 5.4.2T                 passwd(4)


       On a Trusted DG/UX system, only the + by itself is supported, and on­
       ly as the last line of the passwd file.  If + is manually inserted as
       the last line of the passwd file (using vipw(1M), say), that line
       will be preserved through any sysadm(1M) and password change activi­
       ty.

       Appropriate precautions must be taken to lock the /etc/passwd file
       against simultaneous changes if it is to be edited with a text edi­
       tor; vipw(1M) does the necessary locking.  Do not edit the
       /etc/passwd file except to add or remove the "+" entry from the last
       line.  Any other changes will be lost the next time sysadm(1M) is
       used to add, modify, or delete a user account, or the next time any­
       one changes a password.

EXAMPLE
       Here is a sample /etc/passwd file:

              root:q.mJzTnu8icF.:0:10:God:/:/bin/csh
              tut:6k/7KCFRPNVXg:508:10:Bill Tuthill:/usr/tut:/bin/csh
              john::605:20:John Smith:/usr/john:
              +

       In this example there are specific entries for users root, tut, and
       john (from the A&A database), and anyone else in the NIS database
       will be represented in /etc/passwd.

FILES
       /etc/passwd

SEE ALSO
       login(1), mail(1), passwd(1), pwck(1M), sendmail(1C), useradd(1M),
       vipw(1M), crypt(3C), crypt(3X), getpwent(3C), group(4), limits(4).

BUGS
       The mail(1) and sendmail(1C) programs use the GCOS field to compose
       the From: line for addressing mail messages, but these programs get
       confused by nested parentheses when composing replies.  This problem
       can be avoided by using different types of brackets within the GCOS
       field; for example:
              (& Fredricks [Podunk U <EE/CIS>] {818}-555-5555)

















Licensed material--property of copyright holder(s)                         3


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026