Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ passwd(1) — Dell System V Release 4 Issue 2.2

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

login(1)

crypt(3C)

useradd(1M)

usermod(1M)

userdel(1M)

id(1M)

passmgmt(1M)

pwconv(1M)

su(1M)

passwd(4)

shadow(4)



passwd(1)             UNIX System V(Essential Utilities)              passwd(1)


NAME
      passwd - change login password and password attributes

SYNOPSIS
      passwd [ name ]

      passwd [ -l | -d ] [ -f ] [ -n min ] [ -x max ] [ -w warn ] name

      passwd -s [ -a ]

      passwd -s [ name ]

DESCRIPTION
      The passwd command changes the password or lists password attributes
      associated with the user's login name.  Additionally, privileged-users
      may use passwd to install or change passwords and attributes associated
      with any login name.

      When used to change a password, passwd prompts ordinary users for their
      old password, if any.  It then prompts for the new password twice. When
      the old password is entered, passwd checks to see if it has aged
      sufficiently. If aging is insufficient, passwd terminates; see shadow(4).

      If the user's password aging has not been turned on, then password aging
      is turned on for the user using the MAXWEEKS and MINWEEKS parameters in
      /etc/default/passwd.  If password aging is turned on the password aging
      information in /etc/shadow remains unmodified.

      Assuming aging is sufficient, a check is made to ensure that the new
      password meets construction requirements.  When the new password is
      entered a second time, the two copies of the new password are compared.
      If the two copies are not identical the cycle of prompting for the new
      password is repeated for at most two more times.

      Passwords must be constructed to meet the following requirements:

            Each password must have at least PASSLENGTH characters as set in
            /etc/default/passwd. PASSLENGTH must contain a minimum of six
            characters, but only the first eight characters are significant.

            Each password must contain at least two alphabetic characters and
            at least one numeric or special character.  In this case,
            alphabetic refers to all upper or lower case letters.

            Each password must differ from the user's login name and any
            reverse or circular shift of that login name.  For comparison
            purposes, an upper case letter and its corresponding lower case
            letter are equivalent.

            New passwords must differ from the old by at least three
            characters.  For comparison purposes, an upper case letter and its
            corresponding lower case letter are equivalent.


10/89                                                                    Page 1







passwd(1)             UNIX System V(Essential Utilities)              passwd(1)


      Privileged users (for example, real and effective uid equal to zero, see
      id(1M) and su(1M) may change any password; hence, passwd does not prompt
      privileged users for the old password.  Privileged users are not forced
      to comply with password aging and password construction requirements.  A
      privileged-user can create a null password by entering a carriage return
      in response to the prompt for a new password.  (This differs from passwd
      -d because the password prompt will still be displayed.)

      Any user may use the -s option to show password attributes for his or her
      own login name.

      The format of the display will be:

            name status mm/dd/yy min max warn

      or, if password aging information is not present,

            name status

      where

      name        The login ID of the user.

      status      The password status of name: PS stands for passworded or
                  locked, LK stands for locked, and NP stands for no password.

      mm/dd/yy    The date password was last changed for name.  (Note that all
                  password aging dates are determined using Greenwich Mean Time
                  and, therefore, may differ by as much as a day in other time
                  zones.)

      min         The minimum number of days required between password changes
                  for name. MINWEEKS is found in /etc/default/passwd and is set
                  to 0.

      max         The maximum number of days the password is valid for name.
                  MAXWEEKS is found in /etc/default/passwd and is set to 0

      warn        The number of days relative to max before the password
                  expires that the name will be warned.

      Only a privileged user can use the following options:

      -l        Lock password entry for name.

      -d        Delete password for name.  The login name will not be prompted
                for password.

      -n        Set minimum field for name.  The min field contains the minimum
                number of days between password changes for name.  If min is
                greater than max, the user may not change the password.  Always
                use this option with the -x option, unless max is set to -1


Page 2                                                                    10/89







passwd(1)             UNIX System V(Essential Utilities)              passwd(1)


                (aging turned off).  In that case, min need not be set.

      -x        Set maximum field for name.  The max field contains the number
                of days that the password is valid for name.  The aging for
                name will be turned off immediately if max is set to -1.
                (Aging will be turned on again if the password is changed.)  If
                it is set to 0, then aging is turned off.

      -w        Set warn field for name.  The warn field contains the number of
                days before the password expires that the user will be warned.

      -a        Show password attributes for all entries.  Use only with -s
                option; name must not be provided.

      -f        Force the user to change password at the next login by expiring
                the password for name.

FILES
      /etc/shadow, /etc/passwd, /etc/oshadow

SEE ALSO
      login(1)

      crypt(3C) in the Programmer's Reference Manual

      useradd(1M), usermod(1M), userdel(1M), id(1M), passmgmt(1M), pwconv(1M),
      su(1M), passwd(4), shadow(4) in the System Administrator's Reference
      Manual

DIAGNOSTICS
      The passwd command exits with one of the following values:

      0         SUCCESS.

      1         Permission denied.

      2         Invalid combination of options.

      3         Unexpected failure.  Password file unchanged.

      4         Unexpected failure.  Password file(s) missing.

      5         Password file(s) busy.  Try again later.

      6         Invalid argument to option.

WARNING
      If root deletes a password for a user with the passwd -d command and
      password aging is in effect for that user, the user will not be allowed
      to add a new password until the null password has been aged.  This is
      true even if the PASSREQ flag in /etc/default/login is set to YES.  This
      results in a user without a password.  It is recommended that the -f


10/89                                                                    Page 3







passwd(1)             UNIX System V(Essential Utilities)              passwd(1)


      option be used whenever the -d (delete) option is used.  This will force
      a user to change the password at the next login.

      If a user is to be set up without a password, the password entry of the
      user must be absent from the /etc/shadow file.  (When a user has no
      password, passwd -s user should return NP.)
















































Page 4                                                                    10/89





Typewritten Software • bear@typewritten.org • Edmonds, WA 98026