PASSWD(5,F) AIX Technical Reference PASSWD(5,F)
-------------------------------------------------------------------------------
passwd
PURPOSE
Contains passwords and user account information.
SYNOPSIS
#include <pwd.h>
DESCRIPTION
The passwd file is an ASCII file that contains all the information that defines
a user on the system. It contains the following information:
o Login name
o Encrypted password
o Numerical user ID
o Numerical group ID
o Additional data for each user
o Initial current directory
o Program to use as shell.
Each field is separated from the next by a colon. The file has general read
permission and the passwords are encrypted. Therefore, a user can use the file
to map numerical user IDs to names without potentially compromising the
security of other users.
The adduser command is used to maintain this file. Programs should use the
getpwent subroutines to extract various fields in this file.
If the user password field is null, the user has no password. If the program
field is null, the shell (/bin/sh) is used. The program field can contain
parameters passed when the exec system call is issued. Parameters are
separated by space (such as a space or tab characters). A \ (backslash) is
used for escapement when a parameter contains a space. The login command
accepts the program name and as many as 14 parameters. Any more than 14
parameters are ignored. A maximum of 4096 characters can be used for the
program name and its parameters. More than 4096 characters causes login to
exit. Parameters in this field can use symbolic escapement for the following
special characters: \n, \r, \v (produces 013), \b, \t, and \f. Additionally,
\0 through \7 builds a one-byte octal number. Anything else that is preceded
by a \ (backslash) passes through.
The contents of the additional data for each user has the following format:
"
full_name / file_limit ; site_info;site_exec_perm "
Processed November 7, 1990 PASSWD(5,F) 1
PASSWD(5,F) AIX Technical Reference PASSWD(5,F)
where:
full_name Contains the name of the user whose 8-character (or fewer) login
name is in the first field.
If a user group list is used, the list may not exceed 500
eight-character login names.
file_limit Specifies the maximum length file the user can create. The length
is specified as the number of 512-byte blocks. See the login
command in AIX Operating System Commands Reference and the ulimit
system call.
site_info Contains any printable character other than a colon or semicolon.
This subfield is unused by the system software and is available
for information for each user as required by applications specific
to the site.
site_exec_perm
Contains a site group name identifying the sites on which this
user can log in and/or execute programs. (See "sitegroup" to find
the site group name.)
Any or all of the subfields can be omitted. If the file_limit subfield is
omitted, the preceding / (slash) is omitted and the system-wide default limit
is used. If the site_info and site_exec_perm subfields are omitted, the ;
(semicolon) preceding each of these subfields must also be omitted. If,
however, the site_info subfield is omitted but the site_exec_perm subfield is
present, the ; preceding each of these subfields must be present.
Passwords
The encrypted password is 13 characters long. The characters used come from
the extended characters (code page P0, see "data stream") and may be uppercase
or lowercase characters, numerals, and the . (period) and / (slash) characters
except when the password is null. In this case, the encrypted password is also
null. Password aging affects a particular user if a comma and a string of
characters that are not null follows the user password in this file. Such a
string must be initially introduced by a person with superuser authority.
The first character of the age, M for example, is the maximum number of weeks a
password is valid. The next character, m for example, is the minimum number of
weeks, before the password can be changed. The remaining characters indicate
when the password was last changed, given as the number of weeks since the
beginning of 1970 to the time of the password change. A null string is
equivalent to 0. M and m have numerical values in the range 0 through 63. If
m = M = 0, the user is forced to change the password at the next login. This
causes the age to disappear from the password file entry. If m > M, only
someone with superuser authority is able to change the password.
Note: All userid's and passwords must contain ASCII characters only.
Processed November 7, 1990 PASSWD(5,F) 2
PASSWD(5,F) AIX Technical Reference PASSWD(5,F)
FILE
/etc/passwd
RELATED INFORMATION
In this book: "a64l, l64a," "crypt, encrypt, setkey," "getpwent, getpwuid,
getpwnam, setpwent, endpwent," "ulimit," "group," "sitegroup," and "data
stream."
The login and passwd commands in AIX Operating System Commands Reference.
"Introduction to International Character Support" in Managing the AIX Operating
System.
Processed November 7, 1990 PASSWD(5,F) 3