passwd(1) passwd(1)
NAME
passwd - change login password and password attributes
SYNOPSIS
passwd [login_name]
passwd [-l | -d] [-f] [-x max] [-n min] [-w warn] login_name
passwd -s [-a]
passwd -s [login_name]
DESCRIPTION
The passwd command lets any user change the password or get a
list of the current password attributes for his or her
login_name. Privileged users may run passwd to perform these
functions for any user, and to set the password attributes for
any user. The command can be used to change passwords in the
Network Information Service (NIS) database.
A password is usually assigned by an administrator while
creating a user account for the owner of the login name
login_name. Later the user can change the password either by
running the passwd command without any options or by invoking
the -p option to the login procedure.
To use the latter method, enter a -p immediately after the
login prompt (before entering login_name):
login: -p login_name
The login scheme then calls the passwd command.
See login(1) for details.
Command Syntax
Any user may use the -s option:
-s Show password attributes for the user's own
login_name.
Only a privileged user may use the following options:
-l Lock the password entry for login_name.
-d Delete the password for login_name so user
login_name is not prompted for a password.
Copyright 1994 Novell, Inc. Page 1
passwd(1) passwd(1)
-f Force the user to change the password at the next
login by expiring the password for login_name.
-x max Specify the number of days the password is valid for
user login_name.
-n min Specify the minimum number of days between password
changes for user login_name. Always use this option
with the -x option unless max is set to -1 (aging
turned off). In that case, min need not be set.
-w warn Specify the number of days (relative to max) on
which user login_name will be warned before the
password expires.
-s Show password attributes for login_name.
-s -a Show the password attributes for all users.
Password Construction
Passwords must be constructed to meet the following
requirements:
Each password must have at least PASSLENGTH characters
as defined in /etc/default/passwd. PASSLENGTH must be
at least 3. Only the first eight characters are
significant.
Each password must contain at least two alphabetic
characters and at least one numeric or special
character. (In this case, alphabetic includes all
uppercase and lowercase letters.)
Each password must differ from the user's login name and
any reverse or circular shift of that login name.
(Corresponding uppercase and lowercase letters are
considered equivalent.)
A new password must differ from the old one by at least
three characters.
If a password generator program has been specified for a user
through the useradd (or usermod) command, passwd calls the
password generator program to generate possible passwords for
the user to select; when a password generator is used, none of
the normally required password construction rules are
Copyright 1994 Novell, Inc. Page 2
passwd(1) passwd(1)
enforced.
Operation
When used to change a password, passwd prompts ordinary users
for their old password, if any. If sufficient time has passed
since the old password was set, passwd then prompts the user
twice for the new password; otherwise it terminates. Next,
passwd checks to make sure the new password meets construction
requirements. When the new password is entered a second time,
the two copies of the new password are compared. If the two
copies are not identical, the cycle of prompting for the new
password is repeated a maximum of twice.
Privileged users may change any password; the passwd command
does not prompt a privileged user for an old password.
Privileged users are not forced to comply with password aging
and password construction requirements. Such users can create
a null password by pressing RETURN in response to the prompt
for a new password. (This differs from passwd -d because the
Password: prompt will still be displayed.)
Local Passwords and NIS Passwords
Passwords and information related to passwords are kept in two
files on the system, /etc/passwd and /etc/shadow. An NIS
database containing passwords is also maintained for NIS
users. In the case where a user has entries in both the local
/etc/passwd file and the NIS database, the password that will
be updated is determined primarily by two factors:
database:
entries in the local Identification and Authentication (I&A)
if a user has an entry in this database, the local
password is always the one that is updated. This
database is usually created at boot time by
creatiadb(1M). Note that user logins that begin with a +
or - character are ignored by creatiadb and therefore do
not have corresponding entries in the I&A database.
password specified in the local /etc/shadow file:
if a user has a password specified in the local
/etc/shadow file, this password will always be updated,
whether or not the same user has an entry in the NIS
passwd database. If the user has an /etc/shadow entry
with no password, then passwd will update the user's
Copyright 1994 Novell, Inc. Page 3
passwd(1) passwd(1)
entry in the NIS passwd database.
Password Aging
Passwords are valid for finite periods (defined by the system
administrator), after which they must be changed. Therefore a
record must be kept of each password and the period for which
it's active. As the expiration date for a password
approaches, its owner is warned to choose a new password
before a specified number of days elapses. The process of
monitoring password schedules and notifying users about their
passwords, when necessary, is called password aging.
Information about the password for each user on the system is
kept in /etc/shadow, which is readable only by privileged
users.
Each user's line in /etc/shadow has four parameters that
affect password aging:
lastchanged:
The date on which the password for the user was last
changed. (Note that this date is determined using
Greenwich Mean Time and, therefore, may differ by as
much as a day in other time zones.)
minimum: The number of days that must elapse after the
lastchanged date before the password for the user
can be changed.
maximum: The number of days for which the password for the
user will be valid after the lastchanged date (after
which it will be necessary to change the password).
This number does not include the day on which the
password is set.
warn: The number of days the user will receive warnings
about the impending expiration of his or her
password. Thus, for example, if the value of warn
is 7, the owner of login_name will start receiving
warnings a week before the password expires.
The last three of these parameters may be set by the command
line options -n, -x, and -w, respectively. In the absence of
command options, their values are set from the
/etc/default/passwd file. The Defaults section describes
these parameters.
Copyright 1994 Novell, Inc. Page 4
passwd(1) passwd(1)
If minimum is greater than maximum, the user may not change
the password. Aging for login_name is turned off immediately
if maximum is set to -1. If maximum is set to 0, the user is
forced to change the password at the next login session after
the lastchanged date, and aging is turned off at that time.
Password aging is never turned off directly by the command
line "passwd -x 0 login_name". Instead, this command sets the
maximum field to 0. If the lastchanged field is not 0, the
aging fields will be cleared the next time the passwd command
is used to change the user's password. If, however, the
lastchanged field is set to 0, the aging fields are not
changed.
If you expect the aging fields to be cleared and they're not,
the explanation could be that the lastchanged field has been
set to 0 without your realizing it. There are two possible
explanations.
You (the administrator) may have expired a user's
password by running the command passwd -f login_name.
In this case, the value of lastchanged would have been
set to 0.
The maximum field may have been clear when you issued
the command passwd -x 0 login_name. In this case, the
passwd command itself would have set the value of
lastchanged to 0.
Displaying Password Attributes
When the passwd command is used to show password attributes,
the format of the display is:
login_name status lastchanged minimum maximum warn
or, if password aging information is not present,
login_name status
The fields are defined as follows:
login_name The login ID of the user.
status The password status of login_name: PS stands for
passworded, LK stands for locked, and NP stands
for no password.
Copyright 1994 Novell, Inc. Page 5
passwd(1) passwd(1)
The last four fields are as defined under Password Aging.
Defaults
By assigning values to a set of parameters in the file
/etc/default/passwd, an administrator can control the aging
and length of passwords. The following parameters are
available.
MINWEEKS Minimum number of weeks before a password can be
changed. In a delivered system, the value is 0.
MAXWEEKS Maximum number of weeks a password can be unchanged.
In a delivered system, the value is 24.
WARNWEEKS Number of weeks before a password expires that the
user is to be warned. In a delivered system, the
value is 1.
PASSLENGTH
Minimum number of characters in a password. In a
delivered system, the value is 6.
Note that the passwd command option arguments min, max, and
warn and the corresponding /etc/shadow fields minimum,
maximum, and warn treat aging in terms of days; the
corresponding /etc/default/passwd fields, MINWEEKS, MAXWEEKS,
and WARNWEEKS, in terms of weeks.
When password aging is off for a user but default aging values
exist in /etc/default/passwd, then password aging will be
turned on when the user's password is changed.
DIAGNOSTICS
The passwd command exits with a return code of 0 upon
successful completion. Following are reasons for failure:
permission denied
invalid combination of options
unexpected failure; password file unchanged
unexpected failure; password file(s) missing
Copyright 1994 Novell, Inc. Page 6
passwd(1) passwd(1)
password file(s) busy; try again later
invalid argument to option
unexpected failure
unknown ID
aging disabled
FILES
/etc/shadow
/etc/passwd
/etc/oshadow
/etc/opasswd
/etc/default/passwd
/usr/lib/locale/locale/LC_MESSAGES/uxcore.abi
language-specific message file [See LANG on
environ(5).]
/etc/security/ia/index
index into /etc/security/ia/master
/etc/security/ia/master
contains all I&A information about users
NOTES
If root runs the passwd -d command to delete a password for a
user for whom password aging is in effect, that user will not
be allowed to add a new password until the NULL password has
been aged. This is true even if the PASSREQ flag in
/etc/default/login is set to YES. This results in a user
without a password. We recommend you use the -f option
whenever you use -d to delete a password. By doing so, you'll
ensure the user is forced to change his or her password when
he or she next logs in.
REFERENCES
crypt(3G), id(1M), login(1), passwd(4), pwconv(1M), shadow(4),
su(1M), useradd(1M), userdel(1M), usermod(1M)
Copyright 1994 Novell, Inc. Page 7