pwconv(ADM) 19 June 1992 pwconv(ADM) Name pwconv, pwunconv - install and update the shadow password file remove the shadow password file Syntax pwconv pwunconv Description The pwconv command creates and updates /etc/shadow with information from the Protected Password database and /etc/passwd. The command populates /etc/shadow with the user's login name, password, and password aging in- formation. The following is the format of an entry in /etc/passwd: username:passwd,aging:uid:gid:comment:homedir:shell pwconv creates an entry in /etc/shadow for every user in /etc/passwd. The password and password aging information are read from the Protected Pass- word database and /etc/passwd and stored along with the username in /etc/shadow. The password and password aging information in /etc/passwd are replaced with the letter x. Any existing entries in /etc/shadow without a corresponding entry in /etc/passwd are removed. The pwunconv command is the reverse of pwconv. The password and password aging information held in /etc/shadow are written back to /etc/passwd and to the Protected Password database. /etc/shadow is then removed. Files /etc/passwd Password file /etc/shadow Shadow Password file /etc/passwd-t Temporary password file. /etc/shadow-t Temporary shadow password file. /etc/passwd-o Previous password file. /etc/shadow-o Previous shadow password file. /tcb/files/auth/?/* Protected Password database. See also authck(ADM), passwd(C) Diagnostics The pwconv and pwunconv commands exit with one of the following values: 0 Success. 1 Not allowed to run this command. 2 Invalid command syntax. 3 Unexpected failure, conversion not done. 4 Unexpected failure, password file(s) missing. 5 Password file(s) busy, try again later. 6 pwunconv failed as /etc/shadow does not exist. 7 A password file entry created would be too long. An exit status greater than zero is accompanied by an error message describing the problem. If the message is ``error reading entry for user- name'', run authck -p to fix the problem and try again. If the message is ``unable to restore previous password file'' the password file has been renamed to /etc/passwd-o and should be renamed back to /etc/passwd. A similar message is output for the shadow password file, /etc/shadow-o should be renamed /etc/shadow. Authorization pwconv and pwunconv require the invoking user to be the super user or have the auth subsystem authorization, and have both the chown and exec- suid kernel authorizations.