Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
CHPASS(1)		  BSD General Commands Manual		     CHPASS(1)

     chpass, chfn, chsh	-- add or change user database information

     chpass [-a	list] [-s newshell] [-l] [user]
     chpass [-a	list] [-s newshell] [-y] [user]

     chpass allows editing of the user database	information associated with
     user or, by default, the current user.  The information is	formatted and
     supplied to an editor for changes.

     Only the information that the user	is allowed to change is	displayed.

     The options are as	follows:

     -a	     The super-user is allowed to directly supply a user database en-
	     try, in the format	specified by passwd(5),	as an argument.	 This
	     argument must be a	colon (":") separated list of all the user
	     database fields, although they may	be empty.

     -s	     The -s option attempts to change the user's shell to newshell.

     -l	     This option causes	the password to	be updated only	in the local
	     password file.  When changing only	the local password,
	     pwd_mkdb(8) is used to update the password	databases.

     -y	     This forces the YP	password database entry	to be changed, even if
	     the user has an entry in the local	database.  The
	     rpc.yppasswdd(8) daemon should be running on the YP master

     Possible display items are	as follows:

	   Login:	    user's login name
	   Password:	    user's encrypted password
	   Uid:		    user's login
	   Gid:		    user's login group
	   Change:	    password change time
	   Expire:	    account expiration time
	   Class:	    user's general classification
	   Home	Directory:  user's home	directory
	   Shell:	    user's login shell
	   Full	Name:	    user's real	name
	   Location:	    user's normal location
	   Home	Phone:	    user's home	phone
	   Office Phone:    user's office phone

     The login field is	the user name used to access the computer account.

     The password field	contains the encrypted form of the user's password.

     The uid field is the number associated with the login field.  Both	of
     these fields should be unique across the system (and often	across a group
     of	systems) as they control file access.

     While it is possible to have multiple entries with	identical login	names
     and/or identical user id's, it is usually a mistake to do so.  Routines
     that manipulate these files will often return only	one of the multiple
     entries, and that one by random selection.

     The group field is	the group that the user	will be	placed in at login.
     Since BSD supports	multiple groups	(see groups(1))	this field currently
     has little	special	meaning.  This field may be filled in with either a
     number or a group name (see group(5)).

     The change	field is the date by which the password	must be	changed.

     The expire	field is the date on which the account expires.

     Both the change and expire	fields should be entered in the	form "month
     day year" where month is the month	name (the first	three characters are
     sufficient), day is the day of the	month, and year	is the year.

     The class field is	a key for a user's login class.	 Login classes are de-
     fined in login.conf(5), which is a	termcap(5) style database of user at-
     tributes, accounting, resource and	environment settings.

     The user's	home directory is the full UNIX	path name where	the user will
     be	placed at login.

     The shell field is	the command interpreter	the user prefers.  If the
     shell field is empty, the Bourne shell, /bin/sh, is assumed.  When	alter-
     ing a login shell,	and not	the super-user,	the user may not change	from a
     non-standard shell	or to a	non-standard shell.  Non-standard is defined
     as	a shell	not found in /etc/shells.

     The last four fields are for storing the user's full name,	office
     location, and home	and work telephone numbers.

     Once the information has been verified, chpass uses pwd_mkdb(8) to	update
     the user database.

     The vi(1) editor will be used unless the environment variable EDITOR is
     set to an alternative editor.  When the editor terminates,	the informa-
     tion is re-read and used to update	the user database itself.  Only	the
     user, or the super-user, may edit the information associated with the

     /etc/master.passwd	 The user database
     /etc/passwd	 A Version 7 format password file
     /etc/ptmp		 Lock file for the passwd database
     /tmp/pw.XXXXXX	 Temporary copy	of the user passwd information
     /etc/shells	 The list of approved shells

     finger(1),	login(1), passwd(1), pwhash(1),	getusershell(3), passwd(5),
     passwd.conf(5), pwd_mkdb(8), vipw(8)

     Robert Morris and Ken Thompson, UNIX Password Security.

     The chpass	command	appeared in 4.3BSD-Reno.

     This program's interface is poorly	suited to cryptographic	systems	such
     as	Kerberos, and consequently Kerberos password changing is not a feature
     of	this program.

     User information should (and eventually will) be stored elsewhere.

BSD				October	7, 2006				   BSD


Want to link to this manual page? Use this URL:

home | help