Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
passwd(4)		   Kernel Interfaces Manual		     passwd(4)

       passwd -	password file, pwd.h

       contains	the following information for each user:

	      o	 login name
	      o	 encrypted password
	      o	 numerical user	ID
	      o	 numerical group ID
	      o	 reserved gecos	ID
	      o	 initial working directory
	      o	 program to use	as shell

       This  is	 an  ASCII file.  Each field within each user's	entry is sepa-
       rated from the next by a	colon.	Each user is separated from  the  next
       by  a  newline.	 This  file resides in the directory.  It can and does
       have general read permission and	can be used, for example, to  map  nu-
       merical user IDs	to names.

       getpwent(3C)  returns  a	pointer	to a user's entry passwd structure de-
       clared in

       The login name must begin with an alpha character and may only  contain
       alphanumeric and	underscore characters.	If the login directory is null
       the user	will be	placed in by default.  If the login shell is null,  is

       It  is suggested	that the range 0-99 not	be used	for user and group IDs
       so that IDs that	might be assigned for system software do not conflict.

       The gecos field may contain the following identification:  user's  full
       name,  office location, extension, and home phone.  The gecos field can
       be set by use of	the command and	 is  displayed	by  the	 command  (see
       chfn(1)	and  finger(1)).  These	two commands assume the	information in
       this field is in	the order listed above.	 A portion of the user's  real
       name  can be represented	in the gecos field by an character, which some
       utilities (including expand by substituting the login name for  it  and
       shifting	the first letter of the	login name to uppercase.

   Password Field
       On  a  non-shadowed standard system all password	fields contain the ac-
       tual encrypted password.	 On a shadowed standard	 system	 all  password
       fields  contain	an `x',	while the actual encrypted passwords reside in
       On a trusted system all password	fields contain a `*'; the  actual  en-
       crypted passwords reside	in the Protected Password Database.

       The  following  description  of	the password field applies only	to the
       case where the password field of	an entry in  contains  an  actual  en-
       crypted password.  See shadow(4)	for the	case where the encrypted pass-
       word resides in or see the section of this manual page  for  a  trusted

       If  the	password field is null there is	no password and	no password is
       demanded	on login.  Otherwise this field	consists of an encrypted pass-
       word with an optional password aging subfield.

       The encrypted password consists of 13 characters	chosen from a 64-char-
       acter set of "digits" described below, Login can	be prevented by	enter-
       ing  in	the  password field a character	that is	not part of the	set of
       digits (such as

       The characters used to represent	"digits" are for 0, for	1, through for
       2 through 11, through for 12 through 37,	and through for	38 through 63.

       Password	 aging is put in effect	for a particular user if his encrypted
       password	in the password	file is	followed by a  comma  and  a  non-null
       string  of  characters from the above alphabet.	(Such a	string must be
       introduced in the first instance	by a superuser.)  This string  defines
       the "age" needed	to implement password aging.

       UNIX  keeps internal time stamps	in a format with a base	date of	Thurs-
       day January 1, 1970.  Because of	this, passwd considers	the  beginning
       of a week to be 00:00 GMT Thursday.

       The  first character of the age,	M, denotes the maximum number of weeks
       for which a password is valid.  A user who attempts to login after  his
       password	 has  expired is forced	to supply a new	one.  The next charac-
       ter, m, denotes the minimum period in weeks that	must expire before the
       password	 can be	changed.  The remaining	two characters define the week
       when the	password was last changed (a  null  string  is	equivalent  to
       zero).	M  and	m have numerical values	in the range 0 through 63 that
       correspond to the 64-character set of "digits" shown above.

       If m = M	= 0 (derived from the string or	the user is forced  to	change
       his  password  next  time he logs in (and the "age" disappears from his
       entry in	the password file).  If	m > M (signified, for example, by  the
       string  then  only  a superuser (not the	user) can change the password.
       Not allowing the	user to	ever change the	password is discouraged.

       This section applies only to trusted systems.  On a trusted system  the
       password	field always contains by default.  Password and	aging informa-
       tion are	instead	part of	the Protected Password Database.

       On trusted systems, the encrypted password for each user	is  stored  in
       the file	(where c is the	first letter in	user_name).  Password informa-
       tion files are not accessible to	the public.   The  encrypted  password
       can  be	longer than 13 characters.  For	example, the password file for
       user is stored in In addition to	the password, the user profile in also
       has many	other fields, including:

	      o	 numerical audit ID
	      o	 numerical audit flag

       Like  this  file	is an ASCII file.  Fields within each user's entry are
       separated by colons.  Refer to authcap(4)  and  prpwd(4)	 for  details.
       The  passwords contained	in take	precedence over	those contained	in the
       encrypted password field	of User	authentication is done using  the  en-
       crypted passwords in this file.	The password aging mechanism described
       in passwd(1), under the section called applies to this password.

       For more	information on converting to trusted system and	 on  password,
       see Managing Systems and	Workgroups and sam(1M).

       The  file  can have entries that	begin with a plus or minus sign	in the
       first column.  Such lines are used to access  the  Network  Information
       System  network	database.  A line beginning with a plus	is used	to in-
       corporate entries from the Network Information System.  There are three
       styles of entries:

	      Insert the entire	contents
			  of  the  Network Information System password file at
			  that point;

	      Insert the entry (if any)	for
			  name from the	Network	 Information  System  at  that

	      Insert the entries for all members of the	network	group
			  name at that point.

       If  a  entry has	a non-null password, directory,	gecos, or shell	field,
       they override what is contained in the Network Information System.  The
       numerical user ID and group ID fields cannot be overridden.

       The passwd file can also	have lines beginning with a minus which	disal-
       low entries from	the Network Information	System.	 There are two	styles
       of entries:

	      Disallow any subsequent entries (if any) for

	      Disallow	any  subsequent	entries	for all	members	of the network

   NIS Warnings
       The plus	and minus features are NIS functionality; therefore, if	NIS is
       not  installed,	they do	not work.  Also, these features	work only with
       but not with a system that has been  converted  to  a  trusted  system.
       When  the  system has been converted to a trusted system, the encrypted
       passwords can be	accessed only from the	protected  password  database,
       Any  user  entry	 in  the Network Information System database also must
       have an entry in	the protected password database.

       The uid of -2 is	reserved for remote root access	by means of NFS.   The
       user  name usually given	to this	uid is Since uids are stored as	signed
       values, the following define is included	in to match the	user

       The login shell for the root user (uid 0) must be to guarantee  it  can
       always boot.  Other shells such as sh, ksh, and csh are all located un-
       der the directory which may not be mounted during earlier stages	of the
       bootup  process.	 Changing  the login shell of the root user to a value
       other than is allowed but may result in a non-functional	system.

       The information kept in the gecos field may conflict  with  unsupported
       or  future uses of this field.  Use of the gecos	field for keeping user
       identification information has not been formalized within  any  of  the
       industry	 standards.  The current use of	this field is derived from its
       use within the Berkeley Software	Distribution.	Future	standards  may
       define this field for other purposes.

       The following fields have size limitations as noted:

	      o	 Login name field can be no longer than	8 characters;

	      o	 Initial  working  directory  field  can  be no	longer than 63

	      o	 Program field can be no longer	than 44	characters.

	      o	 Results are unpredictable if these fields are longer than the
		 limits	specified above.

       The following fields have numerical limitations as noted:

	      o	 The  user  ID is an integer value between and inclusive. As a
		 special case maybe present.

	      o	 The group ID is an integer value between and inclusive. As  a
		 special case maybe present.

	      o	 If  either of these values are	out of range, the getpwent(3C)
		 functions reset the ID	value to

   NIS Example
   Shadow Password Example
       In the NIS example, there are specific entries for users	 and  in  case
       the Network Information System are out of order.

	      o	     Normally the password fields of user and user contain the
		     actual encrypted passwords.  For  the  shadowed  standard
		     mode  case,  the password fields of user and user contain
		     an	'x'; the actual	encrypted passwords reside in

	      o	     User password entry in the	Network	Information System  is
		     incorporated without change.

	      o	     Any subsequent entries for	user are ignored.

	      o	     The  password  field  for	anyone in the netgroup is dis-

	      o	     Users in netgroup are not returned	 by  getpwent(3C)  and
		     thus are not allowed to log in.

	      o	     Anyone  else can log in with their	usual password,	shell,
		     and home directory, but with a gecos field	of

       Protected password database used	when system is	converted  to  trusted
       Standard	password file used by HP-UX.
       Shadow password file.

       chfn(1),	 chsh(1), finger(1), login(1), passwd(1), pwck(1), pwconv(1M),
       useradd(1M), a64l(3C), crypt(3C),  getpass(3C),	getpwent(3C),  getprp-
       went(3),	authcap(4), shadow(4), limits(5).



Want to link to this manual page? Use this URL:

home | help