|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
File Formats passwd(4)
NAME
passwd - password file
SYNOPSIS
/etc/passwd
DESCRIPTION
The file /etc/passwd is a local source of information about
users' accounts. The password file can be used in conjunc-
tion with other naming sources, such as the NIS maps
passwd.byname and passwd.bygid, data from the NIS+ passwd
table, or password data stored on an LDAP server. Programs
use the getpwnam(3C) routines to access this information.
Each passwd entry is a single line of the form:
username:password:uid:
gid:gcos-field:home-dir:
login-shell
where
username is the user's login name.
The login (login) and role (role) fields
accept a string of no more than eight bytes
consisting of characters from the set of
alphabetic characters, numeric characters,
period (.), underscore (_), and hyphen (-).
The first character should be alphabetic and
the field should contain at least one lower
case alphabetic character. A warning message
is displayed if these restrictions are not
met.
The login and role fields must contain at
least one character and must not contain a
colon (:) or a newline (\n).
password is an empty field. The encrypted password
for the user is in the corresponding entry
in the /etc/shadow file. pwconv(1M) relies
on a special value of 'x' in the password
field of /etc/passwd. If this value of 'x'
exists in the password field of /etc/passwd,
this indicates that the password for the
user is already in /etc/shadow and should
not be modified.
SunOS 5.10 Last change: 28 Jul 2004 1
File Formats passwd(4)
uid is the user's unique numerical ID for the
system.
gid is the unique numerical ID of the group that
the user belongs to.
gcos-field is the user's real name, along with informa-
tion to pass along in a mail-message head-
ing. (It is called the gcos-field for his-
torical reasons.) An ``&'' (ampersand) in
this field stands for the login name (in
cases where the login name appears in a
user's real name).
home-dir is the pathname to the directory in which
the user is initially positioned upon log-
ging in.
login-shell is the user's initial shell program. If this
field is empty, the default shell is
/usr/bin/sh.
The maximum value of the uid and gid fields is 2147483647.
To maximize interoperability and compatibility, administra-
tors are recommended to assign users a range of UIDs and
GIDs below 60000 where possible. (UIDs from 0-99 inclusive
are reserved by the operating system vendor for use in
future applications. Their use by end system users or ven-
dors of layered products is not supported and may cause
security related issues with future applications.)
The password file is an ASCII file that resides in the /etc
directory. Because the encrypted passwords on a secure sys-
tem are always kept in the shadow file, /etc/passwd has gen-
eral read permission on all systems and can be used by rou-
tines that map between numerical user IDs and user names.
Blank lines are treated as malformed entries in the passwd
file and cause consumers of the file , such as getpwnam(3C),
to fail.
SunOS 5.10 Last change: 28 Jul 2004 2
File Formats passwd(4)
The password file can contain entries beginning with a `+'
(plus sign) or '-' (minus sign) to selectively incorporate
entries from another naming service source, such as NIS,
NIS+, or LDAP.
A line beginning with a '+' means to incorporate entries
from the naming service source. There are three styles of
the '+' entries in this file. A single + means to insert all
the entries from the alternate naming service source at that
point, while a +name means to insert the specific entry, if
one exists, from the naming service source. A +@netgroup
means to insert the entries for all members of the network
group netgroup from the alternate naming service. If a +name
entry has a non-null password, gcos, home-dir, or login-
shell field, the value of that field overrides what is con-
tained in the alternate naming service. The uid and gid
fields cannot be overridden.
A line beginning with a `-' means to disallow entries from
the alternate naming service. There are two styles of `-`
entries in this file. -name means to disallow any subsequent
entries (if any) for name (in this file or in a naming ser-
vice), and -@netgroup means to disallow any subsequent
entries for all members of the network group netgroup.
This is also supported by specifying ``passwd : compat'' in
nsswitch.conf(4). The "compat" source might not be supported
in future releases. The preferred sources are files followed
by the identifier of a name service, such as nis or ldap.
This has the effect of incorporating the entire contents of
the naming service's passwd database or password-related
information after the passwd file.
Note that in compat mode, for every /etc/passwd entry, there
must be a corresponding entry in the /etc/shadow file.
Appropriate precautions must be taken to lock the
/etc/passwd file against simultaneous changes if it is to be
edited with a text editor; vipw(1B) does the necessary lock-
ing.
EXAMPLES
Example 1: Sample passwd File
The following is a sample passwd file:
root:x:0:1:Super-User:/:/sbin/sh
fred:6k/7KCFRPNVXg:508:10:& Fredericks:/usr2/fred:/bin/csh
and the sample password entry from nsswitch.conf:
SunOS 5.10 Last change: 28 Jul 2004 3
File Formats passwd(4)
passwd: files ldap
In this example, there are specific entries for users root
and fred to assure that they can login even when the system
is running single-user. In addition, anyone whose password
information is stored on an LDAP server will be able to
login with their usual password, shell, and home directory.
If the password file is:
root:x:0:1:Super-User:/:/sbin/sh
fred:6k/7KCFRPNVXg:508:10:& Fredericks:/usr2/fred:/bin/csh
+
and the password entry in nsswitch.conf is:
passwd: compat
then all the entries listed in the NIS passwd.byuid and
passwd.byname maps will be effectively incorporated after
the entries for root and fred. If the password entry in
nsswitch.conf is:
passwd_compat: ldap
passwd: compat
then all password-related entries stored on the LDAP server
will be incorporated after the entries for root and fred.
The following is a sample passwd file when shadow does not
exist:
root:q.mJzTnu8icf.:0:1:Super-User:/:/sbin/sh
fred:6k/7KCFRPNVXg:508:10:& Fredericks:/usr2/fred:/bin/csh
+john:
+@documentation:no-login:
+::::Guest
The following is a sample passwd file when shadow does
exist:
root:##root:0:1:Super-User:/:/sbin/sh
fred:##fred:508:10:& Fredericks:/usr2/fred:/bin/csh
+john:
+@documentation:no-login:
+::::Guest
In this example, there are specific entries for users root
and fred, to assure that they can log in even when the sys-
tem is running standalone. The user john will have his pass-
word entry in the naming service source incorporated without
SunOS 5.10 Last change: 28 Jul 2004 4
File Formats passwd(4)
change, anyone in the netgroup documentation will have their
password field disabled, and anyone else will be able to log
in with their usual password, shell, and home directory, but
with a gcos field of Guest
FILES
/etc/nsswitch.conf
/etc/passwd
/etc/shadow
SEE ALSO
chgrp(1), chown(1), finger(1), groups(1), login(1),
newgrp(1), nispasswd(1), passwd(1), sh(1), sort(1),
domainname(1M), getent(1M), in.ftpd(1M), passmgmt(1M),
pwck(1M), pwconv(1M), su(1M), useradd(1M), userdel(1M),
usermod(1M), a64l(3C), crypt(3C), getpw(3C), getpwnam(3C),
getspnam(3C), putpwent(3C), group(4), hosts.equiv(4),
nsswitch.conf(4), shadow(4), environ(5), unistd.h(3HEAD)
System Administration Guide: Basic Administration
SunOS 5.10 Last change: 28 Jul 2004 5
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:27:28 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5080 hits)
(openSUSE 10.2)
adv_cap_autoneg man page (4745 hits)
(Solaris 10 11_06)
CPAN man page (4465 hits)
(Suse Linux 10.1)
ssh man page (4248 hits)
(Suse Linux 10.1)
svn man page (4222 hits)
(FreeBSD 6.2)
startproc man page (2190 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2183 hits)
(Solaris 10 11_06)
netcat man page (2151 hits)
(Suse Linux 10.1)
pprosetup man page (2007 hits)
(Solaris 10 11_06)
signal man page (1991 hits)
(Suse Linux 10.1)
|
Man Pages 
