PASSWD(5) BSD Reference Manual PASSWD(5)NAME
passwd, master.passwd - format of the password file
DESCRIPTION
The master.passwd file, readable only by root, consists of newline-
separated records, one per user, containing ten colon (':') separated
fields. These fields are as follows:
name User's login name.
password User's encrypted password.
uid User's login user ID.
gid User's login group ID.
class User's general classification (see login.conf(5)).
change Password change time.
expire Account expiration time.
gecos General information about the user.
home_dir User's home directory.
shell User's login shell.
The publicly-readable passwd file is generated from the master.passwd
file by pwd_mkdb(8) and has the class, change, and expire fields removed.
Also, the encrypted password field is replaced by an asterisk ('*').
The password files should never be edited by hand; vipw(8) should be used
instead.
The name field is the login used to access the computer account, and the
uid field is the number associated with it. They should both be unique
across the system (and often across a group of systems) since they con-
trol file access.
While it is possible to have multiple entries with identical login names
and/or identical user IDs, it is usually a mistake to do so. Routines
that manipulate these files will often return only one of the multiple
entries, and that one by random selection.
The login name may be up to 31 characters long. For compatibility with
legacy software, a login name should start with a letter and consist
solely of letters, numbers, dashes and underscores. The login name must
never begin with a hyphen ('-'); also, it is strongly suggested that nei-
ther uppercase characters nor dots ('.') be part of the name, as this
tends to confuse mailers. No field may contain a colon as this has been
used historically to separate the fields in the user database.
The password field is the encrypted form of the password. If the password
field is empty, no password will be required to gain access to the
machine. This is almost invariably a mistake. By convention, accounts
that are not intended to be logged in to (e.g. bin, daemon, sshd) have a
star ('*') in the password field. Note that there is nothing special
about '*', it is just one of many strings that is not a valid encrypted
password (see crypt(3)). Because master.passwd contains the encrypted
user passwords, it should not be readable by anyone without appropriate
privileges.
Which type of cipher is used to encrypt the password information depends
on the configuration in login.conf(5). It can be different for local
passwords.
The group field is the group that the user will be placed in upon login.
Since this system supports multiple groups (see groups(1)) this field
currently has little special meaning.
The class field is used by login(1) and other programs to determine which
entry in the login.conf(5) database should be used.
The change field is the number in seconds, GMT, from the epoch, until the
password for the account must be changed. This field may be left empty to
turn off the password aging feature.
The expire field is the number in seconds, GMT, from the epoch, until the
account expires. This field may be left empty to turn off the account ag-
ing feature.
The gecos field normally contains comma (',') separated subfields as fol-
lows:
name User's full name.
office User's office location.
wphone User's work phone number.
hphone User's home phone number.
The full name may contain an ampersand ('&'), which will be replaced by
the capitalized login name when the gecos field is displayed or used by
various programs such as finger(1), sendmail(8), etc.
The office and phone number subfields, if they exist, are used by the
finger(1) program and possibly by other applications.
The user's home directory is the full UNIX path name where the user will
be placed on login.
The shell field is the command interpreter the user prefers. If there is
nothing in the shell field, the Bourne shell (/bin/sh) is assumed. Ac-
counts that are not intended to be logged in to usually have a shell of
/sbin/nologin.
SEE ALSOchpass(1), login(1), passwd(1), crypt(3), getpwent(3), login.conf(5),
netgroup(5), adduser(8), pwd_mkdb(8), vipw(8), yp(8)
Managing NFS and NIS (O'Reilly & Associates)
STANDARDS
The password file format has changed since 4.3BSD. The following awk(1)
script can be used to convert your old-style password file into a new
style password file. The additional fields "class", "change", and
"expire" are added, but are turned off by default. To set change and
expire use the current day in seconds from the epoch plus the number of
seconds of offset desired.
BEGIN { FS = ":"}
{ print $1 ":" $2 ":" $3 ":" $4 "::0:0:" $5 ":" $6 ":" $7 }
HISTORY
A passwd file format appeared in Version 3 AT&T UNIX.
BUGS
User information should (and eventually will) be stored elsewhere.
MirOS BSD #10-current July 18, 1995 1