Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

crypt(3C)

getpwent(3C)

group(4)

login(1)

passwd(1)

passwd(4)

NAME

passwd − password file

DESCRIPTION

The passwd file contains for each user the following information:

nameUser’s login name — contains no upper case characters and must not be greater than eight characters long. 

passwordencrypted password and password aging information. 

numerical user ID
This is the user’s ID in the system and it must be a unique value less than MAXUID, as defined in /usr/include/sys/param.h. 

numerical group ID
This is the number of the group that the user belongs to.

user’s real name
At some sites, this field also contains the user’s office, extension, home phone, and so on.  For historical reasons this field is called the GCOS field. 

initial working directory
The directory that the user is positioned in when they log in — this is known as the ‘home’ directory.

shellprogram to use as Shell when the user logs in. 

The user’s real name field may contain ‘&’, meaning insert the login name. 

The password file is an ASCII file.  Each field within each user’s entry is separated from the next by a colon.  Each user is separated from the next by a new-line.  If the password field is null, no password is demanded; if the Shell field is null, /bin/sh is used. 

The passwd file can also have lines beginning with a plus (+), which means to incorporate entries from the yellow pages.  There are three styles of + entries: all by itself, + means to insert the entire contents of the yellow pages password file at that point; +name means to insert the entry (if any) for name from the yellow pages at that point; +@name means to insert the entries for all members of the network group name at that point.  If a + entry has a non-null password, directory, GCOS, or shell field, they will overide what is contained in the yellow pages.  The numerical user ID and group ID fields cannot be overridden. 

The passwd file can also have line beginning with a minus (-), which means to disallow entries from the yellow pages.  There are two styles of - entries: -name means to disallow any subsequent entries (if any) for name; -@name means to disallow any subsequent entries for all members of the network group name.

The encrypted password consists of 13 characters chosen from a 64-character alphabet (., /, 0−9, A−Z, a−z), except when the password is null, in which case the encrypted password is also null.  Password aging is effected for a particular user if his encrypted password in the password file is followed by a comma and a non-null string of characters from the above alphabet.  (Such a string must be introduced in the first instance by the super-user.) 

The first character of the age, M say, denotes the maximum number of weeks for which a password is valid. A user who attempts to login after his password has expired will be forced to supply a new one. The next character, m say, denotes the minimum period in weeks which must expire before the password may be changed. The remaining characters define the week (counted from the beginning of 1970) when the password was last changed. (A null string is equivalent to zero.) M and m have numerical values in the range 0−63 that correspond to the 64-character alphabet shown above (i.e., / = 1 week; z = 63 weeks).  If m = M = 0 (derived from the string . or ..) the user will be forced to change his password the next time he logs in (and the “age” will disappear from his entry in the password file).  If m > M (signified, e.g., by the string ./) only the super-user will be able to change the password. 

EXAMPLE

Here is a sample /etc/passwd file:

root:q.mJzTnu8icF.:0:10:Root:/:/bin/csh
tut:6k/7KCFRPNVXg:508:10:Bill Tuthill:/usr2/tut:/bin/csh
+john:
-bob:
+@documentation:no-login:
-@marketing:
+:::Guest

In this example, there are specific entries for users root and tut , in case the yellow pages are out of order.  The user john will have his password entry in the yellow pages incorporated without change; any subsequent entries for the user bob will be ignored; anyone in the netgroup documentation will have their password field disabled; anyone in the netgroup marketing will not be allowed to login, and anyone else will be able to log in with their usual password, shell, and home directory, but with a GCOS field of Guest. 

The password file resides in the /etc directory.  Because of the encrypted passwords, it has general read permission and can be used, for example, to map numerical user ID’s to names. 

NOTES

A 4.2BSD password file does not contain a password aging field. 
 
If this machine is running CX/SX, consult the passwd(4SX) man page entry for information on the password files in SX. 

FILES

/etc/passwd

SEE ALSO

crypt(3C), getpwent(3C), group(4). 
login(1), passwd(1) in the CX/UX User’s Reference Manual. 

CX/UX Programmer’s Reference Manual

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026