PASSWD(5) UNIX Programmer's Manual PASSWD(5) NAME passwd - password files DESCRIPTION Passwd files are files consisting of newline separated records, one per user, containing ten colon (``:'') separated fields. These fields are as follows: name user's login name password user's encrypted password uid user's id gid user's login group id class user's general classification (unused) change password change time expire account expiration time gecos general information about the user home_dir user's home directory shell user's login shell The name field is the login used to access the computer account, and the uid field is the number associated with it. They should both be unique across the system (and often across a group of systems) since they control file access. While it is possible to have multiple entries with identical login names and/or identical user id's, it is usually a mis- take to do so. Routines that manipulate these files will often return only one of the multiple entries, and that one by random selection. The login name must never begin with a hyphen (``-''); also, it is strongly suggested that neither upper-case characters or dots (``.'') be part of the name, as this tends to con- fuse mailers. No field may contain a colon (``:'') as this has been used historically to separate the fields in the user database. The password field is the encrypted form of the password. If the password field is empty, no password will be required to gain access to the machine. This is almost invariably a mistake. Because these files contain the encrypted user passwords, they should not be readable by anyone without appropriate privileges. The group field is the group that the user will be placed in upon login. Since this system supports multiple groups (see groups(1)) this field currently has little special meaning. The class field is currently unused. In the near future it will be a key to a termcap(5) style database of user attri- butes. Printed 11/26/99 May 8, 1989 1 PASSWD(5) UNIX Programmer's Manual PASSWD(5) The change field is the number in seconds, GMT, from the epoch, until the password for the account must be changed. This field may be left empty to turn off the password aging feature. The expire field is the number in seconds, GMT, from the epoch, until the account expires. This field may be left empty to turn off the account aging feature. The gecos field normally contains comma (``,'') separated subfields as follows: name user's full name office user's office number wphone user's work phone number hphone user's home phone number This information is used by the finger(1) program. The user's home directory is the full UNIX path name where the user will be placed on login. The shell field is the command interpreter the user prefers. If the shell field is empty, the Bourne shell (/bin/sh) is assumed. SEE ALSO chpass(1), login(1), passwd(1), getpwent(3), mkpasswd(8), vipw(8) adduser(8) BUGS User information should (and eventually will) be stored elsewhere. Printed 11/26/99 May 8, 1989 2