diff options
Diffstat (limited to 'man5/passwd.5')
-rw-r--r-- | man5/passwd.5 | 160 |
1 files changed, 0 insertions, 160 deletions
diff --git a/man5/passwd.5 b/man5/passwd.5 deleted file mode 100644 index 1570383..0000000 --- a/man5/passwd.5 +++ /dev/null @@ -1,160 +0,0 @@ -.\" Copyright (c) 1993 Michael Haardt (michael@moria.de), -.\" Fri Apr 2 11:32:09 MET DST 1993 -.\" -.\" SPDX-License-Identifier: GPL-2.0-or-later -.\" -.\" Modified Sun Jul 25 10:46:28 1993 by Rik Faith (faith@cs.unc.edu) -.\" Modified Sun Aug 21 18:12:27 1994 by Rik Faith (faith@cs.unc.edu) -.\" Modified Sun Jun 18 01:53:57 1995 by Andries Brouwer (aeb@cwi.nl) -.\" Modified Mon Jan 5 20:24:40 MET 1998 by Michael Haardt -.\" (michael@cantor.informatik.rwth-aachen.de) -.TH passwd 5 2023-10-31 "Linux man-pages 6.7" -.SH NAME -passwd \- password file -.SH DESCRIPTION -The -.I /etc/passwd -file is a text file that describes user login accounts for the system. -It should have read permission allowed for all users (many utilities, like -.BR ls (1) -use it to map user IDs to usernames), but write access only for the -superuser. -.P -In the good old days there was no great problem with this general -read permission. -Everybody could read the encrypted passwords, but the -hardware was too slow to crack a well-chosen password, and moreover the -basic assumption used to be that of a friendly user-community. -These days many people run some version of the shadow password suite, where -.I /etc/passwd -has an \[aq]x\[aq] character in the password field, -and the encrypted passwords are in -.IR /etc/shadow , -which is readable by the superuser only. -.P -If the encrypted password, whether in -.I /etc/passwd -or in -.IR /etc/shadow , -is an empty string, login is allowed without even asking for a password. -Note that this functionality may be intentionally disabled in applications, -or configurable (for example using the -.RB \[dq] nullok \[dq] -or -.RB \[dq] nonull \[dq] -arguments to -.BR pam_unix (8)). -.P -If the encrypted password in -.I /etc/passwd -is "\fI*NP*\fP" (without the quotes), -the shadow record should be obtained from an NIS+ server. -.P -Regardless of whether shadow passwords are used, many system administrators -use an asterisk (*) in the encrypted password field to make sure -that this user can not authenticate themself using a -password. -(But see NOTES below.) -.P -If you create a new login, first put an asterisk (*) in the password field, -then use -.BR passwd (1) -to set it. -.P -Each line of the file describes a single user, -and contains seven colon-separated fields: -.P -.in +4n -.EX -name:password:UID:GID:GECOS:directory:shell -.EE -.in -.P -The field are as follows: -.TP 12 -.I name -This is the user's login name. -It should not contain capital letters. -.TP -.I password -This is either the encrypted user password, -an asterisk (*), or the letter \[aq]x\[aq]. -(See -.BR pwconv (8) -for an explanation of \[aq]x\[aq].) -.TP -.I UID -The privileged -.I root -login account (superuser) has the user ID 0. -.TP -.I GID -This is the numeric primary group ID for this user. -(Additional groups for the user are defined in the system group file; see -.BR group (5)). -.TP -.I GECOS -This field (sometimes called the "comment field") -is optional and used only for informational purposes. -Usually, it contains the full username. -Some programs (for example, -.BR finger (1)) -display information from this field. -.IP -GECOS stands for "General Electric Comprehensive Operating System", -which was renamed to GCOS when -GE's large systems division was sold to Honeywell. -Dennis Ritchie has reported: "Sometimes we sent printer output or -batch jobs to the GCOS machine. -The gcos field in the password file was a place to stash the -information for the $IDENTcard. -Not elegant." -.TP -.I directory -This is the user's home directory: -the initial directory where the user is placed after logging in. -The value in this field is used to set the -.B HOME -environment variable. -.TP -.I shell -This is the program to run at login (if empty, use -.IR /bin/sh ). -If set to a nonexistent executable, the user will be unable to login -through -.BR login (1). -The value in this field is used to set the -.B SHELL -environment variable. -.SH FILES -.I /etc/passwd -.SH NOTES -If you want to create user groups, there must be an entry in -.IR /etc/group , -or no group will exist. -.P -If the encrypted password is set to an asterisk (*), the user will be unable -to login using -.BR login (1), -but may still login using -.BR rlogin (1), -run existing processes and initiate new ones through -.BR rsh (1), -.BR cron (8), -.BR at (1), -or mail filters, etc. -Trying to lock an account by simply changing the -shell field yields the same result and additionally allows the use of -.BR su (1). -.SH SEE ALSO -.BR chfn (1), -.BR chsh (1), -.BR login (1), -.BR passwd (1), -.BR su (1), -.BR crypt (3), -.BR getpwent (3), -.BR getpwnam (3), -.BR group (5), -.BR shadow (5), -.BR vipw (8) |