Annotation of src/usr.bin/chpass/chpass.1, Revision 1.12
1.12 ! aaron 1: .\" $OpenBSD: chpass.1,v 1.11 1999/06/05 01:21:20 aaron Exp $
1.2 deraadt 2: .\" $NetBSD: chpass.1,v 1.7 1996/05/15 21:50:40 jtc Exp $
1.1 deraadt 3: .\"
4: .\" Copyright (c) 1988, 1990, 1993
5: .\" The Regents of the University of California. All rights reserved.
6: .\"
7: .\" Redistribution and use in source and binary forms, with or without
8: .\" modification, are permitted provided that the following conditions
9: .\" are met:
10: .\" 1. Redistributions of source code must retain the above copyright
11: .\" notice, this list of conditions and the following disclaimer.
12: .\" 2. Redistributions in binary form must reproduce the above copyright
13: .\" notice, this list of conditions and the following disclaimer in the
14: .\" documentation and/or other materials provided with the distribution.
15: .\" 3. All advertising materials mentioning features or use of this software
16: .\" must display the following acknowledgement:
17: .\" This product includes software developed by the University of
18: .\" California, Berkeley and its contributors.
19: .\" 4. Neither the name of the University nor the names of its contributors
20: .\" may be used to endorse or promote products derived from this software
21: .\" without specific prior written permission.
22: .\"
23: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33: .\" SUCH DAMAGE.
34: .\"
35: .\" @(#)chpass.1 8.2 (Berkeley) 12/30/93
36: .\"
37: .Dd December 30, 1993
38: .Dt CHPASS 1
39: .Os
40: .Sh NAME
41: .Nm chpass
42: .Nd add or change user database information
43: .Sh SYNOPSIS
44: .Nm chpass
45: .Op Fl a Ar list
46: .Op Fl s Ar newshell
1.9 aaron 47: .Op Ar user
1.1 deraadt 48: .Sh DESCRIPTION
1.12 ! aaron 49: .Nm
1.1 deraadt 50: allows editing of the user database information associated
51: with
1.9 aaron 52: .Ar user ,
1.1 deraadt 53: or, by default, the current user.
54: The information is formatted and supplied to an editor for changes.
55: .Pp
56: Only the information that the user is allowed to change is displayed.
57: .Pp
58: The options are as follows:
59: .Bl -tag -width Ds
1.6 deraadt 60: .It Fl a Ar list
1.1 deraadt 61: The super-user is allowed to directly supply a user database
62: entry, in the format specified by
63: .Xr passwd 5 ,
64: as an argument.
1.9 aaron 65: This argument must be a colon
66: .Pq Sq \&:
67: separated list of all the
1.1 deraadt 68: user database fields, although they may be empty.
1.6 deraadt 69: .It Fl s Ar newshell
1.9 aaron 70: Attempts to change the user's shell to
1.1 deraadt 71: .Ar newshell .
72: .El
73: .Pp
74: Possible display items are as follows:
75: .Pp
76: .Bl -tag -width "Home Directory:" -compact -offset indent
77: .It Login:
78: user's login name
79: .It Password:
80: user's encrypted password
81: .It Uid:
82: user's login
83: .It Gid:
84: user's login group
85: .It Change:
86: password change time
87: .It Expire:
88: account expiration time
89: .It Class:
90: user's general classification
91: .It Home Directory:
92: user's home directory
93: .It Shell:
94: user's login shell
95: .It Full Name:
96: user's real name
97: .It Location:
98: user's normal location
99: .It Home Phone:
100: user's home phone
101: .It Office Phone:
102: user's office phone
103: .El
104: .Pp
105: The
106: .Ar login
107: field is the user name used to access the computer account.
108: .Pp
109: The
110: .Ar password
111: field contains the encrypted form of the user's password.
112: .Pp
113: The
114: .Ar uid
115: field is the number associated with the
116: .Ar login
117: field.
118: Both of these fields should be unique across the system (and often
119: across a group of systems) as they control file access.
120: .Pp
121: While it is possible to have multiple entries with identical login names
1.9 aaron 122: and/or identical user IDs, it is usually a mistake to do so. Routines
1.1 deraadt 123: that manipulate these files will often return only one of the multiple
124: entries, and that one by random selection.
125: .Pp
126: The
127: .Ar group
128: field is the group that the user will be placed in at login.
129: Since BSD supports multiple groups (see
1.9 aaron 130: .Xr groups 1 ),
1.1 deraadt 131: this field currently has little special meaning.
132: This field may be filled in with either a number or a group name (see
133: .Xr group 5 ) .
134: .Pp
135: The
136: .Ar change
137: field is the date by which the password must be changed.
138: .Pp
139: The
140: .Ar expire
141: field is the date on which the account expires.
142: .Pp
143: Both the
144: .Ar change
145: and
146: .Ar expire
147: fields should be entered in the form ``month day year'' where
148: .Ar month
149: is the month name (the first three characters are sufficient),
150: .Ar day
151: is the day of the month, and
152: .Ar year
153: is the year.
154: .Pp
155: The
156: .Ar class
157: field is currently unused. In the near future it will be a key to
158: a
159: .Xr termcap 5
160: style database of user attributes.
161: .Pp
162: The user's
163: .Ar home directory
164: is the full UNIX path name where the user
165: will be placed at login.
166: .Pp
167: The
168: .Ar shell
169: field is the command interpreter the user prefers.
170: If the
171: .Ar shell
1.9 aaron 172: field is empty, the Bourne shell
173: .Pq Pa /bin/sh
1.1 deraadt 174: is assumed.
175: When altering a login shell, and not the super-user, the user
176: may not change from a non-standard shell or to a non-standard
177: shell.
178: Non-standard is defined as a shell not found in
179: .Pa /etc/shells .
180: .Pp
181: The last four fields are for storing the user's
182: .Ar full name , office location ,
183: and
1.8 deraadt 184: .Ar work
1.1 deraadt 185: and
1.8 deraadt 186: .Ar home telephone
1.1 deraadt 187: numbers.
188: .Pp
189: Once the information has been verified,
1.12 ! aaron 190: .Nm
1.1 deraadt 191: uses
192: .Xr pwd_mkdb 8
193: to update the user database.
194: .Sh ENVIRONMENT
195: The
196: .Xr vi 1
1.5 deraadt 197: editor will be used unless the environment variable
198: .Ev EDITOR
199: is set to
1.1 deraadt 200: an alternate editor.
201: When the editor terminates, the information is re-read and used to
202: update the user database itself.
203: Only the user, or the super-user, may edit the information associated
204: with the user.
205: .Sh FILES
1.9 aaron 206: .Bl -tag -width /var/tmp/pw.XXXXXXXX -compact
1.1 deraadt 207: .It Pa /etc/master.passwd
1.9 aaron 208: user database
1.1 deraadt 209: .It Pa /etc/passwd
1.9 aaron 210: a Version 7 format password file
1.2 deraadt 211: .It Pa /etc/ptmp
1.9 aaron 212: lock file for the passwd database
1.7 millert 213: .It Pa /var/tmp/pw.XXXXXXXX
1.9 aaron 214: temporary copy of the user passwd information
1.1 deraadt 215: .It Pa /etc/shells
1.9 aaron 216: list of approved shells
1.1 deraadt 217: .El
218: .Sh SEE ALSO
1.10 alex 219: .Xr finger 1 ,
1.1 deraadt 220: .Xr login 1 ,
221: .Xr passwd 1 ,
222: .Xr getusershell 3 ,
223: .Xr passwd 5 ,
224: .Xr pwd_mkdb 8 ,
225: .Xr vipw 8
226: .Rs
227: .%A Robert Morris
228: .%A Ken Thompson
1.4 gene 229: .%T "UNIX Password Security"
1.1 deraadt 230: .Re
231: .Sh BUGS
232: User information should (and eventually will) be stored elsewhere.
233: .Sh HISTORY
234: The
235: .Nm
1.11 aaron 236: command appeared in
1.1 deraadt 237: .Bx 4.3 Reno .