Annotation of src/usr.bin/chpass/chpass.1, Revision 1.14
1.14 ! aaron 1: .\" $OpenBSD: chpass.1,v 1.13 1999/08/21 19:34:40 niklas Exp $
1.2 deraadt 2: .\" $NetBSD: chpass.1,v 1.7 1996/05/15 21:50:40 jtc Exp $
1.1 deraadt 3: .\"
4: .\" Copyright (c) 1988, 1990, 1993
5: .\" The Regents of the University of California. All rights reserved.
6: .\"
7: .\" Redistribution and use in source and binary forms, with or without
8: .\" modification, are permitted provided that the following conditions
9: .\" are met:
10: .\" 1. Redistributions of source code must retain the above copyright
11: .\" notice, this list of conditions and the following disclaimer.
12: .\" 2. Redistributions in binary form must reproduce the above copyright
13: .\" notice, this list of conditions and the following disclaimer in the
14: .\" documentation and/or other materials provided with the distribution.
15: .\" 3. All advertising materials mentioning features or use of this software
16: .\" must display the following acknowledgement:
17: .\" This product includes software developed by the University of
18: .\" California, Berkeley and its contributors.
19: .\" 4. Neither the name of the University nor the names of its contributors
20: .\" may be used to endorse or promote products derived from this software
21: .\" without specific prior written permission.
22: .\"
23: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33: .\" SUCH DAMAGE.
34: .\"
35: .\" @(#)chpass.1 8.2 (Berkeley) 12/30/93
36: .\"
37: .Dd December 30, 1993
38: .Dt CHPASS 1
39: .Os
40: .Sh NAME
41: .Nm chpass
42: .Nd add or change user database information
43: .Sh SYNOPSIS
44: .Nm chpass
1.13 niklas 45: .Op Fl ly
1.1 deraadt 46: .Op Fl a Ar list
47: .Op Fl s Ar newshell
1.9 aaron 48: .Op Ar user
1.1 deraadt 49: .Sh DESCRIPTION
1.12 aaron 50: .Nm
1.1 deraadt 51: allows editing of the user database information associated
52: with
1.9 aaron 53: .Ar user ,
1.1 deraadt 54: or, by default, the current user.
55: The information is formatted and supplied to an editor for changes.
56: .Pp
57: Only the information that the user is allowed to change is displayed.
58: .Pp
1.13 niklas 59: If YP in enabled change requests are first tried in the local database,
60: and then in the YP database, if there was no entry to change locally.
61: .Pp
1.1 deraadt 62: The options are as follows:
63: .Bl -tag -width Ds
1.6 deraadt 64: .It Fl a Ar list
1.1 deraadt 65: The super-user is allowed to directly supply a user database
66: entry, in the format specified by
67: .Xr passwd 5 ,
68: as an argument.
1.9 aaron 69: This argument must be a colon
70: .Pq Sq \&:
71: separated list of all the
1.1 deraadt 72: user database fields, although they may be empty.
1.13 niklas 73: In YP environments this operation is not supported, only local additions
74: can be done and that requires use of the
75: .Fl l
76: flag.
77: .It Fl l
78: In environments where YP is enabled, always alter local information as
79: opposed to information in YP.
1.6 deraadt 80: .It Fl s Ar newshell
1.9 aaron 81: Attempts to change the user's shell to
1.1 deraadt 82: .Ar newshell .
1.13 niklas 83: .It Fl y
84: In environments where YP is enabled, always change the YP entry, even if this
85: is a modification request and there is a local entry for the specified user.
1.1 deraadt 86: .El
87: .Pp
88: Possible display items are as follows:
89: .Pp
1.14 ! aaron 90: .Bl -tag -width "Office Location:" -compact -offset indent
1.1 deraadt 91: .It Login:
92: user's login name
93: .It Password:
94: user's encrypted password
95: .It Uid:
96: user's login
97: .It Gid:
98: user's login group
99: .It Change:
100: password change time
101: .It Expire:
102: account expiration time
103: .It Class:
104: user's general classification
105: .It Home Directory:
106: user's home directory
107: .It Shell:
108: user's login shell
109: .It Full Name:
110: user's real name
1.14 ! aaron 111: .It Office Location:
! 112: user's office location
! 113: .It Office Phone:
! 114: user's office phone
1.1 deraadt 115: .It Home Phone:
116: user's home phone
117: .El
118: .Pp
119: The
120: .Ar login
121: field is the user name used to access the computer account.
122: .Pp
123: The
124: .Ar password
125: field contains the encrypted form of the user's password.
126: .Pp
127: The
128: .Ar uid
129: field is the number associated with the
130: .Ar login
131: field.
132: Both of these fields should be unique across the system (and often
133: across a group of systems) as they control file access.
134: .Pp
135: While it is possible to have multiple entries with identical login names
1.9 aaron 136: and/or identical user IDs, it is usually a mistake to do so. Routines
1.1 deraadt 137: that manipulate these files will often return only one of the multiple
138: entries, and that one by random selection.
139: .Pp
140: The
141: .Ar group
142: field is the group that the user will be placed in at login.
143: Since BSD supports multiple groups (see
1.9 aaron 144: .Xr groups 1 ),
1.1 deraadt 145: this field currently has little special meaning.
146: This field may be filled in with either a number or a group name (see
147: .Xr group 5 ) .
148: .Pp
149: The
150: .Ar change
151: field is the date by which the password must be changed.
152: .Pp
153: The
154: .Ar expire
155: field is the date on which the account expires.
156: .Pp
157: Both the
158: .Ar change
159: and
160: .Ar expire
161: fields should be entered in the form ``month day year'' where
162: .Ar month
163: is the month name (the first three characters are sufficient),
164: .Ar day
165: is the day of the month, and
166: .Ar year
167: is the year.
168: .Pp
169: The
170: .Ar class
171: field is currently unused. In the near future it will be a key to
172: a
173: .Xr termcap 5
174: style database of user attributes.
175: .Pp
176: The user's
177: .Ar home directory
178: is the full UNIX path name where the user
179: will be placed at login.
180: .Pp
181: The
182: .Ar shell
183: field is the command interpreter the user prefers.
184: If the
185: .Ar shell
1.9 aaron 186: field is empty, the Bourne shell
187: .Pq Pa /bin/sh
1.1 deraadt 188: is assumed.
189: When altering a login shell, and not the super-user, the user
190: may not change from a non-standard shell or to a non-standard
191: shell.
192: Non-standard is defined as a shell not found in
193: .Pa /etc/shells .
194: .Pp
195: The last four fields are for storing the user's
196: .Ar full name , office location ,
197: and
1.8 deraadt 198: .Ar work
1.1 deraadt 199: and
1.8 deraadt 200: .Ar home telephone
1.1 deraadt 201: numbers.
202: .Pp
203: Once the information has been verified,
1.12 aaron 204: .Nm
1.1 deraadt 205: uses
206: .Xr pwd_mkdb 8
207: to update the user database.
208: .Sh ENVIRONMENT
209: The
210: .Xr vi 1
1.5 deraadt 211: editor will be used unless the environment variable
212: .Ev EDITOR
213: is set to
1.1 deraadt 214: an alternate editor.
215: When the editor terminates, the information is re-read and used to
216: update the user database itself.
217: Only the user, or the super-user, may edit the information associated
218: with the user.
219: .Sh FILES
1.9 aaron 220: .Bl -tag -width /var/tmp/pw.XXXXXXXX -compact
1.1 deraadt 221: .It Pa /etc/master.passwd
1.9 aaron 222: user database
1.1 deraadt 223: .It Pa /etc/passwd
1.9 aaron 224: a Version 7 format password file
1.2 deraadt 225: .It Pa /etc/ptmp
1.9 aaron 226: lock file for the passwd database
1.7 millert 227: .It Pa /var/tmp/pw.XXXXXXXX
1.9 aaron 228: temporary copy of the user passwd information
1.1 deraadt 229: .It Pa /etc/shells
1.9 aaron 230: list of approved shells
1.1 deraadt 231: .El
232: .Sh SEE ALSO
1.10 alex 233: .Xr finger 1 ,
1.1 deraadt 234: .Xr login 1 ,
235: .Xr passwd 1 ,
236: .Xr getusershell 3 ,
237: .Xr passwd 5 ,
238: .Xr pwd_mkdb 8 ,
239: .Xr vipw 8
240: .Rs
241: .%A Robert Morris
242: .%A Ken Thompson
1.4 gene 243: .%T "UNIX Password Security"
1.1 deraadt 244: .Re
245: .Sh BUGS
246: User information should (and eventually will) be stored elsewhere.
247: .Sh HISTORY
248: The
249: .Nm
1.11 aaron 250: command appeared in
1.1 deraadt 251: .Bx 4.3 Reno .