Annotation of src/usr.bin/chpass/chpass.1, Revision 1.36
1.36 ! jmc 1: .\" $OpenBSD: chpass.1,v 1.35 2009/10/22 12:35:53 sobrado Exp $
1.2 deraadt 2: .\" $NetBSD: chpass.1,v 1.7 1996/05/15 21:50:40 jtc Exp $
1.1 deraadt 3: .\"
4: .\" Copyright (c) 1988, 1990, 1993
5: .\" The Regents of the University of California. All rights reserved.
6: .\"
7: .\" Redistribution and use in source and binary forms, with or without
8: .\" modification, are permitted provided that the following conditions
9: .\" are met:
10: .\" 1. Redistributions of source code must retain the above copyright
11: .\" notice, this list of conditions and the following disclaimer.
12: .\" 2. Redistributions in binary form must reproduce the above copyright
13: .\" notice, this list of conditions and the following disclaimer in the
14: .\" documentation and/or other materials provided with the distribution.
1.28 millert 15: .\" 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 16: .\" may be used to endorse or promote products derived from this software
17: .\" without specific prior written permission.
18: .\"
19: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29: .\" SUCH DAMAGE.
30: .\"
31: .\" @(#)chpass.1 8.2 (Berkeley) 12/30/93
32: .\"
1.36 ! jmc 33: .Dd $Mdocdate: October 22 2009 $
1.1 deraadt 34: .Dt CHPASS 1
35: .Os
36: .Sh NAME
1.16 aaron 37: .Nm chpass ,
38: .Nm chfn ,
39: .Nm chsh
1.1 deraadt 40: .Nd add or change user database information
41: .Sh SYNOPSIS
42: .Nm chpass
1.13 niklas 43: .Op Fl ly
1.1 deraadt 44: .Op Fl s Ar newshell
1.9 aaron 45: .Op Ar user
1.33 jmc 46: .Nm chpass
47: .Op Fl l
48: .Fl a Ar list
1.1 deraadt 49: .Sh DESCRIPTION
1.16 aaron 50: .Nm chpass
1.1 deraadt 51: allows editing of the user database information associated
52: with
1.9 aaron 53: .Ar user ,
1.1 deraadt 54: or, by default, the current user.
55: The information is formatted and supplied to an editor for changes.
56: .Pp
57: Only the information that the user is allowed to change is displayed.
58: .Pp
1.24 millert 59: If YP is enabled change requests are first tried in the local database,
1.13 niklas 60: and then in the YP database, if there was no entry to change locally.
1.16 aaron 61: .Pp
62: .Nm chfn
63: and
64: .Nm chsh
65: are synonyms for
66: .Nm chpass .
1.13 niklas 67: .Pp
1.1 deraadt 68: The options are as follows:
69: .Bl -tag -width Ds
1.6 deraadt 70: .It Fl a Ar list
1.18 aaron 71: The superuser is allowed to directly supply a user database
1.1 deraadt 72: entry, in the format specified by
73: .Xr passwd 5 ,
74: as an argument.
1.9 aaron 75: This argument must be a colon
76: .Pq Sq \&:
77: separated list of all the
1.1 deraadt 78: user database fields, although they may be empty.
1.19 aaron 79: This operation is not supported in YP environments; only local additions
80: can be performed which requires the
1.13 niklas 81: .Fl l
1.19 aaron 82: flag to be specified.
1.13 niklas 83: .It Fl l
84: In environments where YP is enabled, always alter local information as
85: opposed to information in YP.
1.6 deraadt 86: .It Fl s Ar newshell
1.9 aaron 87: Attempts to change the user's shell to
1.1 deraadt 88: .Ar newshell .
1.13 niklas 89: .It Fl y
90: In environments where YP is enabled, always change the YP entry, even if this
91: is a modification request and there is a local entry for the specified user.
1.1 deraadt 92: .El
93: .Pp
94: Possible display items are as follows:
95: .Pp
1.14 aaron 96: .Bl -tag -width "Office Location:" -compact -offset indent
1.1 deraadt 97: .It Login:
98: user's login name
99: .It Password:
100: user's encrypted password
101: .It Uid:
102: user's login
103: .It Gid:
104: user's login group
105: .It Change:
106: password change time
107: .It Expire:
108: account expiration time
109: .It Class:
110: user's general classification
111: .It Home Directory:
112: user's home directory
113: .It Shell:
114: user's login shell
115: .It Full Name:
116: user's real name
1.14 aaron 117: .It Office Location:
118: user's office location
119: .It Office Phone:
120: user's office phone
1.1 deraadt 121: .It Home Phone:
122: user's home phone
123: .El
124: .Pp
125: The
126: .Ar login
127: field is the user name used to access the computer account.
128: .Pp
129: The
130: .Ar password
131: field contains the encrypted form of the user's password.
132: .Pp
133: The
134: .Ar uid
135: field is the number associated with the
136: .Ar login
137: field.
138: Both of these fields should be unique across the system (and often
139: across a group of systems) as they control file access.
140: .Pp
141: While it is possible to have multiple entries with identical login names
1.17 aaron 142: and/or identical user IDs, it is usually a mistake to do so.
143: Routines that manipulate these files will often return only one of the multiple
1.1 deraadt 144: entries, and that one by random selection.
145: .Pp
146: The
147: .Ar group
148: field is the group that the user will be placed in at login.
149: Since BSD supports multiple groups (see
1.25 mpech 150: .Xr groups 1 ) ,
1.1 deraadt 151: this field currently has little special meaning.
152: This field may be filled in with either a number or a group name (see
153: .Xr group 5 ) .
154: .Pp
155: The
156: .Ar change
157: field is the date by which the password must be changed.
158: .Pp
159: The
160: .Ar expire
161: field is the date on which the account expires.
162: .Pp
163: Both the
164: .Ar change
165: and
166: .Ar expire
167: fields should be entered in the form ``month day year'' where
168: .Ar month
169: is the month name (the first three characters are sufficient),
170: .Ar day
171: is the day of the month, and
172: .Ar year
173: is the year.
174: .Pp
175: The
176: .Ar class
1.24 millert 177: field specifies a key in the
178: .Xr login.conf 5
179: database of login class attributes.
180: If empty, the
181: .Dq default
1.29 jmc 182: record is used.
1.1 deraadt 183: .Pp
184: The user's
185: .Ar home directory
1.35 sobrado 186: is the full
187: .Ux
188: path name where the user will be placed at login.
1.1 deraadt 189: .Pp
190: The
191: .Ar shell
192: field is the command interpreter the user prefers.
193: If the
194: .Ar shell
1.9 aaron 195: field is empty, the Bourne shell
196: .Pq Pa /bin/sh
1.1 deraadt 197: is assumed.
1.18 aaron 198: When altering a login shell, and not the superuser, the user
1.1 deraadt 199: may not change from a non-standard shell or to a non-standard
200: shell.
201: Non-standard is defined as a shell not found in
202: .Pa /etc/shells .
203: .Pp
204: The last four fields are for storing the user's
205: .Ar full name , office location ,
206: and
1.8 deraadt 207: .Ar work
1.1 deraadt 208: and
1.8 deraadt 209: .Ar home telephone
1.1 deraadt 210: numbers.
211: .Pp
212: Once the information has been verified,
1.12 aaron 213: .Nm
1.1 deraadt 214: uses
215: .Xr pwd_mkdb 8
216: to update the user database.
1.29 jmc 217: .Sh ENVIRONMENT
218: The
219: .Xr vi 1
220: editor will be used unless the environment variable
221: .Ev EDITOR
222: is set to
223: an alternate editor.
224: When the editor terminates, the information is re-read and used to
225: update the user database itself.
226: Only the user, or the superuser, may edit the information associated
227: with the user.
228: .Sh FILES
1.30 avsm 229: .Bl -tag -width /var/tmp/pw.XXXXXXXXXX -compact
1.29 jmc 230: .It Pa /etc/master.passwd
231: user database
232: .It Pa /etc/passwd
1.36 ! jmc 233: user database, with confidential information removed
1.29 jmc 234: .It Pa /etc/ptmp
235: lock file for the passwd database
236: .It Pa /etc/shells
237: list of approved shells
1.31 avsm 238: .It Pa /var/tmp/pw.XXXXXXXXXX
1.29 jmc 239: temporary copy of the user passwd information
240: .El
1.20 aaron 241: .Sh DIAGNOSTICS
242: .Bl -diag
1.26 millert 243: .It "Attempting lock password file, please wait or press ^C to abort"
244: .Pp
245: The password file is currently locked by another process;
246: .Nm
247: will keep trying to lock the password file until it succeeds or
1.32 jmc 248: the user hits the interrupt character (control-C by default).
1.26 millert 249: If
250: .Nm
251: is interrupted while trying to gain the lock any changes made will be lost.
252: .Pp
253: If the process holding the lock was prematurely terminated the lock
254: file may be stale and
255: .Nm
256: will wait forever trying to lock the password file.
257: To determine whether a live process is actually holding the lock, the
1.23 millert 258: admin may run the following:
259: .Bd -literal -offset indent
1.27 mpech 260: $ fstat /etc/ptmp
1.23 millert 261: .Ed
262: .Pp
263: If no process is listed, it is safe to remove the
1.20 aaron 264: .Pa /etc/ptmp
1.26 millert 265: file to clear the error.
1.1 deraadt 266: .El
267: .Sh SEE ALSO
1.10 alex 268: .Xr finger 1 ,
1.1 deraadt 269: .Xr login 1 ,
270: .Xr passwd 1 ,
271: .Xr getusershell 3 ,
1.24 millert 272: .Xr login.conf 5 ,
1.1 deraadt 273: .Xr passwd 5 ,
274: .Xr pwd_mkdb 8 ,
275: .Xr vipw 8
276: .Rs
1.22 deraadt 277: .%A Robert Morris
278: .%A Ken Thompson
1.4 gene 279: .%T "UNIX Password Security"
1.1 deraadt 280: .Re
281: .Sh HISTORY
282: The
283: .Nm
1.11 aaron 284: command appeared in
1.1 deraadt 285: .Bx 4.3 Reno .
1.15 aaron 286: .Sh BUGS
287: User information should (and eventually will) be stored elsewhere.
![[BACK]](/icons/back.gif){kind=icon}
Return to chpass.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / chpass