Annotation of src/usr.bin/passwd/passwd.1, Revision 1.1.1.1
1.1 deraadt 1: .\" Copyright (c) 1990 The Regents of the University of California.
2: .\" All rights reserved.
3: .\"
4: .\" Redistribution and use in source and binary forms, with or without
5: .\" modification, are permitted provided that the following conditions
6: .\" are met:
7: .\" 1. Redistributions of source code must retain the above copyright
8: .\" notice, this list of conditions and the following disclaimer.
9: .\" 2. Redistributions in binary form must reproduce the above copyright
10: .\" notice, this list of conditions and the following disclaimer in the
11: .\" documentation and/or other materials provided with the distribution.
12: .\" 3. All advertising materials mentioning features or use of this software
13: .\" must display the following acknowledgement:
14: .\" This product includes software developed by the University of
15: .\" California, Berkeley and its contributors.
16: .\" 4. Neither the name of the University nor the names of its contributors
17: .\" may be used to endorse or promote products derived from this software
18: .\" without specific prior written permission.
19: .\"
20: .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: .\" SUCH DAMAGE.
31: .\"
32: .\" from: @(#)passwd.1 6.11 (Berkeley) 7/24/91
33: .\" $Id: passwd.1,v 1.5 1995/02/12 17:45:56 phil Exp $
34: .\"
35: .Dd July 24, 1991
36: .Dt PASSWD 1
37: .Os BSD 4
38: .Sh NAME
39: .Nm passwd
40: .Nd modify a user's password
41: .Sh SYNOPSIS
42: .Nm passwd
43: .Op Fl l
44: .Op Fl k
45: .Op Fl y
46: .Op Ar user
47: .Nm yppasswd
48: .Op Ar user
49: .Sh DESCRIPTION
50: .Nm Passwd
51: changes the user's local, Kerberos, or YP password. First, the user is prompted
52: for their current password.
53: If the current password is correctly typed, a new password is
54: requested.
55: The new password must be entered twice to avoid typing errors.
56: .Pp
57: The new password should be at least six characters long and not
58: purely alphabetic.
59: Its total length must be less than
60: .Dv _PASSWORD_LEN
61: (currently 128 characters).
62: Numbers, upper case letters and meta characters
63: are encouraged.
64: .Bl -tag -width flag
65: .It Fl l
66: This option causes the password to be updated only in the local
67: password file. When changing only the local password,
68: .Xr pwd_mkdb 8
69: is used to update the password databases.
70: .It Fl k
71: This option forces the change to affect the Kerberos database, even
72: if the user has a password in the local database.
73: Once the password has been verified,
74: .Nm passwd
75: communicates the new password information to
76: the Kerberos authenticating host.
77: .It Fl y
78: This forces the YP password database entry to be changed, even if
79: the user has an entry in the local database. The
80: .Xr rpc.yppasswdd 8
81: daemon should be running on the YP master server.
82: .Nm yppasswd
83: is the equivalent of
84: .Nm passwd
85: with the
86: .Fl y
87: flag.
88: .El
89: .Pp
90: This is the behavior if no flags are specified:
91: if Kerberos is active then
92: .Nm passwd
93: will talk to the Kerberos server (even if the user has an entry
94: in the local database.)
95: If the password is not in the local password database, then
96: an attempt is made to use the YP database.
97: .Pp
98: To change another user's Kerberos password, one must first
99: run
100: .Xr kinit 1
101: followed by
102: .Xr passwd 1 .
103: The super-user is not required to provide a user's current password
104: if only the local password is modified.
105: .Sh FILES
106: .Bl -tag -width /etc/master.passwd -compact
107: .It Pa /etc/master.passwd
108: The user database
109: .It Pa /etc/passwd
110: A Version 7 format password file
111: .It Pa /etc/passwd.XXXXXX
112: Temporary copy of the password file
113: .El
114: .Sh SEE ALSO
115: .Xr chpass 1 ,
116: .Xr kerberos 1 ,
117: .Xr kinit 1 ,
118: .Xr login 1 ,
119: .Xr passwd 5 ,
120: .Xr kpasswdd 8 ,
121: .Xr pwd_mkdb 8 ,
122: .Xr vipw 8
123: .Rs
124: .%A Robert Morris
125: .%A Ken Thompson
126: .%T "UNIX password security"
127: .Re
128: .Sh HISTORY
129: A
130: .Nm passwd
131: command appeared in
132: .At v6 .