270 lines
6.9 KiB
Groff
270 lines
6.9 KiB
Groff
.\" $NetBSD: chpass.1,v 1.19 2002/09/30 09:41:49 grant Exp $
|
|
.\"
|
|
.\" Copyright (c) 1988, 1990, 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)chpass.1 8.2 (Berkeley) 12/30/93
|
|
.\"
|
|
.Dd December 30, 1993
|
|
.Dt CHPASS 1
|
|
.Os
|
|
.Sh NAME
|
|
.Nm chpass ,
|
|
.Nm chfn ,
|
|
.Nm chsh
|
|
.Nd add or change user database information
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Fl a Ar list
|
|
.Op Fl s Ar newshell
|
|
.Op Fl l
|
|
.Op user
|
|
.Nm chpass
|
|
.Op Fl a Ar list
|
|
.Op Fl s Ar newshell
|
|
.Op Fl y
|
|
.Op user
|
|
.Sh DESCRIPTION
|
|
.Nm
|
|
allows editing of the user database information associated
|
|
with
|
|
.Ar user
|
|
or, by default, the current user.
|
|
The information is formatted and supplied to an editor for changes.
|
|
.Pp
|
|
Only the information that the user is allowed to change is displayed.
|
|
.Pp
|
|
The options are as follows:
|
|
.Bl -tag -width Ds
|
|
.It Fl a
|
|
The super-user is allowed to directly supply a user database
|
|
entry, in the format specified by
|
|
.Xr passwd 5 ,
|
|
as an argument.
|
|
This argument must be a colon
|
|
.Pq Dq \&:
|
|
separated list of all the
|
|
user database fields, although they may be empty.
|
|
.It Fl s
|
|
The
|
|
.Fl s
|
|
option attempts to change the user's shell to
|
|
.Ar newshell .
|
|
.It Fl l
|
|
This option causes the password to be updated only in the local
|
|
password file.
|
|
When changing only the local password,
|
|
.Xr pwd_mkdb 8
|
|
is used to update the password databases.
|
|
.It Fl y
|
|
This forces the YP password database entry to be changed, even if
|
|
the user has an entry in the local database.
|
|
The
|
|
.Xr rpc.yppasswdd 8
|
|
daemon should be running on the YP master server.
|
|
.El
|
|
.Pp
|
|
Possible display items are as follows:
|
|
.Pp
|
|
.Bl -tag -width "Home Directory:" -compact -offset indent
|
|
.It Login :
|
|
user's login name
|
|
.It Password :
|
|
user's encrypted password
|
|
.It Uid :
|
|
user's login
|
|
.It Gid :
|
|
user's login group
|
|
.It Change :
|
|
password change time
|
|
.It Expire :
|
|
account expiration time
|
|
.It Class :
|
|
user's general classification
|
|
.It Home Directory :
|
|
user's home directory
|
|
.It Shell :
|
|
user's login shell
|
|
.It Full Name :
|
|
user's real name
|
|
.It Location :
|
|
user's normal location
|
|
.It Home Phone :
|
|
user's home phone
|
|
.It Office Phone :
|
|
user's office phone
|
|
.El
|
|
.Pp
|
|
The
|
|
.Ar login
|
|
field is the user name used to access the computer account.
|
|
.Pp
|
|
The
|
|
.Ar password
|
|
field contains the encrypted form of the user's password.
|
|
.Pp
|
|
The
|
|
.Ar uid
|
|
field is the number associated with the
|
|
.Ar login
|
|
field.
|
|
Both of these fields should be unique across the system (and often
|
|
across a group of systems) as they control file access.
|
|
.Pp
|
|
While it is possible to have multiple entries with identical login names
|
|
and/or identical user id's, it is usually a mistake to do so.
|
|
Routines
|
|
that manipulate these files will often return only one of the multiple
|
|
entries, and that one by random selection.
|
|
.Pp
|
|
The
|
|
.Ar group
|
|
field is the group that the user will be placed in at login.
|
|
Since
|
|
.Bx
|
|
supports multiple groups (see
|
|
.Xr groups 1 )
|
|
this field currently has little special meaning.
|
|
This field may be filled in with either a number or a group name (see
|
|
.Xr group 5 ) .
|
|
.Pp
|
|
The
|
|
.Ar change
|
|
field is the date by which the password must be changed.
|
|
.Pp
|
|
The
|
|
.Ar expire
|
|
field is the date on which the account expires.
|
|
.Pp
|
|
Both the
|
|
.Ar change
|
|
and
|
|
.Ar expire
|
|
fields should be entered in the form
|
|
.Dq month day year
|
|
where
|
|
.Ar month
|
|
is the month name (the first three characters are sufficient),
|
|
.Ar day
|
|
is the day of the month, and
|
|
.Ar year
|
|
is the year.
|
|
.Pp
|
|
The
|
|
.Ar class
|
|
field is currently unused.
|
|
In the near future it will be a key to
|
|
a
|
|
.Xr termcap 5
|
|
style database of user attributes.
|
|
.Pp
|
|
The user's
|
|
.Ar home directory
|
|
is the full
|
|
.Ux
|
|
path name where the user will be placed at login.
|
|
.Pp
|
|
The
|
|
.Ar shell
|
|
field is the command interpreter the user prefers.
|
|
If the
|
|
.Ar shell
|
|
field is empty, the Bourne shell,
|
|
.Pa /bin/sh ,
|
|
is assumed.
|
|
When altering a login shell, and not the super-user, the user
|
|
may not change from a non-standard shell or to a non-standard
|
|
shell.
|
|
Non-standard is defined as a shell not found in
|
|
.Pa /etc/shells .
|
|
.Pp
|
|
The last four fields are for storing the user's
|
|
.Ar full name , office location ,
|
|
and
|
|
.Ar home
|
|
and
|
|
.Ar work telephone
|
|
numbers.
|
|
.Pp
|
|
Once the information has been verified,
|
|
.Nm
|
|
uses
|
|
.Xr pwd_mkdb 8
|
|
to update the user database.
|
|
.Sh ENVIRONMENT
|
|
The
|
|
.Xr vi 1
|
|
editor will be used unless the environment variable
|
|
.Ev EDITOR
|
|
is set to an alternative editor.
|
|
When the editor terminates, the information is re-read and used to
|
|
update the user database itself.
|
|
Only the user, or the super-user, may edit the information associated
|
|
with the user.
|
|
.Sh FILES
|
|
.Bl -tag -width /etc/master.passwd -compact
|
|
.It Pa /etc/master.passwd
|
|
The user database
|
|
.It Pa /etc/passwd
|
|
A Version 7 format password file
|
|
.It Pa /etc/ptmp
|
|
Lock file for the passwd database
|
|
.It Pa /etc/pw.XXXXXX
|
|
Temporary copy of the user passwd information
|
|
.It Pa /etc/shells
|
|
The list of approved shells
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr finger 1 ,
|
|
.Xr login 1 ,
|
|
.Xr passwd 1 ,
|
|
.Xr getusershell 3 ,
|
|
.Xr passwd 5 ,
|
|
.Xr passwd.conf 5 ,
|
|
.Xr pwd_mkdb 8 ,
|
|
.Xr vipw 8
|
|
.Rs
|
|
.%A Robert Morris
|
|
.%A Ken Thompson
|
|
.%T "UNIX Password Security"
|
|
.Re
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
command appeared in
|
|
.Bx 4.3 Reno .
|
|
.Sh BUGS
|
|
This program's interface is poorly suited to cryptographic systems such as
|
|
Kerberos, and consequently Kerberos password changing is not a feature of
|
|
this program.
|
|
.Pp
|
|
User information should (and eventually will) be stored elsewhere.
|