Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > G

getprpw(1M)

TO BE OBSOLETED
HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

NAME

getprpw — display protected password database

SYNOPSIS

getprpw [-l [-r] [-m parm[,parm]] username

DESCRIPTION

getprpw displays the user's protected password database settings. This command is available only to the superuser in a trusted system. Normally it is only used via SAM, see sam(1M).

getprpw uses the /etc/nsswitch.conf configuration file default if -l is not specified. See nsswitch.conf(4).

Options

getprpw recognizes the following options.

-l

Specifies to get information from the local user.

-r

Displays the arguments supplied to -m in raw format

-m

Displays the database value for the argument passed.

An "invalid-opt" is printed if a list of options passed to -m contains an invalid option. The rest of the options will be processed. If getprpw is specified without -m, all parameters are displayed in the order given below.

Boolean values are returned as YES, NO, or DFT (for system default values in /tcb/files/auth/system/default).

Numeric values are specified as positive numbers, 0, or -1. A value of -1 indicates that the field has not been assigned a value in the database.

Units of time are returned in number of days (>=0), although the database keeps them in seconds. This and other minor differences between the command parameters and the database fields are consistent with modprpw(1M).

The following parameters for the user can be displayed using the -m option.

They are listed below in the order shown in prot.h. The database fields are fully explained in prpwd(4).

uid

user uid

bootpw

boot authorization flag

audid

audit id

audflg

audit flag

mintm

minimum time between password changes

maxpwln

maximum password length

exptm

password expiration time

lftm

password lifetime

spwchg

last successful password change time

upwchg

last unsuccessful password change time

acctexp

account expiration time

llog

last login time interval

expwarn

password expiration warning time

usrpick

whether user picks password, YES/NO/DFT

syspnpw

whether system generates pronounceable passwords, YES/NO/DFT

rstrpw

whether password is restricted, i.e, checked for triviality, YES/NO/DFT

nullpw

NULL passwords are allowed, YES/NO/DFT. Not recommended!

syschpw

whether system generates passwords having characters only, YES/NO/DFT

sysltpw

whether system generates passwords having letters only, YES/NO/DFT

timeod

time of day allowed for login

slogint

time of last successful login

ulogint

time of last unsuccessful login

sloginy

tty of last successful login

culogin

consecutive number of unsuccessful logins so far

uloginy

tty of last unsuccessful login

umaxlntr

maximum unsuccessful login tries

alock

administrator lock, YES if on, NO if off, DFT if not set.

lockout

returns the reason for a lockout in a "bit" valued string, where 0 = condition not present, 1 is present. The position, left to right represents:

1 past password lifetime

2 past last login time (inactive account)

3 past absolute account lifetime

4 exceeded unsuccessful login attempts

5 password required and a null password

6 admin lock

7 password is a *

RETURN VALUE

0

success

1

user not privileged

2

incorrect usage

3

cannot find the password file

4

system is not trusted

EXAMPLES

Displays the database aging fields for user "someusr".

getprpw -m mintm,exptm,expwarn,lftm someusr The command displays: mintm=1, exptm=2, expwarn=-1, lftm=3

WARNINGS

This command is intended for SAM use only. It may change with each release and can not be guaranteed to be backward compatible.

Several database fields interact with others. The side effects of an individual change may not cause a problem till much later.

Special meanings may apply in the following cases:

  • an absent field

  • a field without a value

  • a field with a zero value

HP-UX 11i Version 3 is the last release to support trusted systems functionality.

AUTHOR

getprpw was developed by HP.

FILES

/etc/passwd

System Password file

/tcb/files/auth/*/*

Protected Password Database

/tcb/files/auth/system/default

System Defaults Database

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.