|HP-UX Reference > P
HP-UX 11i Version 3: February 2007
passwd — password file
/etc/passwd contains the following information for each user:
This is an ASCII file. Each field within each user's entry is separated from the next by a colon. Each user is separated from the next by a newline. This file resides in the /etc directory. It can and does have general read permission and can be used, for example, to map numerical user IDs to names.
getpwent(3C) returns a pointer to a user's entry passwd structure declared in <pwd.h>
The login name must begin with an alpha character and may only contain alphanumeric and underscore characters. If the login directory is null, the user will be placed in / by default. If the login shell is null, /usr/bin/sh is used.
It is suggested that the range 0-99 not be used for user and group IDs so that IDs that might be assigned for system software do not conflict.
The gecos field may contain the following identification: user's full name, office location, extension, and home phone. The gecos field can be set by use of the chfn command and is displayed by the finger command (see chfn(1) and finger(1)). These two commands assume the information in this field is in the order listed above. A portion of the user's real name can be represented in the gecos field by an & character, which some utilities (including finger) expand by substituting the login name for it and shifting the first letter of the login name to uppercase.
On a non-shadowed standard system, all password fields contain the actual encrypted password. On a shadowed standard system, all password fields contain an `x', while the actual encrypted passwords reside in /etc/shadow. On a trusted system, all password fields contain a `*' and the actual encrypted passwords reside in the Protected Password Database.
The following description of the password field applies only to the password field of an entry in /etc/passwd that contains an actual encrypted password. See the shadow(4) manpage for details about encrypted passwords that reside in /etc/shadow, and see the SECURITY FEATURES section of this manpage for details about encrypted passwords that reside on a trusted system.
If the password field is null, there is no password and no password is demanded on login. Otherwise, this field consists of an encrypted password with an optional password aging subfield.
The encrypted password consists of 13 characters chosen from a 64-character set of "digits" described below, Login can be prevented by entering in the password field a character that is not part of the set of digits (such as *).
The characters used to represent "digits" are . for 0, / for 1, 0 through 9 for 2 through 11, A through Z for 12 through 37, and a through z for 38 through 63.
Password aging is put in effect for a particular user if his encrypted password in the password file is followed by a comma and a non-null string of characters from the above alphabet. (Such a string must be introduced in the first instance by a superuser.) This string defines the "age" needed to implement password aging.
UNIX keeps internal time stamps in a format with a base date of Thursday January 1, 1970. Because of this, passwd considers the beginning of a week to be 00:00 GMT Thursday.
The first character of the age, M, denotes the maximum number of weeks for which a password is valid. A user who attempts to login after his password has expired is forced to supply a new one. The next character, m, denotes the minimum period in weeks that must expire before the password can be changed. The remaining two characters define the week when the password was last changed (a null string is equivalent to zero). M and m have numerical values in the range 0 through 63 that correspond to the 64-character set of "digits" shown above.
If m = M = 0 (derived from the string . or ..), the user is forced to change his password next time he logs in (and the "age" disappears from his entry in the password file). If m > M (signified, for example, by the string ./), then only a superuser (not the user) can change the password. Not allowing the user to ever change the password is discouraged.
This section applies only to trusted systems. Note that HP-UX 11i Version 3 is the last release to support trusted systems functionality.
On a trusted system the password field always contains * by default. Password and aging information are instead part of the Protected Password Database.
On trusted systems, the encrypted password for each user is stored in the file /tcb/files/auth/ c /user_name (where c is the first letter in user_name). Password information files are not accessible to the public. The encrypted password can be longer than 13 characters. For example, the password file for user david is stored in /tcb/files/auth/d/david. In addition to the password, the user profiles in /tcb/files/auth/*/* also have many other fields, including:
Like /etc/passwd, this file is an ASCII file. Fields within each user's entry are separated by colons. Refer to authcap(4) and prpwd(4) for details. The passwords contained in /tcb/files/auth/*/* take precedence over those contained in the encrypted password field of /etc/passwd. User authentication is done using the encrypted passwords in this file. For a description of the password aging mechanism, see the SECURITY FEATURES section of passwd(1).
For more information about passwords and converting to a trusted system, see HP-UX System Administrator's Guide and sam(1M).
The passwd file can have entries that begin with a plus (+) or minus (-) sign in the first column. Such lines are used to access the Network Information System database. A line beginning with a plus (+) is used to incorporate entries from the Network Information System. There are three styles of + entries:
If a + entry has a non-null password, directory, gecos, or shell field, they override what is contained in the Network Information System. The numerical user ID and group ID fields cannot be overridden.
The passwd file can also have lines beginning with a minus (-), which disallow entries from the Network Information System. There are two styles of - entries:
The plus (+) and minus (-) features are NIS functionality; therefore, if NIS is not installed, they do not work. Also, these features work only with /etc/passwd.
The uid of -2 is reserved for remote root access by means of NFS. The user name usually given to this uid is nobody. Since uids are stored as signed values, the following define is included in <pwd.h> to match the user nobody.
The login shell for the root user (uid 0) must be /sbin/sh to guarantee the system can always boot. Other shells such as sh, ksh, and csh are all located under the /usr directory which may not be mounted during earlier stages of the bootup process. Changing the login shell of the root user to a value other than /sbin/sh is allowed but may result in a non-functional system.
The information kept in the gecos field may conflict with unsupported or future uses of this field. Use of the gecos field for keeping user identification information has not been formalized within any of the industry standards. The current use of this field is derived from its use within the Berkeley Software Distribution. Future standards may define this field for other purposes.
The following fields have size limitations as noted:
The following fields have numerical limitations as noted:
HP-UX 11i Version 3 is the last release to support trusted systems functionality.
Shadow Password Example
root:x:0:10:System Administrator:/:/sbin/sh joe:x:100:50:Joe User,Post 4A,12345:/home/joe:/usr/bin/ksh
If the system has been converted to a shadowed standard system, the password fields of user root and user joe contain an 'x', and the actual encrypted passwords reside in /etc/shadow. If it was a non-shadowed standard system, the password fields of user root and user joe would contain the actual encrypted passwords.
root:3Km/o4Cyq84Xc:0:10:System Administrator:/:/sbin/sh joe:r4hRJr4GJ4CqE:100:50:Joe User,Post 4A,12345:/home/joe:/usr/bin/ksh +john: -bob: +@documentation:no-login: -@marketing: +:::Guest
In the NIS example, there are specific entries for users root and joe, in case the Network Information System is out of order.