userdb — user database for per-user information
The user database is used for storing per-user information.
It consists of the
directory and the files within it.
Each file name is a two-digit hexadecimal number from
The directory and files are created either at installation time or by the
The per-user information resides in user entries in the
database, and consists of any number of
pairs, which are used to define the behavior of configurable
A per-user value in
overrides any corresponding system-wide default configured in
file, as described in
file indicates which attributes can be
configured with a per-user value in
This list includes the following attributes which are described in
Allow or do not allow null passwords.
Audit or do not audit users.
Maximum number of authentication failures allowed.
Display or do not display last login information.
Restrict login time periods.
Minimum password length.
Number of simultaneous logins allowed per user.
Password history depth.
Minimum number of lower case characters allowed in a password.
Minimum number of upper case characters allowed in a password.
Minimum number of digit characters allowed in a password.
Minimum number of special characters allowed in a password.
Define umask for file creation.
When defining attributes,
first configure default values in
as described in
and then configure per-user exceptions in the user database,
In addition to the configurable attributes, there are internal
attributes that are not user configurable and are normally modified
only by programs that enforce system security. The file
indicates which attributes are configurable and which are internal.
to verify or fix information in the user database,
To disable the user database, create a file called
This causes all database
reads and writes to return an error code indicating that the
database is disabled and should be ignored.
Note that, if the user database is disabled for a long period
and then re-enabled, it will contain stale data. This can
cause unwanted side effects.
to modify information in
Do not use a text editor, because the database contains checksums and
other binary data, and editors do not follow the file locking
conventions that are used to control access to the database.
NFS mounting this database is not supported.
security defaults configuration file
security attributes description file