SHADOW man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

SHADOW(4)							     SHADOW(4)

NAME
       shadow - shadow password file

DESCRIPTION
       /etc/shadow  is	an  access-restricted  ASCII  system  file that stores
       users' encrypted passwords and related information. The shadow file can
       be  used	 in  conjunction  with other shadow sources, including the NIS
       maps passwd.byname and passwd.byuid and the NIS+	 table	passwd.	  Pro‐
       grams use the getspnam(3C) routines to access this information.

       The  fields  for	 each user entry are separated by colons. Each user is
       separated from the next by a  newline.  Unlike  the  /etc/passwd	 file,
       /etc/shadow does not have general read permission.

       Each entry in the shadow file has the form:

	 username:password:lastchg:min:max:warn:inactive:expire:flag

       The fields are defined as follows:

       username
		   The user's login name (UID).

       password
		   An  encrypted password for the user generated by crypt(3C),
		   a lock string to indicate that the login is not accessible,
		   or no string, which shows that there is no password for the
		   login.

		   The lock string is defined as *LK* in the first four	 char‐
		   acters of the password field.

       lastchg
		   The	number	of  days between January 1, 1970, and the date
		   that the password was last modified. The lastchg value is a
		   decimal number, as interpreted by strtol(3C).

       min
		   The	minimum	 number	 of  days  required  between  password
		   changes. This field must be set to 0	 or  above  to	enable
		   password aging.

       max
		   The maximum number of days the password is valid.

       warn
		   The number of days before password expires that the user is
		   warned.

       inactive
		   The number of days of inactivity  allowed  for  that	 user.
		   This	 is  counted  on  a per-machine basis; the information
		   about the last login is taken from  the  machine's  lastlog
		   file.

       expire
		   An  absolute date expressed as the number of days since the
		   Unix Epoch (January 1, 1970). When this number  is  reached
		   the	login  can  no	longer be used. For example, an expire
		   value of 13514 specifies a login expiration of  January  1,
		   2007.

       flag
		   Failed  login  count	 in  low  order	 four  bits; remainder
		   reserved for future use, set to zero.

       A value of -1 for min, max, or warn disables password aging.

       The encrypted password consists of at most CRYPT_MAXCIPHERTEXTLEN char‐
       acters  chosen  from a 64-character alphabet (., /, 0−9, A−Z, a−z). Two
       additional special characters, "$" and ",", can also be	used  and  are
       defined	in  crypt(3C).	To  update this file, use the passwd(1), user‐
       add(1M), usermod(1M), or userdel(1M) commands.

       In order to make system administration manageable, /etc/shadow  entries
       should  appear  in  exactly the same order as /etc/passwd entries; this
       includes ``+'' and ``-'' entries if the compat  source  is  being  used
       (see nsswitch.conf(4)).

       Values for the various time-related fields are interpreted as Greenwich
       Mean Time.

FILES
       /etc/shadow
			     shadow password file

       /etc/passwd
			     password file

       /etc/nsswitch.conf
			     name-service switch configuration file

       /var/adm/lastlog
			     time of last login

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌────────────────────┬─────────────────┐
       │  ATTRIBUTE TYPE    │ ATTRIBUTE VALUE │
       ├────────────────────┼─────────────────┤
       │Interface Stability │ Stable	      │
       └────────────────────┴─────────────────┘

SEE ALSO
       login(1), passwd(1), useradd(1M), userdel(1M), usermod(1M), strtol(3C),
       crypt(3C),    crypt_gensalt(3C),	  getspnam(3C),	  putspent(3C),	  nss‐
       witch.conf(4),	 passwd(4),    attributes(5),	  pam_unix_account(5),
       pam_unix_auth(5)

NOTES
       If  password aging is turned on in any name service the passwd: line in
       the /etc/nsswitch.conf file must have a format specified	 in  the  nss‐
       witch.conf(4) man page.

       If  the /etc/nsswitch.conf passwd policy is not in one of the supported
       formats, logins will not be allowed upon password  expiration,  because
       the  software  does not know how to handle password updates under these
       conditions.  See nsswitch.conf(4) for additional information.

				 Sep 15, 2005			     SHADOW(4)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net