1 '\" te
2 .\" Copyright 1989 AT&T
3 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
5 .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
6 .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 .TH PASSWD 1 "May 31, 2013"
8 .SH NAME
9 passwd \- change login password and password attributes
10 .SH SYNOPSIS
11 .LP
12 .nf
13 \fBpasswd\fR [\fB-r\fR files | \fB-r\fR ldap | \fB-r\fR nis | \fB-r\fR nisplus] [\fIname\fR]
14 .fi
15
16 .LP
17 .nf
18 \fBpasswd\fR [\fB-r\fR files] [\fB-egh\fR] [\fIname\fR]
19 .fi
20
21 .LP
22 .nf
23 \fBpasswd\fR [\fB-r\fR files] \fB-s\fR [\fB-a\fR]
24 .fi
25
26 .LP
27 .nf
63 .nf
64 \fBpasswd\fR \fB-r\fR nisplus [\fB-egh\fR] [\fB-D\fR \fIdomainname\fR] [\fIname\fR]
65 .fi
66
67 .LP
68 .nf
69 \fBpasswd\fR \fB-r\fR nisplus \fB-s\fR [\fB-a\fR]
70 .fi
71
72 .LP
73 .nf
74 \fBpasswd\fR \fB-r\fR nisplus [\fB-D\fR \fIdomainname\fR] \fB-s\fR [\fIname\fR]
75 .fi
76
77 .LP
78 .nf
79 \fBpasswd\fR \fB-r\fR nisplus [\fB-l\fR | \fB-u\fR | \fB-N\fR] [\fB-f\fR] [\fB-n\fR \fImin\fR] [\fB-w\fR \fIwarn\fR]
80 [\fB-x\fR \fImax\fR] [\fB-D\fR \fIdomainname\fR] \fIname\fR
81 .fi
82
83 .SH DESCRIPTION
84 .sp
85 .LP
86 The \fBpasswd\fR command changes the password or lists password attributes
87 associated with the user's login \fIname\fR. Additionally, privileged users can
88 use \fBpasswd\fR to install or change passwords and attributes associated with
89 any login \fIname\fR.
90 .sp
91 .LP
92 When used to change a password, \fBpasswd\fR prompts everyone for their old
93 password, if any. It then prompts for the new password twice. When the old
94 password is entered, \fBpasswd\fR checks to see if it has aged sufficiently. If
95 \fBaging\fR is insufficient, \fBpasswd\fR terminates; see \fBpwconv\fR(1M),
96 \fBnistbladm\fR(1), and \fBshadow\fR(4) for additional information.
97 .sp
98 .LP
99 The \fBpwconv\fR command creates and updates \fB/etc/shadow\fR with information
100 from \fB/etc/passwd\fR. \fBpwconv\fR relies on a special value of \fBx\fR in
101 the password field of \fB/etc/passwd\fR. This value of \fBx\fRindicates that
102 the password for the user is already in \fB/etc/shadow\fR and should not be
103 modified.
104 .sp
350 .ne 2
351 .na
352 \fB\fImax\fR\fR
353 .ad
354 .RS 12n
355 The maximum number of days the password is valid for \fIname\fR. \fBMAXWEEKS\fR
356 is found in \fB/etc/default/passwd\fR and is set to \fBNULL\fR.
357 .RE
358
359 .sp
360 .ne 2
361 .na
362 \fB\fIwarn\fR\fR
363 .ad
364 .RS 12n
365 The number of days relative to \fImax\fR before the password expires and the
366 \fIname\fR are warned.
367 .RE
368
369 .SS "Security"
370 .sp
371 .LP
372 \fBpasswd\fR uses \fBpam\fR(3PAM) for password change. It calls PAM with a
373 service name \fBpasswd\fR and uses service module type \fBauth\fR for
374 authentication and password for password change.
375 .sp
376 .LP
377 Locking an account (\fB-l\fR option) does not allow its use for password based
378 login or delayed execution (such as \fBat\fR(1), \fBbatch\fR(1), or
379 \fBcron\fR(1M)). The \fB-N\fR option can be used to disallow password based
380 login, while continuing to allow delayed execution.
381 .SH OPTIONS
382 .sp
383 .LP
384 The following options are supported:
385 .sp
386 .ne 2
387 .na
388 \fB\fB-a\fR\fR
389 .ad
390 .RS 17n
391 Shows password attributes for all entries. Use only with the \fB-s\fR option.
392 \fIname\fR must not be provided. For the \fBnisplus\fR repository, this shows
393 only the entries in the NIS+ password table in the local domain that the
394 invoker is authorized to read. For the \fBfiles\fR and \fBldap\fR repositories,
395 this is restricted to the superuser.
396 .RE
397
398 .sp
399 .ne 2
400 .na
401 \fB\fB-D\fR \fIdomainname\fR\fR
402 .ad
502 \fB\fBPS\fR\fR
503 .ad
504 .RS 6n
505 The account probably has a valid password.
506 .RE
507
508 .sp
509 .ne 2
510 .na
511 \fB\fBUN\fR\fR
512 .ad
513 .RS 6n
514 The data in the password field is unknown. It is not a recognizable hashed
515 password or any of the above entries. See \fBcrypt\fR(3C) for valid password
516 hashes.
517 .RE
518
519 .RE
520
521 .SS "Privileged User Options"
522 .sp
523 .LP
524 Only a privileged user can use the following options:
525 .sp
526 .ne 2
527 .na
528 \fB\fB-d\fR\fR
529 .ad
530 .RS 11n
531 Deletes password for \fIname\fR and unlocks the account. The login \fIname\fR
532 is not prompted for password. It is only applicable to the \fBfiles\fR and
533 \fBldap\fR repositories.
534 .sp
535 If the \fBlogin\fR(1) option \fBPASSREQ=YES\fR is configured, the account is
536 not able to login. \fBPASSREQ=YES\fR is the delivered default.
537 .RE
538
539 .sp
540 .ne 2
541 .na
542 \fB\fB-f\fR\fR
595 .na
596 \fB\fB-w\fR \fIwarn\fR\fR
597 .ad
598 .RS 11n
599 Sets warn field for \fIname\fR. The \fIwarn\fR field contains the number of
600 days before the password expires and the user is warned. This option is not
601 valid if password aging is disabled.
602 .RE
603
604 .sp
605 .ne 2
606 .na
607 \fB\fB-x\fR \fImax\fR\fR
608 .ad
609 .RS 11n
610 Sets maximum field for \fIname\fR. The \fImax\fR field contains the number of
611 days that the password is valid for \fIname\fR. The aging for \fIname\fR is
612 turned off immediately if \fImax\fR is set to \fB\(mi1\fR\&.
613 .RE
614
615 .SH OPERANDS
616 .sp
617 .LP
618 The following operand is supported:
619 .sp
620 .ne 2
621 .na
622 \fB\fIname\fR\fR
623 .ad
624 .RS 8n
625 User login name.
626 .RE
627
628 .SH ENVIRONMENT VARIABLES
629 .sp
630 .LP
631 If any of the \fBLC_*\fR variables, that is, \fBLC_CTYPE\fR, \fBLC_MESSAGES\fR,
632 \fBLC_TIME\fR, \fBLC_COLLATE\fR, \fBLC_NUMERIC\fR, and \fBLC_MONETARY\fR (see
633 \fBenviron\fR(5)), are not set in the environment, the operational behavior of
634 \fBpasswd\fR for each corresponding locale category is determined by the value
635 of the \fBLANG\fR environment variable. If \fBLC_ALL\fR is set, its contents
636 are used to override both the \fBLANG\fR and the other \fBLC_*\fR variables. If
637 none of the above variables is set in the environment, the \fBC\fR (U.S. style)
638 locale determines how \fBpasswd\fR behaves.
639 .sp
640 .ne 2
641 .na
642 \fB\fBLC_CTYPE\fR\fR
643 .ad
644 .RS 15n
645 Determines how \fBpasswd\fR handles characters. When \fBLC_CTYPE\fR is set to a
646 valid value, \fBpasswd\fR can display and handle text and filenames containing
647 valid characters for that locale. \fBpasswd\fR can display and handle Extended
648 Unix Code (\fBEUC\fR) characters where any individual character can be 1, 2, or
649 3 bytes wide. \fBpasswd\fR can also handle \fBEUC\fR characters of 1, 2, or
650 more column widths. In the \fBC\fR locale, only characters from ISO 8859-1 are
651 valid.
652 .RE
653
654 .sp
655 .ne 2
656 .na
657 \fB\fBLC_MESSAGES\fR\fR
658 .ad
659 .RS 15n
660 Determines how diagnostic and informative messages are presented. This includes
661 the language and style of the messages, and the correct form of affirmative and
662 negative responses. In the \fBC\fR locale, the messages are presented in the
663 default form found in the program itself (in most cases, U.S. English).
664 .RE
665
666 .SH EXIT STATUS
667 .sp
668 .LP
669 The \fBpasswd\fR command exits with one of the following values:
670 .sp
671 .ne 2
672 .na
673 \fB\fB0\fR\fR
674 .ad
675 .RS 6n
676 Success.
677 .RE
678
679 .sp
680 .ne 2
681 .na
682 \fB\fB1\fR\fR
683 .ad
684 .RS 6n
685 Permission denied.
686 .RE
687
750
751 .sp
752 .ne 2
753 .na
754 \fB\fB9\fR\fR
755 .ad
756 .RS 6n
757 System error.
758 .RE
759
760 .sp
761 .ne 2
762 .na
763 \fB\fB10\fR\fR
764 .ad
765 .RS 6n
766 Account expired.
767 .RE
768
769 .SH FILES
770 .sp
771 .ne 2
772 .na
773 \fB\fB/etc/default/passwd\fR\fR
774 .ad
775 .RS 23n
776 Default values can be set for the following flags in \fB/etc/default/passwd\fR.
777 For example: \fBMAXWEEKS=26\fR
778 .sp
779 .ne 2
780 .na
781 \fB\fBDICTIONDBDIR\fR\fR
782 .ad
783 .RS 16n
784 The directory where the generated dictionary databases reside. Defaults to
785 \fB/var/passwd\fR.
786 .sp
787 If neither \fBDICTIONLIST\fR nor \fBDICTIONDBDIR\fR is specified, the system
788 does not perform a dictionary check.
789 .RE
790
985
986 .sp
987 .ne 2
988 .na
989 \fB\fB/etc/shadow\fR\fR
990 .ad
991 .RS 23n
992 Shadow password file.
993 .RE
994
995 .sp
996 .ne 2
997 .na
998 \fB\fB/etc/shells\fR\fR
999 .ad
1000 .RS 23n
1001 Shell database.
1002 .RE
1003
1004 .SH ATTRIBUTES
1005 .sp
1006 .LP
1007 See \fBattributes\fR(5) for descriptions of the following attributes:
1008 .sp
1009
1010 .sp
1011 .TS
1012 box;
1013 c | c
1014 l | l .
1015 ATTRIBUTE TYPE ATTRIBUTE VALUE
1016 _
1017 CSI Enabled
1018 _
1019 Interface Stability See below.
1020 .TE
1021
1022 .sp
1023 .LP
1024 The human readable output is Uncommitted. The options are Committed.
1025 .SH SEE ALSO
1026 .sp
1027 .LP
1028 \fBat\fR(1), \fBbatch\fR(1), \fBfinger\fR(1), \fBkpasswd\fR(1), \fBlogin\fR(1),
1029 \fBnistbladm\fR(1), \fBcron\fR(1M), \fBdomainname\fR(1M), \fBeeprom\fR(1M),
1030 \fBid\fR(1M), \fBldapclient\fR(1M), \fBmkpwdict\fR(1M), \fBpassmgmt\fR(1M),
1031 \fBpwconv\fR(1M), \fBsu\fR(1M), \fBuseradd\fR(1M), \fBuserdel\fR(1M),
1032 \fBusermod\fR(1M), \fBcrypt\fR(3C), \fBgetpwnam\fR(3C), \fBgetspnam\fR(3C),
1033 \fBgetusershell\fR(3C), \fBnis_local_directory\fR(3NSL), \fBpam\fR(3PAM),
1034 \fBloginlog\fR(4), \fBnsswitch.conf\fR(4), \fBpam.conf\fR(4), \fBpasswd\fR(4),
1035 \fBpolicy.conf\fR(4), \fBshadow\fR(4), \fBshells\fR(4), \fBattributes\fR(5),
1036 \fBenviron\fR(5), \fBpam_authtok_check\fR(5), \fBpam_authtok_get\fR(5),
1037 \fBpam_authtok_store\fR(5), \fBpam_dhkeys\fR(5), \fBpam_ldap\fR(5),
1038 \fBpam_unix_account\fR(5), \fBpam_unix_auth\fR(5), \fBpam_unix_session\fR(5)
1039 .SH NOTES
1040 .sp
1041 .LP
1042 The \fBpam_unix\fR(5) module is no longer supported. Similar functionality is
1043 provided by \fBpam_unix_account\fR(5), \fBpam_unix_auth\fR(5),
1044 \fBpam_unix_session\fR(5), \fBpam_authtok_check\fR(5),
1045 \fBpam_authtok_get\fR(5), \fBpam_authtok_store\fR(5), \fBpam_dhkeys\fR(5), and
1046 \fBpam_passwd_auth\fR(5).
1047 .sp
1048 .LP
1049 The \fBnispasswd\fR and \fBypasswd\fR commands are wrappers around
1050 \fBpasswd\fR. Use of \fBnispasswd\fR and \fBypasswd\fR is discouraged. Use
1051 \fBpasswd\fR \fB-r\fR \fIrepository_name\fR instead.
1052 .sp
1053 .LP
1054 NIS+ might not be supported in future releases of the Solaris operating system.
1055 Tools to aid the migration from NIS+ to LDAP are available in the current
1056 Solaris release. For more information, visit
1057 http://www.sun.com/directory/nisplus/transition.html.
1058 .sp
1059 .LP
1060 Changing a password in the \fBfiles\fR and \fBldap\fR repositories clears the
1061 failed login count.
1062 .sp
1063 .LP
1064 Changing a password reactivates an account deactivated for inactivity for the
1065 length of the inactivity period.
1066 .sp
1067 .LP
|
1 '\" te
2 .\" Copyright 1989 AT&T
3 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
4 .\" Copyright 2015 Nexenta Systems, Inc. All rights reserved.
5 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
6 .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
7 .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
8 .TH PASSWD 1 "Jun 18, 2015"
9 .SH NAME
10 passwd \- change login password and password attributes
11 .SH SYNOPSIS
12 .LP
13 .nf
14 \fBpasswd\fR [\fB-r\fR files | \fB-r\fR ldap | \fB-r\fR nis | \fB-r\fR nisplus] [\fIname\fR]
15 .fi
16
17 .LP
18 .nf
19 \fBpasswd\fR [\fB-r\fR files] [\fB-egh\fR] [\fIname\fR]
20 .fi
21
22 .LP
23 .nf
24 \fBpasswd\fR [\fB-r\fR files] \fB-s\fR [\fB-a\fR]
25 .fi
26
27 .LP
28 .nf
64 .nf
65 \fBpasswd\fR \fB-r\fR nisplus [\fB-egh\fR] [\fB-D\fR \fIdomainname\fR] [\fIname\fR]
66 .fi
67
68 .LP
69 .nf
70 \fBpasswd\fR \fB-r\fR nisplus \fB-s\fR [\fB-a\fR]
71 .fi
72
73 .LP
74 .nf
75 \fBpasswd\fR \fB-r\fR nisplus [\fB-D\fR \fIdomainname\fR] \fB-s\fR [\fIname\fR]
76 .fi
77
78 .LP
79 .nf
80 \fBpasswd\fR \fB-r\fR nisplus [\fB-l\fR | \fB-u\fR | \fB-N\fR] [\fB-f\fR] [\fB-n\fR \fImin\fR] [\fB-w\fR \fIwarn\fR]
81 [\fB-x\fR \fImax\fR] [\fB-D\fR \fIdomainname\fR] \fIname\fR
82 .fi
83
84 .LP
85 .nf
86 \fBpasswd\fR \fB-S\fR [\fIname\fR]
87 .fi
88
89 .SH DESCRIPTION
90 .LP
91 The \fBpasswd\fR command changes the password or lists password attributes
92 associated with the user's login \fIname\fR. Additionally, privileged users can
93 use \fBpasswd\fR to install or change passwords and attributes associated with
94 any login \fIname\fR.
95 .sp
96 .LP
97 When used to change a password, \fBpasswd\fR prompts everyone for their old
98 password, if any. It then prompts for the new password twice. When the old
99 password is entered, \fBpasswd\fR checks to see if it has aged sufficiently. If
100 \fBaging\fR is insufficient, \fBpasswd\fR terminates; see \fBpwconv\fR(1M),
101 \fBnistbladm\fR(1), and \fBshadow\fR(4) for additional information.
102 .sp
103 .LP
104 The \fBpwconv\fR command creates and updates \fB/etc/shadow\fR with information
105 from \fB/etc/passwd\fR. \fBpwconv\fR relies on a special value of \fBx\fR in
106 the password field of \fB/etc/passwd\fR. This value of \fBx\fRindicates that
107 the password for the user is already in \fB/etc/shadow\fR and should not be
108 modified.
109 .sp
355 .ne 2
356 .na
357 \fB\fImax\fR\fR
358 .ad
359 .RS 12n
360 The maximum number of days the password is valid for \fIname\fR. \fBMAXWEEKS\fR
361 is found in \fB/etc/default/passwd\fR and is set to \fBNULL\fR.
362 .RE
363
364 .sp
365 .ne 2
366 .na
367 \fB\fIwarn\fR\fR
368 .ad
369 .RS 12n
370 The number of days relative to \fImax\fR before the password expires and the
371 \fIname\fR are warned.
372 .RE
373
374 .SS "Security"
375 .LP
376 \fBpasswd\fR uses \fBpam\fR(3PAM) for password change. It calls PAM with a
377 service name \fBpasswd\fR and uses service module type \fBauth\fR for
378 authentication and password for password change.
379 .sp
380 .LP
381 Locking an account (\fB-l\fR option) does not allow its use for password based
382 login or delayed execution (such as \fBat\fR(1), \fBbatch\fR(1), or
383 \fBcron\fR(1M)). The \fB-N\fR option can be used to disallow password based
384 login, while continuing to allow delayed execution.
385 .SH OPTIONS
386 .LP
387 The following options are supported:
388 .sp
389 .ne 2
390 .na
391 \fB\fB-a\fR\fR
392 .ad
393 .RS 17n
394 Shows password attributes for all entries. Use only with the \fB-s\fR option.
395 \fIname\fR must not be provided. For the \fBnisplus\fR repository, this shows
396 only the entries in the NIS+ password table in the local domain that the
397 invoker is authorized to read. For the \fBfiles\fR and \fBldap\fR repositories,
398 this is restricted to the superuser.
399 .RE
400
401 .sp
402 .ne 2
403 .na
404 \fB\fB-D\fR \fIdomainname\fR\fR
405 .ad
505 \fB\fBPS\fR\fR
506 .ad
507 .RS 6n
508 The account probably has a valid password.
509 .RE
510
511 .sp
512 .ne 2
513 .na
514 \fB\fBUN\fR\fR
515 .ad
516 .RS 6n
517 The data in the password field is unknown. It is not a recognizable hashed
518 password or any of the above entries. See \fBcrypt\fR(3C) for valid password
519 hashes.
520 .RE
521
522 .RE
523
524 .SS "Privileged User Options"
525 .LP
526 Only a privileged user can use the following options:
527 .sp
528 .ne 2
529 .na
530 \fB\fB-d\fR\fR
531 .ad
532 .RS 11n
533 Deletes password for \fIname\fR and unlocks the account. The login \fIname\fR
534 is not prompted for password. It is only applicable to the \fBfiles\fR and
535 \fBldap\fR repositories.
536 .sp
537 If the \fBlogin\fR(1) option \fBPASSREQ=YES\fR is configured, the account is
538 not able to login. \fBPASSREQ=YES\fR is the delivered default.
539 .RE
540
541 .sp
542 .ne 2
543 .na
544 \fB\fB-f\fR\fR
597 .na
598 \fB\fB-w\fR \fIwarn\fR\fR
599 .ad
600 .RS 11n
601 Sets warn field for \fIname\fR. The \fIwarn\fR field contains the number of
602 days before the password expires and the user is warned. This option is not
603 valid if password aging is disabled.
604 .RE
605
606 .sp
607 .ne 2
608 .na
609 \fB\fB-x\fR \fImax\fR\fR
610 .ad
611 .RS 11n
612 Sets maximum field for \fIname\fR. The \fImax\fR field contains the number of
613 days that the password is valid for \fIname\fR. The aging for \fIname\fR is
614 turned off immediately if \fImax\fR is set to \fB\(mi1\fR\&.
615 .RE
616
617 .sp
618 .ne 2
619 .na
620 \fB\fB-S\fR\fR
621 .ad
622 .RS 11n
623 Read the password from standard input (pipe).
624 .RE
625
626 .SH OPERANDS
627 .LP
628 The following operand is supported:
629 .sp
630 .ne 2
631 .na
632 \fB\fIname\fR\fR
633 .ad
634 .RS 8n
635 User login name.
636 .RE
637
638 .SH ENVIRONMENT VARIABLES
639 .LP
640 If any of the \fBLC_*\fR variables, that is, \fBLC_CTYPE\fR, \fBLC_MESSAGES\fR,
641 \fBLC_TIME\fR, \fBLC_COLLATE\fR, \fBLC_NUMERIC\fR, and \fBLC_MONETARY\fR (see
642 \fBenviron\fR(5)), are not set in the environment, the operational behavior of
643 \fBpasswd\fR for each corresponding locale category is determined by the value
644 of the \fBLANG\fR environment variable. If \fBLC_ALL\fR is set, its contents
645 are used to override both the \fBLANG\fR and the other \fBLC_*\fR variables. If
646 none of the above variables is set in the environment, the \fBC\fR (U.S. style)
647 locale determines how \fBpasswd\fR behaves.
648 .sp
649 .ne 2
650 .na
651 \fB\fBLC_CTYPE\fR\fR
652 .ad
653 .RS 15n
654 Determines how \fBpasswd\fR handles characters. When \fBLC_CTYPE\fR is set to a
655 valid value, \fBpasswd\fR can display and handle text and filenames containing
656 valid characters for that locale. \fBpasswd\fR can display and handle Extended
657 Unix Code (\fBEUC\fR) characters where any individual character can be 1, 2, or
658 3 bytes wide. \fBpasswd\fR can also handle \fBEUC\fR characters of 1, 2, or
659 more column widths. In the \fBC\fR locale, only characters from ISO 8859-1 are
660 valid.
661 .RE
662
663 .sp
664 .ne 2
665 .na
666 \fB\fBLC_MESSAGES\fR\fR
667 .ad
668 .RS 15n
669 Determines how diagnostic and informative messages are presented. This includes
670 the language and style of the messages, and the correct form of affirmative and
671 negative responses. In the \fBC\fR locale, the messages are presented in the
672 default form found in the program itself (in most cases, U.S. English).
673 .RE
674
675 .SH EXIT STATUS
676 .LP
677 The \fBpasswd\fR command exits with one of the following values:
678 .sp
679 .ne 2
680 .na
681 \fB\fB0\fR\fR
682 .ad
683 .RS 6n
684 Success.
685 .RE
686
687 .sp
688 .ne 2
689 .na
690 \fB\fB1\fR\fR
691 .ad
692 .RS 6n
693 Permission denied.
694 .RE
695
758
759 .sp
760 .ne 2
761 .na
762 \fB\fB9\fR\fR
763 .ad
764 .RS 6n
765 System error.
766 .RE
767
768 .sp
769 .ne 2
770 .na
771 \fB\fB10\fR\fR
772 .ad
773 .RS 6n
774 Account expired.
775 .RE
776
777 .SH FILES
778 .ne 2
779 .na
780 \fB\fB/etc/default/passwd\fR\fR
781 .ad
782 .RS 23n
783 Default values can be set for the following flags in \fB/etc/default/passwd\fR.
784 For example: \fBMAXWEEKS=26\fR
785 .sp
786 .ne 2
787 .na
788 \fB\fBDICTIONDBDIR\fR\fR
789 .ad
790 .RS 16n
791 The directory where the generated dictionary databases reside. Defaults to
792 \fB/var/passwd\fR.
793 .sp
794 If neither \fBDICTIONLIST\fR nor \fBDICTIONDBDIR\fR is specified, the system
795 does not perform a dictionary check.
796 .RE
797
992
993 .sp
994 .ne 2
995 .na
996 \fB\fB/etc/shadow\fR\fR
997 .ad
998 .RS 23n
999 Shadow password file.
1000 .RE
1001
1002 .sp
1003 .ne 2
1004 .na
1005 \fB\fB/etc/shells\fR\fR
1006 .ad
1007 .RS 23n
1008 Shell database.
1009 .RE
1010
1011 .SH ATTRIBUTES
1012 .LP
1013 See \fBattributes\fR(5) for descriptions of the following attributes:
1014 .sp
1015
1016 .sp
1017 .TS
1018 box;
1019 c | c
1020 l | l .
1021 ATTRIBUTE TYPE ATTRIBUTE VALUE
1022 _
1023 CSI Enabled
1024 _
1025 Interface Stability See below.
1026 .TE
1027
1028 .sp
1029 .LP
1030 The human readable output is Uncommitted. The options are Committed.
1031 .SH SEE ALSO
1032 .LP
1033 \fBat\fR(1), \fBbatch\fR(1), \fBfinger\fR(1), \fBkpasswd\fR(1), \fBlogin\fR(1),
1034 \fBnistbladm\fR(1), \fBcron\fR(1M), \fBdomainname\fR(1M), \fBeeprom\fR(1M),
1035 \fBid\fR(1M), \fBldapclient\fR(1M), \fBmkpwdict\fR(1M), \fBpassmgmt\fR(1M),
1036 \fBpwconv\fR(1M), \fBsu\fR(1M), \fBuseradd\fR(1M), \fBuserdel\fR(1M),
1037 \fBusermod\fR(1M), \fBcrypt\fR(3C), \fBgetpwnam\fR(3C), \fBgetspnam\fR(3C),
1038 \fBgetusershell\fR(3C), \fBnis_local_directory\fR(3NSL), \fBpam\fR(3PAM),
1039 \fBloginlog\fR(4), \fBnsswitch.conf\fR(4), \fBpam.conf\fR(4), \fBpasswd\fR(4),
1040 \fBpolicy.conf\fR(4), \fBshadow\fR(4), \fBshells\fR(4), \fBattributes\fR(5),
1041 \fBenviron\fR(5), \fBpam_authtok_check\fR(5), \fBpam_authtok_get\fR(5),
1042 \fBpam_authtok_store\fR(5), \fBpam_dhkeys\fR(5), \fBpam_ldap\fR(5),
1043 \fBpam_unix_account\fR(5), \fBpam_unix_auth\fR(5), \fBpam_unix_session\fR(5)
1044 .SH NOTES
1045 .LP
1046 The \fBpam_unix\fR(5) module is no longer supported. Similar functionality is
1047 provided by \fBpam_unix_account\fR(5), \fBpam_unix_auth\fR(5),
1048 \fBpam_unix_session\fR(5), \fBpam_authtok_check\fR(5),
1049 \fBpam_authtok_get\fR(5), \fBpam_authtok_store\fR(5), \fBpam_dhkeys\fR(5), and
1050 \fBpam_passwd_auth\fR(5).
1051 .LP
1052 The \fBnispasswd\fR and \fBypasswd\fR commands are wrappers around
1053 \fBpasswd\fR. Use of \fBnispasswd\fR and \fBypasswd\fR is discouraged. Use
1054 \fBpasswd\fR \fB-r\fR \fIrepository_name\fR instead.
1055 .sp
1056 .LP
1057 NIS+ might not be supported in future releases of the Solaris operating system.
1058 Tools to aid the migration from NIS+ to LDAP are available in the current
1059 Solaris release. For more information, visit
1060 http://www.sun.com/directory/nisplus/transition.html.
1061 .sp
1062 .LP
1063 Changing a password in the \fBfiles\fR and \fBldap\fR repositories clears the
1064 failed login count.
1065 .sp
1066 .LP
1067 Changing a password reactivates an account deactivated for inactivity for the
1068 length of the inactivity period.
1069 .sp
1070 .LP
|