passwd

a b c d e f g h i j k l m n o p q r s t u v w x y z _
PASSWD(5)		  Linux Programmer’s Manual		    PASSWD(5)



NAME
       passwd - password file

DESCRIPTION
       Passwd  is a text file, that contains a list of the system’s accounts,
       giving for each account some useful information like  user  ID,	group
       ID, home directory, shell, etc.	Often, it also contains the encrypted
       passwords for each account.  It should have  general  read  permission
       (many utilities, like ls(1) use it to map user IDs to user names), but
       write access only for the superuser.

       In the good old days there was no great problem with this general read
       permission.   Everybody	could  read  the encrypted passwords, but the
       hardware was too slow to crack a well-chosen password,  and  moreover,
       the  basic  assumption  used  to be that of a friendly user-community.
       These days many people run some version of the shadow password  suite,
       where  /etc/passwd  has	*’s  instead  of encrypted passwords, and the
       encrypted passwords are in /etc/shadow which is readable by the	supe-
       ruser only.

       Regardless  of whether shadow passwords are used, many sysadmins use a
       star in the encrypted password field to make sure that this  user  can
       not  authenticate him- or herself using a password. (But see the Notes
       below.)

       If you create a new login, first put a star  in	the  password  field,
       then use passwd(1) to set it.

       There is one entry per line, and each line has the format:

	      account:password:UID:GID:GECOS:directory:shell

       The field descriptions are:


	      account	the  name  of  the user on the system.	It should not
			contain capital letters.

	      password	the encrypted user password or a star.

	      UID	the numerical user ID.

	      GID	the numerical primary group ID for this user.

	      GECOS	This field is optional and  only  used	for  informa-
			tional	purposes.  Usually, it contains the full user
			name.  GECOS  means  General  Electric	Comprehensive
			Operating System, which has been renamed to GCOS when
			GE’s large systems division was	 sold  to  Honeywell.
			Dennis	Ritchie	 has  reported:	 "Sometimes  we	 sent
			printer output or batch jobs  to  the  GCOS  machine.
			The  gcos  field  in the password file was a place to
			stash the information for the $IDENTcard.   Not	 ele-
			gant."

	      directory the user’s $HOME directory.

	      shell	the  program to run at login (if empty, use /bin/sh).
			If set to a non-existing executable, the user will be
			unable to login through login(1).

NOTE
       If  you want to create user groups, their GIDs must be equal and there
       must be an entry in /etc/group, or no group will exist.

       If the encrypted password is set to a star, the user will be unable to
       login  using login(1), but may still login using rlogin(1), run exist-
       ing processes and initiate new ones through rsh(1), cron(1), at(1), or
       mail  filters,  etc.  Trying to lock an account by simply changing the
       shell field yields the same result and additionally allows the use  of
       su(1).

FILES
       /etc/passwd

SEE ALSO
       passwd(1), login(1), su(1), group(5), shadow(5)



File formats			  1998-01-05			    PASSWD(5)