passwd(4)passwd(4)NAMEpasswd - password file
contains the following information for each user:
· login name
· encrypted password
· numerical user ID
· numerical group ID
· reserved gecos ID
· initial working directory
· program to use as shell
This is an ASCII file. Each field within each user's entry is sepa‐
rated from the next by a colon. Each user is separated from the next
by a newline. This file resides in the directory. It can and does
have general read permission and can be used, for example, to map
numerical user IDs to names.
returns a pointer to a user's entry passwd structure declared in
The login name may only contain alphanumeric and underscore characters.
The login name must start with an alpha character, unless the Numeri‐
cUsername product is installed, in which case, the first character can
also be a decimal digit.
If the login directory is null, the user will be placed in by default.
If the login shell is null, is used.
It is suggested that the range 0−99 not be used for user and group IDs
so that IDs that might be assigned for system software do not conflict.
The gecos field may contain the following identification: user's full
name, office location, extension, and home phone. The gecos field can
be set by use of the command and is displayed by the command (see
chfn(1) and finger(1)). These two commands assume the information in
this field is in the order listed above. A portion of the user's real
name can be represented in the gecos field by an character, which some
utilities (including expand by substituting the login name for it and
shifting the first letter of the login name to uppercase.
On a non-shadowed standard system, all password fields contain the
actual encrypted password. On a shadowed standard system, all password
fields contain an `x', while the actual encrypted passwords reside in
On a trusted system, all password fields contain a `*' and the actual
encrypted passwords reside in the Protected Password Database.
The following description of the password field applies only to the
password field of an entry in that contains an actual encrypted pass‐
word. See the shadow(4) manpage for details about encrypted passwords
that reside in and see the section of this manpage for details about
encrypted passwords that reside on a trusted system.
If the password field is null, there is no password and no password is
demanded on login. Otherwise, this field consists of an encrypted
password with an optional password aging subfield.
The encrypted password consists of 13 characters chosen from a 64-char‐
acter set of "digits" described below, Login can be prevented by enter‐
ing in the password field a character that is not part of the set of
digits (such as
The characters used to represent "digits" are for 0, for 1, through for
2 through 11, through for 12 through 37, and through for 38 through 63.
Password aging is put in effect for a particular user if his encrypted
password in the password file is followed by a comma and a non-null
string of characters from the above alphabet. (Such a string must be
introduced in the first instance by a superuser.) This string defines
the "age" needed to implement password aging.
UNIX keeps internal time stamps in a format with a base date of Thurs‐
day January 1, 1970. Because of this, passwd considers the beginning
of a week to be 00:00 GMT Thursday.
The first character of the age, M, denotes the maximum number of weeks
for which a password is valid. A user who attempts to login after his
password has expired is forced to supply a new one. The next charac‐
ter, m, denotes the minimum period in weeks that must expire before the
password can be changed. The remaining two characters define the week
when the password was last changed (a null string is equivalent to
zero). M and m have numerical values in the range 0 through 63 that
correspond to the 64-character set of "digits" shown above.
If m = M = 0 (derived from the string or the user is forced to change
his password next time he logs in (and the "age" disappears from his
entry in the password file). If m > M (signified, for example, by the
string then only a superuser (not the user) can change the password.
Not allowing the user to ever change the password is discouraged.
This section applies only to trusted systems. Note that HP-UX 11i Ver‐
sion 3 is the last release to support trusted systems functionality.
On a trusted system the password field always contains by default.
Password and aging information are instead part of the Protected Pass‐
On trusted systems, the encrypted password for each user is stored in
the file (where c is the first letter in user_name). Password informa‐
tion files are not accessible to the public. The encrypted password
can be longer than 13 characters. For example, the password file for
user is stored in In addition to the password, the user profiles in
also have many other fields, including:
· numerical audit ID
· numerical audit flag
Like this file is an ASCII file. Fields within each user's entry are
separated by colons. Refer to authcap(4) and prpwd(4) for details.
The passwords contained in take precedence over those contained in the
encrypted password field of User authentication is done using the
encrypted passwords in this file. For a description of the password
aging mechanism, see the section of passwd(1).
For more information about passwords and converting to a trusted sys‐
tem, see and sam(1M).
The file can have entries that begin with a plus or minus sign in the
first column. Such lines are used to access the Network Information
System database. A line beginning with a plus is used to incorporate
entries from the Network Information System. There are three styles of
Insert the entire contents
of the Network Information System password file at
Insert the entry (if any) for
name from the Network Information System at that
Insert the entries for all members of the network group
name at that point.
If a entry has a non-null password, directory, gecos, or shell field,
they override what is contained in the Network Information System. The
numerical user ID and group ID fields cannot be overridden.
The file can also have lines beginning with a minus which disallow
entries from the Network Information System. There are two styles of
Disallow any subsequent entries (if any) for
Disallow any subsequent entries for all members of the network
The plus and minus features are NIS functionality; therefore, if NIS is
not installed, they do not work. Also, these features work only with
The uid of −2 is reserved for remote root access by means of NFS. The
user name usually given to this uid is Since uids are stored as signed
values, the following define is included in to match the user
The login shell for the root user (uid 0) must be to guarantee the sys‐
tem can always boot. Other shells such as sh, ksh, and csh are all
located under the directory which may not be mounted during earlier
stages of the bootup process. Changing the login shell of the root
user to a value other than is allowed but may result in a non-func‐
The information kept in the gecos field may conflict with unsupported
or future uses of this field. Use of the gecos field for keeping user
identification information has not been formalized within any of the
industry standards. The current use of this field is derived from its
use within the Berkeley Software Distribution. Future standards may
define this field for other purposes.
The following fields have size limitations as noted:
· Login name field can be no longer than 8 characters, or 255
characters if the support of long user and group names is
enabled on the system;
· Initial working directory field can be no longer than 63
characters, or 310 characters if the support of long user and
group names is enabled on the system;
· Program field can be no longer than 44 characters.
· Results are unpredictable if these fields are longer than the
limits specified above.
The following fields have numerical limitations as noted:
· The user ID is an integer value between 0 and inclusive. As
a special case, -2 may be present.
· The group ID is an integer value between 0 and inclusive. As
a special case -2 may be present.
· If either of these values are out of range, the functions
reset the ID value to
HP-UX 11i Version 3 is the last release to support trusted systems
Shadow Password Example
If the system has been converted to a shadowed standard system, the
password fields of user and user contain an 'x', and the actual
encrypted passwords reside in If it was a non-shadowed standard system,
the password fields of user and user would contain the actual encrypted
In the NIS example, there are specific entries for users and in case
the Network Information System is out of order.
· User password entry in the Network Information System is
incorporated without change.
· Any subsequent entries for user are ignored.
· The password field for anyone in the netgroup is disabled.
· Users in netgroup are not returned by and thus are not
allowed to log in.
· Anyone else can log in with their usual password, shell, and
home directory, but with a gecos field of
Protected password database used when system is converted to trusted
Standard password file used by HP-UX.
Shadow password file.
SEE ALSOchfn(1), chsh(1), finger(1), login(1), passwd(1), pwck(1M), pwconv(1M),
useradd(1M), a64l(3C), crypt(3C), getpass(3C), getpwent(3C), getprp‐
went(3), authcap(4), shadow(4), limits(5).