Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Reference > s

shadow(4)

HP-UX 11i Version 1.6: June 2002
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

NAME

shadow — shadow password file, <shadow.h>

DESCRIPTION

The /etc/shadow file is created from the /etc/passwd file by the pwconv command. It is readable only by a privileged user. It can be modified by the passwd(1), useradd(4), usermod(4), and userdel(1M) commands. Programs may use the interfaces described in the getspent(3C) manpage to access this information. These functions return a pointer to the spwd structure, which is defined in the <shadow.h> header file.

Fields

The /etc/shadow file is an ASCII file consisting of any number of user entries separated by newlines. Each user entry line consists of the following fields separated by colons:

login name

Each login name must match a login name in /etc/passwd. pwconv puts the user entries in /etc/shadow in the same order as the /etc/passwd entries.

encrypted password

The password field of the /etc/passwd entries contain an `x', and the actual encrypted passwords reside in /etc/shadow. The encrypted password field consists of 13 characters chosen from a 64-character set of "digits". The characters used to represent "digits" are . for 0, / for 1, 0 through 9 for 2 through 11, A through Z for 12 through 37, and a through z for 38 through 63. If this field is null, then there is no password and no password is demanded on login. Login can be prevented by entering a character that is not a part of the set of digits (such as *).

last change

The number of days since January 1, 1970 that the password was last modified.

min days

The minimum period in days that must expire before the password can be changed.

max days

The maximum number of days for which a password is valid. A user who attempts to login after his password has expired is forced to supply a new one. If min days and max days are both zero, the user is forced to change his password the next time he logs in. If min days is greater than max days, then the password cannot be changed. These restrictions do not apply to the superuser.

warn days

The number of days the user is warned before his password expires.

inactivity

The maximum number of days of inactivity allowed after a password has expired. The account is locked if the password is not changed within the specified number of days after the password expires. If this field is set to zero, then the user is required to change his password.

expiration

The absolute number of days since Jan 1, 1970 after which the account is no longer valid. A value of zero in this field indicates that the account is locked.

reserved

The reserved field is always zero and is reserved for future use.

Notes

The /etc/shadow file is not applicable to a system which has been converted to a trusted system.

FILES

/etc/passwd

system password file

/etc/shadow

shadow password file

/etc/nsswitch.conf

NSS configuration file.

SEE ALSO

login(1), passwd(1), pwconv(1M), pwunconv(1M), useradd(1M), userdel(1M), usermod(1M), crypt(3C), getspent(3C), putspent(3C), nsswitch.conf(4), passwd(4), shadow(4).



services.window
  		 


shells  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2002 Hewlett-Packard Development Company, L.P.