1.\" Copyright (c) 1988, 1990, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)chpass.1 8.2 (Berkeley) 12/30/93 29.\" $FreeBSD: src/usr.bin/chpass/chpass.1,v 1.39 2005/08/02 21:38:02 seanc Exp $ 30.\" $DragonFly: src/usr.bin/chpass/chpass.1,v 1.4 2006/02/17 19:38:58 swildner Exp $ 31.\" 32.Dd December 30, 1993 33.Dt CHPASS 1 34.Os 35.Sh NAME 36.Nm chpass , 37.Nm chfn , 38.Nm chsh , 39.Nm ypchpass , 40.Nm ypchfn , 41.Nm ypchsh 42.Nd add or change user database information 43.Sh SYNOPSIS 44.Nm 45.Op Fl a Ar list 46.Op Fl p Ar encpass 47.Op Fl e Ar expiretime 48.Op Fl s Ar newshell 49.Op user 50.Nm 51.Op Fl oly 52.Op Fl a Ar list 53.Op Fl p Ar encpass 54.Op Fl e Ar expiretime 55.Op Fl s Ar newshell 56.Op Fl d Ar domain 57.Op Fl h Ar host 58.Op user 59.Sh DESCRIPTION 60The 61.Nm 62utility 63allows editing of the user database information associated 64with 65.Ar user 66or, by default, the current user. 67.Pp 68The 69.Nm chfn , 70.Nm chsh , 71.Nm ypchpass , 72.Nm ypchfn 73and 74.Nm ypchsh 75utilities behave identically to 76.Nm . 77(There is only one program.) 78.Pp 79The information is formatted and supplied to an editor for changes. 80.Pp 81Only the information that the user is allowed to change is displayed. 82.Pp 83The options are as follows: 84.Bl -tag -width indent 85.It Fl a 86The super-user is allowed to directly supply a user database 87entry, in the format specified by 88.Xr passwd 5 , 89as an argument. 90This argument must be a colon 91.Pq Dq \&: 92separated list of all the 93user database fields, although they may be empty. 94.It Fl p 95The super-user is allowed to directly supply an encrypted password field, 96in the format used by 97.Xr crypt 3 , 98as an argument. 99.It Fl e Ar expiretime 100Change the account expire time. 101This option is used to set the expire time 102from a script as if it was done in the interactive editor. 103.It Fl s Ar newshell 104Attempt to change the user's shell to 105.Ar newshell . 106.El 107.Pp 108Possible display items are as follows: 109.Pp 110.Bl -tag -width "Other Information:" -compact -offset indent 111.It Login: 112user's login name 113.It Password: 114user's encrypted password 115.It Uid: 116user's login 117.It Gid: 118user's login group 119.It Class: 120user's general classification 121.It Change: 122password change time 123.It Expire: 124account expiration time 125.It Full Name: 126user's real name 127.It Office Location: 128user's office location (1) 129.It Office Phone: 130user's office phone (1) 131.It Home Phone: 132user's home phone (1) 133.It Other Information: 134any locally defined parameters for user (1) 135.It Home Directory: 136user's home directory 137.It Shell: 138user's login shell 139.Pp 140.It NOTE(1) - 141In the actual master.passwd file, these fields are comma-delimited 142fields embedded in the FullName field. 143.El 144.Pp 145The 146.Ar login 147field is the user name used to access the computer account. 148.Pp 149The 150.Ar password 151field contains the encrypted form of the user's password. 152.Pp 153The 154.Ar uid 155field is the number associated with the 156.Ar login 157field. 158Both of these fields should be unique across the system (and often 159across a group of systems) as they control file access. 160.Pp 161While it is possible to have multiple entries with identical login names 162and/or identical user id's, it is usually a mistake to do so. 163Routines 164that manipulate these files will often return only one of the multiple 165entries, and that one by random selection. 166.Pp 167The 168.Ar group 169field is the group that the user will be placed in at login. 170Since 171.Bx 172supports multiple groups (see 173.Xr groups 1 ) 174this field currently has little special meaning. 175This field may be filled in with either a number or a group name (see 176.Xr group 5 ) . 177.Pp 178The 179.Ar class 180field references class descriptions in 181.Pa /etc/login.conf 182and is typically used to initialize the user's system resource limits 183when they login. 184.Pp 185The 186.Ar change 187field is the date by which the password must be changed. 188.Pp 189The 190.Ar expire 191field is the date on which the account expires. 192.Pp 193Both the 194.Ar change 195and 196.Ar expire 197fields should be entered in the form 198.Dq month day year 199where 200.Ar month 201is the month name (the first three characters are sufficient), 202.Ar day 203is the day of the month, and 204.Ar year 205is the year. 206.Pp 207Five fields are available for storing the user's 208.Ar full name , office location , 209.Ar work 210and 211.Ar home telephone 212numbers and finally 213.Ar other information 214which is a single comma delimited string to represent any additional 215gecos fields (typically used for site specific user information). 216Note that 217.Xr finger 1 218will display the office location and office phone together under the 219heading 220.Ar Office: . 221.Pp 222The user's 223.Ar home directory 224is the full 225.Ux 226path name where the user 227will be placed at login. 228.Pp 229The 230.Ar shell 231field is the command interpreter the user prefers. 232If the 233.Ar shell 234field is empty, the Bourne shell, 235.Pa /bin/sh , 236is assumed. 237When altering a login shell, and not the super-user, the user 238may not change from a non-standard shell or to a non-standard 239shell. 240Non-standard is defined as a shell not found in 241.Pa /etc/shells . 242.Pp 243Once the information has been verified, 244.Nm 245uses 246.Xr pwd_mkdb 8 247to update the user database. 248.Sh ENVIRONMENT 249The 250.Xr vi 1 251editor will be used unless the environment variable 252.Ev EDITOR 253is set to 254an alternate editor. 255When the editor terminates, the information is re-read and used to 256update the user database itself. 257Only the user, or the super-user, may edit the information associated 258with the user. 259.Pp 260See 261.Xr pwd_mkdb 8 262for an explanation of the impact of setting the 263.Ev PW_SCAN_BIG_IDS 264environment variable. 265.Sh NIS INTERACTION 266The 267.Nm 268utility can also be used in conjunction with NIS, however some restrictions 269apply. 270Currently, 271.Nm 272can only make changes to the NIS passwd maps through 273.Xr rpc.yppasswdd 8 , 274which normally only permits changes to a user's password, shell and GECOS 275fields. 276Except when invoked by the super-user on the NIS master server, 277.Nm 278(and, similarly, 279.Xr passwd 1 ) 280cannot use the 281.Xr rpc.yppasswdd 8 282server to change other user information or 283add new records to the NIS passwd maps. 284Furthermore, 285.Xr rpc.yppasswdd 8 286requires password authentication before it will make any 287changes. 288The only user allowed to submit changes without supplying 289a password is the super-user on the NIS master server; all other users, 290including those with root privileges on NIS clients (and NIS slave 291servers) must enter a password. 292(The super-user on the NIS master is allowed to bypass these restrictions 293largely for convenience: a user with root access 294to the NIS master server already has the privileges required to make 295updates to the NIS maps, but editing the map source files by hand can 296be cumbersome. 297.Pp 298Note: these exceptions only apply when the NIS master server is a 299.Fx 300or 301.Dx 302system). 303.Pp 304Consequently, except where noted, the following restrictions apply when 305.Nm 306is used with NIS: 307.Bl -enum -offset indent 308.It 309.Em "Only the shell and GECOS information may be changed" . 310All other 311fields are restricted, even when 312.Nm 313is invoked by the super-user. 314While support for 315changing other fields could be added, this would lead to 316compatibility problems with other NIS-capable systems. 317Even though the super-user may supply data for other fields 318while editing an entry, the extra information (other than the 319password -- see below) will be silently discarded. 320.Pp 321Exception: the super-user on the NIS master server is permitted to 322change any field. 323.Pp 324.It 325.Em "Password authentication is required" . 326The 327.Nm 328utility will prompt for the user's NIS password before effecting 329any changes. 330If the password is invalid, all changes will be 331discarded. 332.Pp 333Exception: the super-user on the NIS master server is allowed to 334submit changes without supplying a password. 335(The super-user may 336choose to turn off this feature using the 337.Fl o 338flag, described below.) 339.It 340.Em "Adding new records to the local password database is discouraged" . 341The 342.Nm 343utility will allow the administrator to add new records to the 344local password database while NIS is enabled, but this can lead to 345some confusion since the new records are appended to the end of 346the master password file, usually after the special NIS '+' entries. 347The administrator should use 348.Xr vipw 8 349to modify the local password 350file when NIS is running. 351.Pp 352The super-user on the NIS master server is permitted to add new records 353to the NIS password maps, provided the 354.Xr rpc.yppasswdd 8 355server has been started with the 356.Fl a 357flag to permitted additions (it refuses them by default). 358The 359.Nm 360utility tries to update the local password database by default; to update the 361NIS maps instead, invoke chpass with the 362.Fl y 363flag. 364.It 365.Em "Password changes are not permitted". 366Users should use 367.Xr passwd 1 368or 369.Xr yppasswd 1 370to change their NIS passwords. 371The super-user is allowed to specify 372a new password (even though the 373.Dq Password: 374field does not show 375up in the editor template, the super-user may add it back by hand), 376but even the super-user must supply the user's original password 377otherwise 378.Xr rpc.yppasswdd 8 379will refuse to update the NIS maps. 380.Pp 381Exception: the super-user on the NIS master server is permitted to 382change a user's NIS password with 383.Nm . 384.El 385.Pp 386There are also a few extra option flags that are available when 387.Nm 388is compiled with NIS support: 389.Bl -tag -width indent 390.It Fl l 391Force 392.Nm 393to modify the local copy of a user's password 394information in the event that a user exists in both 395the local and NIS databases. 396.It Fl y 397Opposite effect of 398.Fl l . 399This flag is largely redundant since 400.Nm 401operates on NIS entries by default if NIS is enabled. 402.It Fl d Ar domain 403Specify a particular NIS domain. 404The 405.Nm 406utility uses the system domain name by default, as set by the 407.Xr domainname 1 408utility. 409The 410.Fl d 411option can be used to override a default, or to specify a domain 412when the system domain name is not set. 413.It Fl h Ar host 414Specify the name or address of an NIS server to query. 415Normally, 416.Nm 417will communicate with the NIS master host specified in the 418.Pa master.passwd 419or 420.Pa passwd 421maps. 422On hosts that have not been configured as NIS clients, there is 423no way for the program to determine this information unless the user 424provides the hostname of a server. 425Note that the specified hostname need 426not be that of the NIS master server; the name of any server, master or 427slave, in a given NIS domain will do. 428.Pp 429When using the 430.Fl d 431option, the hostname defaults to 432.Dq localhost . 433The 434.Fl h 435option can be used in conjunction with the 436.Fl d 437option, in which case the user-specified hostname will override 438the default. 439.Pp 440.It Fl o 441Force the use of RPC-based updates when communicating with 442.Xr rpc.yppasswdd 8 443.Pq Dq old-mode . 444When invoked by the super-user on the NIS master server, 445.Nm 446allows unrestricted changes to the NIS passwd maps using dedicated, 447non-RPC-based mechanism (in this case, a 448.Ux 449domain socket). 450The 451.Fl o 452flag can be used to force 453.Nm 454to use the standard update mechanism instead. 455This option is provided 456mainly for testing purposes. 457.El 458.Sh FILES 459.Bl -tag -width /etc/master.passwd -compact 460.It Pa /etc/master.passwd 461the user database 462.It Pa /etc/passwd 463a Version 7 format password file 464.It Pa /etc/chpass.XXXXXX 465temporary copy of the password file 466.It Pa /etc/shells 467the list of approved shells 468.El 469.Sh SEE ALSO 470.Xr finger 1 , 471.Xr login 1 , 472.Xr passwd 1 , 473.Xr getusershell 3 , 474.Xr login.conf 5 , 475.Xr passwd 5 , 476.Xr pw 8 , 477.Xr pwd_mkdb 8 , 478.Xr vipw 8 479.Rs 480.%A Robert Morris 481.%A Ken Thompson 482.%T "UNIX Password security" 483.Re 484.Sh HISTORY 485The 486.Nm 487utility appeared in 488.Bx 4.3 Reno . 489.Sh BUGS 490User information should (and eventually will) be stored elsewhere. 491