1.\" $OpenBSD: chpass.1,v 1.43 2022/03/31 17:27:24 naddy Exp $ 2.\" $NetBSD: chpass.1,v 1.7 1996/05/15 21:50:40 jtc Exp $ 3.\" 4.\" Copyright (c) 1988, 1990, 1993 5.\" The Regents of the University of California. All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. Neither the name of the University nor the names of its contributors 16.\" may be used to endorse or promote products derived from this software 17.\" without specific prior written permission. 18.\" 19.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" 31.\" @(#)chpass.1 8.2 (Berkeley) 12/30/93 32.\" 33.Dd $Mdocdate: March 31 2022 $ 34.Dt CHPASS 1 35.Os 36.Sh NAME 37.Nm chpass , 38.Nm chfn , 39.Nm chsh 40.Nd add or change user database information 41.Sh SYNOPSIS 42.Nm chpass 43.Op Fl s Ar newshell 44.Op Ar user 45.Nm chpass 46.Fl a Ar list 47.Sh DESCRIPTION 48.Nm chpass 49allows editing of the user database information associated 50with 51.Ar user , 52or, by default, the current user. 53The information is formatted and supplied to an editor for changes. 54.Pp 55Only the information that the user is allowed to change is displayed. 56.Pp 57.Nm chfn 58and 59.Nm chsh 60are synonyms for 61.Nm chpass . 62.Pp 63The options are as follows: 64.Bl -tag -width Ds 65.It Fl a Ar list 66The superuser is allowed to directly supply a user database 67entry, in the format specified by 68.Xr passwd 5 , 69as an argument. 70This argument must be a colon 71.Pq Sq \&: 72separated list of all the 73user database fields, although they may be empty. 74.It Fl s Ar newshell 75Attempts to change the user's shell to 76.Ar newshell . 77.El 78.Pp 79Possible display items are as follows: 80.Pp 81.Bl -tag -width "Office Location:" -compact -offset indent 82.It Login: 83user's login name 84.It Password: 85user's encrypted password 86.It Uid: 87user's login 88.It Gid: 89user's login group 90.It Change: 91password change time 92.It Expire: 93account expiration time 94.It Class: 95user's general classification 96.It Home Directory: 97user's home directory 98.It Shell: 99user's login shell 100.It Full Name: 101user's real name 102.It Office Location: 103user's office location 104.It Office Phone: 105user's office phone 106.It Home Phone: 107user's home phone 108.El 109.Pp 110The 111.Ar login 112field is the user name used to access the computer account. 113.Pp 114The 115.Ar password 116field contains the encrypted form of the user's password. 117.Pp 118The 119.Ar uid 120field is the number associated with the 121.Ar login 122field. 123Both of these fields should be unique across the system (and often 124across a group of systems) as they control file access. 125.Pp 126While it is possible to have multiple entries with identical login names 127and/or identical user IDs, it is usually a mistake to do so. 128Routines that manipulate these files will often return only one of the multiple 129entries, and that one by random selection. 130.Pp 131The 132.Ar group 133field is the group that the user will be placed in at login. 134Since 135.Bx 136supports multiple groups (see 137.Xr groups 1 ) , 138this field currently has little special meaning. 139This field may be filled in with either a number or a group name (see 140.Xr group 5 ) . 141.Pp 142The 143.Ar change 144field is the date by which the password must be changed. 145.Pp 146The 147.Ar expire 148field is the date on which the account expires. 149.Pp 150Both the 151.Ar change 152and 153.Ar expire 154fields should be entered in the form 155.Ar month day year 156where 157.Ar month 158is the month name (the first three characters are sufficient), 159.Ar day 160is the day of the month, and 161.Ar year 162is the year. 163.Pp 164The 165.Ar class 166field specifies a key in the 167.Xr login.conf 5 168database of login class attributes. 169If empty, the 170.Dq default 171record is used. 172.Pp 173The user's 174.Ar home directory 175is the full 176.Ux 177path name where the user will be placed at login. 178.Pp 179The 180.Ar shell 181field is the command interpreter the user prefers. 182If the 183.Ar shell 184field is empty, the Bourne shell 185.Pq Pa /bin/sh 186is assumed. 187When altering a login shell, and not the superuser, the user 188may not change from a non-standard shell or to a non-standard 189shell. 190Non-standard is defined as a shell not found in 191.Pa /etc/shells . 192.Pp 193The last four fields are for storing the user's 194.Ar full name , office location , 195and 196.Ar work 197and 198.Ar home telephone 199numbers. 200.Pp 201Once the information has been verified, 202.Nm 203uses 204.Xr pwd_mkdb 8 205to update the user database. 206.Sh ENVIRONMENT 207The 208.Xr vi 1 209editor will be used unless the environment variable 210.Ev EDITOR 211is set to 212an alternate editor. 213When the editor terminates, the information is re-read and used to 214update the user database itself. 215Only the user, or the superuser, may edit the information associated 216with the user. 217.Sh FILES 218.Bl -tag -width /var/tmp/pw.XXXXXXXXXX -compact 219.It Pa /etc/master.passwd 220user database 221.It Pa /etc/passwd 222user database, with confidential information removed 223.It Pa /etc/ptmp 224lock file for the passwd database 225.It Pa /etc/shells 226list of approved shells 227.It Pa /var/tmp/pw.XXXXXXXXXX 228temporary copy of the user passwd information 229.El 230.Sh DIAGNOSTICS 231.Bl -diag 232.It "Attempting to lock password file, please wait or press ^C to abort" 233.Pp 234The password file is currently locked by another process; 235.Nm 236will keep trying to lock the password file until it succeeds or 237the user hits the interrupt character (control-C by default). 238If 239.Nm 240is interrupted while trying to gain the lock, any changes made will be lost. 241.Pp 242If the process holding the lock was prematurely terminated, the lock 243file may be stale and 244.Nm 245will wait forever trying to lock the password file. 246To determine whether a live process is actually holding the lock, the 247admin may run the following: 248.Bd -literal -offset indent 249$ fstat /etc/ptmp 250.Ed 251.Pp 252If no process is listed, it is safe to remove the 253.Pa /etc/ptmp 254file to clear the error. 255.El 256.Sh SEE ALSO 257.Xr finger 1 , 258.Xr login 1 , 259.Xr passwd 1 , 260.Xr getusershell 3 , 261.Xr login.conf 5 , 262.Xr passwd 5 , 263.Xr pwd_mkdb 8 , 264.Xr vipw 8 265.Rs 266.%A Robert Morris 267.%A Ken Thompson 268.%T Password security: a case history 269.%J Communications of the ACM 270.%V Volume 22 271.%N Issue 11 272.%D Nov. 1979 273.%P pp. 594\(en597 274.Re 275.Sh HISTORY 276The 277.Nm 278command appeared in 279.Bx 4.3 Reno . 280