1.\" Copyright (c) 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.Dd March 25, 2023 29.Dt PWD_MKDB 8 30.Os 31.Sh NAME 32.Nm pwd_mkdb 33.Nd "generate the password databases" 34.Sh SYNOPSIS 35.Nm 36.Op Fl CiNp 37.Op Fl d Ar directory 38.Op Fl s Ar cachesize 39.Op Fl u Ar username 40.Ar file 41.Sh DESCRIPTION 42The 43.Nm 44utility creates 45.Xr db 3 46style secure and insecure databases for the specified file. 47These databases are then installed into 48.Pa /etc/spwd.db 49and 50.Pa /etc/pwd.db 51respectively. 52The file is installed into 53.Pa /etc/master.passwd . 54The file must be in the correct format (see 55.Xr passwd 5 ) . 56It is important to note that the format used in this system is 57different from the historic Version 7 style format. 58.Pp 59The options are as follows: 60.Bl -tag -width flag 61.It Fl C 62Check if the password file is in the correct format. 63Do not 64change, add, or remove any files. 65.It Fl d Ar directory 66Store databases into specified destination directory instead of 67.Pa /etc . 68.It Fl i 69Ignore locking failure of the 70.Pa master.passwd 71file. 72This option is intended to be used to build password files in 73the release process over NFS where no contention can happen. 74A non-default directory must also be specified with the 75.Fl d 76option for locking to be ignored. 77Other use of this option is strongly discouraged. 78.It Fl N 79Tell 80.Nm 81to exit with an error if it cannot obtain a lock on the file. 82By default, 83we block waiting for a lock on the source file. 84The lock is held through 85the rebuilding of the database. 86.It Fl p 87Create a Version 7 style password file and install it into 88.Pa /etc/passwd . 89.It Fl s Ar cachesize 90Specify in megabytes the size of the memory cache used by the 91hashing library. 92On systems with a large user base, a small cache 93size can lead to prohibitively long database file rebuild times. 94As a rough guide, the memory usage of 95.Nm 96in megabytes will be a little bit more than twice the figure 97specified here. 98The default is 2 megabytes. 99.It Fl u Ar username 100Only update the record for the specified user. 101Utilities that 102operate on a single user can use this option to avoid the 103overhead of rebuilding the entire database. 104.El 105.Pp 106The two databases differ in that the secure version contains the user's 107encrypted password and the insecure version has an asterisk (``*'') 108.Pp 109The databases are used by the C library password routines (see 110.Xr getpwent 3 ) . 111.Pp 112The 113.Nm 114utility exits zero on success, non-zero on failure. 115.Sh ENVIRONMENT 116If the 117.Ev PW_SCAN_BIG_IDS 118environment variable is set, 119.Nm 120will suppress the warning messages that are 121normally generated for large user and group IDs. 122Such IDs can cause serious problems with software 123that makes assumptions about the values of IDs. 124.Sh FILES 125.Bl -tag -width Pa -compact 126.It Pa /etc/pwd.db 127The insecure password database file. 128.It Pa /etc/pwd.db.tmp 129A temporary file. 130.It Pa /etc/spwd.db 131The secure password database file. 132.It Pa /etc/spwd.db.tmp 133A temporary file. 134.It Pa /etc/master.passwd 135The current password file. 136.It Pa /etc/passwd 137A Version 7 format password file. 138.El 139.Sh EXAMPLES 140Regenerate the password database after manually editing or replacing 141the password file: 142.Bd -literal -offset -indent 143/usr/sbin/pwd_mkdb -p /etc/master.passwd 144.Ed 145.Sh COMPATIBILITY 146Previous versions of the system had a program similar to 147.Nm , 148.Xr mkpasswd 8 , 149which built 150.Xr dbm 3 151style databases for the password file but depended on the calling programs 152to install them. 153The program was renamed in order that previous users of the program 154not be surprised by the changes in functionality. 155.Sh SEE ALSO 156.Xr chpass 1 , 157.Xr passwd 1 , 158.Xr db 3 , 159.Xr getpwent 3 , 160.Xr passwd 5 , 161.Xr vipw 8 162.Sh BUGS 163Because of the necessity for atomic update of the password files, 164.Nm 165uses 166.Xr rename 2 167to install them. 168This, however, requires that the file specified on the command line live 169on the same file system as the 170.Pa /etc 171directory. 172.Pp 173There are the obvious races with multiple people running 174.Nm 175on different password files at the same time. 176The front-ends to 177.Nm , 178.Xr chpass 1 , 179.Xr passwd 1 180and 181.Xr vipw 8 , 182handle the locking necessary to avoid this problem. 183