shadow

 

---

 
 
 
 File Formats                                            shadow(4)
 
 
 


NAME
      shadow - shadow password file
 


DESCRIPTION
      /etc/shadow is an access-restricted ASCII system  file  that
      stores  users'  encrypted passwords and related information.
      The shadow file can be used in conjunction with other shadow
      sources,   including   the   NIS   maps   passwd.byname  and
      passwd.byuid and the NIS+ table  passwd.  Programs  use  the
      getspnam(3C) routines to access this information.
 
      The fields for each user entry are separated by colons. Each
      user  is  separated  from  the next by a newline. Unlike the
      /etc/passwd file, /etc/shadow does  not  have  general  read
      permission.
 
      Each entry in the shadow file has the form:
 
      username:password:lastchg: min:max:warn: inactive:expire:flag
 
      The fields are defined as follows:
 
      username
            The user's login name (UID).
 
      password
            A 13-character encrypted password for the user, a lock
            string  to  indicate that the login is not accessible,
            or no string, which shows that there  is  no  password
            for the login.
 
      lastchg
            The number of days between January 1,  1970,  and  the
            date that the password was last modified.
 
      min   The minimum number of days required  between  password
            changes.
 
      max   The maximum number of days the password is valid.
 
      warn  The number of days before password  expires  that  the
            user is warned.
 
      inactive
            The number of days  of  inactivity  allowed  for  that
            user.
 
      expire
            An absolute date specifying  when  the  login  may  no
            longer be used.
 
      flag  Reserved for future use, set to  zero.  Currently  not
 
 
 
 SunOS 5.8           Last change: 10 Dec 1991                    1
 
 
 
 
 
 
 File Formats                                            shadow(4)
 
 
 
            used.
 
      The encrypted password consists of 13 characters chosen from
      a  64-character  alphabet  (.,  /, 0-9, A-Z, a-z). To update
      this file, use the passwd(1), useradd(1M),  usermod(1M),  or
      userdel(1M) commands.
 
      In  order  to   make   system   administration   manageable,
      /etc/shadow  entries should appear in exactly the same order
      as  /etc/passwd entries;   this  includes  ``+''  and  ``-''
      entries   if   the   compat   source   is  being  used  (see
      nsswitch.conf(4)).
 


FILES
      /etc/shadow
            shadow password file
 
      /etc/passwd"
            password file
 
      /etc/nsswitch.conf"
            name-service switch configuration file
 


SEE ALSO
      login(1), passwd(1), useradd(1M), userdel(1M),  usermod(1M),
      getspnam(3C), putspent(3C), nsswitch.conf(4), passwd(4)
 


NOTES
      If password aging is turned  on  in  any  name  service  the
      passwd: line in the /etc/nsswitch.conf file must have a for-
      mat specified in the nsswitch.conf(4) man page.
 
      If the /etc/nsswitch.conf passwd policy is not in one of the
      supported  formats, logins will not be allowed upon password
      expiration because the software does not know how to  handle
      password     updates    under    these    conditions.    See
      nsswitch.conf(4) for additional information.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 SunOS 5.8           Last change: 10 Dec 1991                    2
 
 
 

---