2007-10-07 17:16:16 +05:30
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
2008-10-11 17:14:43 +05:30
|
|
|
<!--
|
|
|
|
|
Copyright (c) 1989 - 1990, Julianne Frances Haugh
|
|
|
|
|
Copyright (c) 2007 - 2008, Nicolas François
|
|
|
|
|
All rights reserved.
|
|
|
|
|
|
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
|
|
|
modification, are permitted provided that the following conditions
|
|
|
|
|
are met:
|
|
|
|
|
1. Redistributions of source code must retain the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer.
|
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
|
3. The name of the copyright holders or contributors may not be used to
|
|
|
|
|
endorse or promote products derived from this software without
|
|
|
|
|
specific prior written permission.
|
|
|
|
|
|
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
|
|
|
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
|
|
|
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
|
|
|
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
|
|
|
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
|
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
|
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
|
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
|
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
|
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
-->
|
2007-10-07 17:16:16 +05:30
|
|
|
<refentry id='shadow.5'>
|
2007-11-11 05:16:11 +05:30
|
|
|
<!-- $Id$ -->
|
2007-10-07 17:16:16 +05:30
|
|
|
<refmeta>
|
|
|
|
|
<refentrytitle>shadow</refentrytitle>
|
|
|
|
|
<manvolnum>5</manvolnum>
|
2007-10-07 17:17:11 +05:30
|
|
|
<refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
|
2007-10-07 17:16:16 +05:30
|
|
|
</refmeta>
|
|
|
|
|
<refnamediv id='name'>
|
|
|
|
|
<refname>shadow</refname>
|
|
|
|
|
<refpurpose>encrypted password file</refpurpose>
|
|
|
|
|
</refnamediv>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:16:16 +05:30
|
|
|
<refsect1 id='description'>
|
|
|
|
|
<title>DESCRIPTION</title>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>
|
|
|
|
|
<emphasis remap='I'>shadow</emphasis> contains the encrypted password
|
|
|
|
|
information for user's accounts and optional the password aging
|
|
|
|
|
information. Included is:
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
<itemizedlist mark='bullet'>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>login name</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>encrypted password</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days since Jan 1, 1970 that password was last changed</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days before password may be changed</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days after which password must be changed</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days before password is to expire that user is warned</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days after password expires that account is disabled</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>days since Jan 1, 1970 that account is disabled</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:01 +05:30
|
|
|
<para>a reserved field</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
</listitem>
|
|
|
|
|
</itemizedlist>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
The password field must be filled. The encrypted password consists of
|
2007-10-27 19:15:14 +05:30
|
|
|
13 to 24 characters from the 64 character alphabet a thru z, A thru
|
2007-10-07 17:17:01 +05:30
|
|
|
Z, 0 thru 9, \. and /. Optionally it can start with a "$" character.
|
|
|
|
|
This means the encrypted password was generated using another (not
|
|
|
|
|
DES) algorithm. For example if it starts with "$1$" it means the
|
|
|
|
|
MD5-based algorithm was used.
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:16:16 +05:30
|
|
|
<para>
|
2007-10-07 17:17:01 +05:30
|
|
|
Refer to
|
2007-10-07 17:16:16 +05:30
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>
|
|
|
|
|
for details on how this string is interpreted.
|
|
|
|
|
</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
If the password field contains some string that is not valid result
|
|
|
|
|
of <citerefentry><refentrytitle>crypt</refentrytitle>
|
|
|
|
|
<manvolnum>3</manvolnum> </citerefentry>, for instance ! or *, the
|
|
|
|
|
user will not be able to use a unix password to log in, subject to
|
|
|
|
|
<citerefentry><refentrytitle>pam</refentrytitle>
|
|
|
|
|
<manvolnum>7</manvolnum></citerefentry>.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
The date of the last password change is given as the number of days
|
|
|
|
|
since Jan 1, 1970. The password may not be changed again until the
|
2008-08-13 12:25:37 +05:30
|
|
|
proper number of days have passed, and must be changed before the
|
2007-10-07 17:16:16 +05:30
|
|
|
maximum number of days. If the minimum number of days required is
|
|
|
|
|
greater than the maximum number of day allowed, this password may not
|
|
|
|
|
be changed by the user.
|
|
|
|
|
</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
An account is considered to be inactive and is disabled if the
|
2007-10-07 17:16:16 +05:30
|
|
|
password is not changed within the specified number of days after the
|
2007-10-07 17:16:25 +05:30
|
|
|
password expires. An account will also be disabled on the specified
|
2007-10-07 17:16:16 +05:30
|
|
|
day regardless of other password expiration information.
|
|
|
|
|
</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
This information supersedes any password or password age information
|
|
|
|
|
present in <filename>/etc/passwd</filename>.
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
This file must not be readable by regular users if password security
|
|
|
|
|
is to be maintained.
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:16:16 +05:30
|
|
|
<refsect1 id='files'>
|
|
|
|
|
<title>FILES</title>
|
|
|
|
|
<variablelist>
|
|
|
|
|
<varlistentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<term><filename>/etc/passwd</filename></term>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:33 +05:30
|
|
|
<para>User account information.</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
</listitem>
|
2007-10-07 17:16:16 +05:30
|
|
|
</varlistentry>
|
|
|
|
|
<varlistentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<term><filename>/etc/shadow</filename></term>
|
|
|
|
|
<listitem>
|
2007-10-07 17:17:33 +05:30
|
|
|
<para>Secure user account information.</para>
|
2007-10-07 17:17:01 +05:30
|
|
|
</listitem>
|
2007-10-07 17:16:16 +05:30
|
|
|
</varlistentry>
|
|
|
|
|
</variablelist>
|
|
|
|
|
</refsect1>
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:16:16 +05:30
|
|
|
<refsect1 id='see_also'>
|
|
|
|
|
<title>SEE ALSO</title>
|
2007-10-07 17:16:25 +05:30
|
|
|
<para><citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
|
2007-10-07 17:16:16 +05:30
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
2007-10-07 17:17:01 +05:30
|
|
|
<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
|
|
|
|
|
</citerefentry>.
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
</refentry>
|
