2007-10-07 17:16:16 +05:30
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
|
|
|
|
|
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
|
|
|
|
|
<refentry id='shadow.5'>
|
2007-10-07 17:16:25 +05:30
|
|
|
<!-- $Id: shadow.5.xml,v 1.9 2005/06/16 17:27:33 kloczek Exp $ -->
|
2007-10-07 17:16:16 +05:30
|
|
|
<refmeta>
|
|
|
|
|
<refentrytitle>shadow</refentrytitle>
|
|
|
|
|
<manvolnum>5</manvolnum>
|
|
|
|
|
</refmeta>
|
|
|
|
|
<refnamediv id='name'>
|
|
|
|
|
<refname>shadow</refname>
|
|
|
|
|
<refpurpose>encrypted password file</refpurpose>
|
|
|
|
|
</refnamediv>
|
|
|
|
|
|
|
|
|
|
<refsect1 id='description'>
|
|
|
|
|
<title>DESCRIPTION</title>
|
2007-10-07 17:16:25 +05:30
|
|
|
<para><emphasis remap='I'>shadow</emphasis> contains the encrypted
|
2007-10-07 17:16:16 +05:30
|
|
|
password information for user's accounts
|
2007-10-07 17:16:25 +05:30
|
|
|
and optional the password aging information. Included is:
|
2007-10-07 17:16:16 +05:30
|
|
|
</para>
|
2007-10-07 17:16:25 +05:30
|
|
|
<itemizedlist mark='bullet'>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>login name</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>encrypted password</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days since Jan 1, 1970 that password was last changed</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days before password may be changed</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days after which password must be changed</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days before password is to expire that user is warned</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days after password expires that account is disabled</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>days since Jan 1, 1970 that account is disabled</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>a reserved field</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
</itemizedlist>
|
2007-10-07 17:16:16 +05:30
|
|
|
|
2007-10-07 17:16:25 +05:30
|
|
|
<para>The password field must be filled. The encrypted password consists
|
2007-10-07 17:16:16 +05:30
|
|
|
of 13 to 24 characters from the 64 characters alphabet a thru z, A
|
|
|
|
|
thru Z, 0 thru 9, \. and /. Optionally it can start with a "$"
|
|
|
|
|
character. This means the encrypted password was generated using
|
|
|
|
|
another (not DES) algorithm. For example if it starts with "$1$" it
|
|
|
|
|
means the MD5-based algorithm was used.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>
|
|
|
|
|
Refer to
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
|
|
|
|
|
</citerefentry>
|
|
|
|
|
for details on how this string is interpreted.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>The date of the last password change is given as the number of
|
|
|
|
|
days since Jan 1, 1970. The password may not be changed again until
|
|
|
|
|
the proper number of days have passed, and must be changed after the
|
|
|
|
|
maximum number of days. If the minimum number of days required is
|
|
|
|
|
greater than the maximum number of day allowed, this password may not
|
|
|
|
|
be changed by the user.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>An account is considered to be inactive and is disabled if the
|
|
|
|
|
password is not changed within the specified number of days after the
|
2007-10-07 17:16:25 +05:30
|
|
|
password expires. An account will also be disabled on the specified
|
2007-10-07 17:16:16 +05:30
|
|
|
day regardless of other password expiration information.
|
|
|
|
|
</para>
|
|
|
|
|
|
2007-10-07 17:16:25 +05:30
|
|
|
<para>This information supersedes any password or password age
|
2007-10-07 17:16:16 +05:30
|
|
|
information present in <filename>/etc/passwd</filename>.
|
|
|
|
|
</para>
|
|
|
|
|
|
|
|
|
|
<para>This file must not be readable by regular users if password
|
|
|
|
|
security is to be maintained.
|
|
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1 id='files'>
|
|
|
|
|
<title>FILES</title>
|
|
|
|
|
<variablelist>
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term><filename>/etc/passwd</filename></term>
|
|
|
|
|
<listitem>user account information</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
<varlistentry>
|
|
|
|
|
<term><filename>/etc/shadow</filename></term>
|
|
|
|
|
<listitem>secure user account information</listitem>
|
|
|
|
|
</varlistentry>
|
|
|
|
|
</variablelist>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1 id='see_also'>
|
|
|
|
|
<title>SEE ALSO</title>
|
2007-10-07 17:16:25 +05:30
|
|
|
<para><citerefentry>
|
2007-10-07 17:16:16 +05:30
|
|
|
<refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
|
|
|
|
|
</citerefentry>,
|
|
|
|
|
<citerefentry>
|
|
|
|
|
<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
|
|
|
|
|
</citerefentry>
|
|
|
|
|
</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
|
|
|
|
|
<refsect1 id='author'>
|
|
|
|
|
<title>AUTHOR</title>
|
|
|
|
|
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
|
|
|
|
|
</refsect1>
|
|
|
|
|
</refentry>
|
