151 lines
4.8 KiB
XML
151 lines
4.8 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<refentry id='shadow.5'>
|
|
<!-- $Id$ -->
|
|
<refmeta>
|
|
<refentrytitle>shadow</refentrytitle>
|
|
<manvolnum>5</manvolnum>
|
|
<refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo>
|
|
</refmeta>
|
|
<refnamediv id='name'>
|
|
<refname>shadow</refname>
|
|
<refpurpose>encrypted password file</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsect1 id='description'>
|
|
<title>DESCRIPTION</title>
|
|
<para>
|
|
<emphasis remap='I'>shadow</emphasis> contains the encrypted password
|
|
information for user's accounts and optional the password aging
|
|
information. Included is:
|
|
</para>
|
|
<itemizedlist mark='bullet'>
|
|
<listitem>
|
|
<para>login name</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>encrypted password</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days since Jan 1, 1970 that password was last changed</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days before password may be changed</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days after which password must be changed</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days before password is to expire that user is warned</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days after password expires that account is disabled</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>days since Jan 1, 1970 that account is disabled</para>
|
|
</listitem>
|
|
<listitem>
|
|
<para>a reserved field</para>
|
|
</listitem>
|
|
</itemizedlist>
|
|
|
|
<para>
|
|
The password field must be filled. The encrypted password consists of
|
|
13 to 24 characters from the 64 character alphabet a thru z, A thru
|
|
Z, 0 thru 9, \. and /. Optionally it can start with a "$" character.
|
|
This means the encrypted password was generated using another (not
|
|
DES) algorithm. For example if it starts with "$1$" it means the
|
|
MD5-based algorithm was used.
|
|
</para>
|
|
|
|
<para>
|
|
Refer to
|
|
<citerefentry>
|
|
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
|
|
</citerefentry>
|
|
for details on how this string is interpreted.
|
|
</para>
|
|
|
|
<para>
|
|
If the password field contains some string that is not valid result
|
|
of <citerefentry><refentrytitle>crypt</refentrytitle>
|
|
<manvolnum>3</manvolnum> </citerefentry>, for instance ! or *, the
|
|
user will not be able to use a unix password to log in, subject to
|
|
<citerefentry><refentrytitle>pam</refentrytitle>
|
|
<manvolnum>7</manvolnum></citerefentry>.
|
|
</para>
|
|
|
|
<para>
|
|
The date of the last password change is given as the number of days
|
|
since Jan 1, 1970. The password may not be changed again until the
|
|
proper number of days have passed, and must be changed before the
|
|
maximum number of days. If the minimum number of days required is
|
|
greater than the maximum number of day allowed, this password may not
|
|
be changed by the user.
|
|
</para>
|
|
|
|
<para>
|
|
An account is considered to be inactive and is disabled if the
|
|
password is not changed within the specified number of days after the
|
|
password expires. An account will also be disabled on the specified
|
|
day regardless of other password expiration information.
|
|
</para>
|
|
|
|
<para>
|
|
This information supersedes any password or password age information
|
|
present in <filename>/etc/passwd</filename>.
|
|
</para>
|
|
|
|
<para>
|
|
This file must not be readable by regular users if password security
|
|
is to be maintained.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1 id='files'>
|
|
<title>FILES</title>
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><filename>/etc/passwd</filename></term>
|
|
<listitem>
|
|
<para>User account information.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term><filename>/etc/shadow</filename></term>
|
|
<listitem>
|
|
<para>Secure user account information.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1 id='see_also'>
|
|
<title>SEE ALSO</title>
|
|
<para><citerefentry>
|
|
<refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
|
|
</citerefentry>,
|
|
<citerefentry>
|
|
<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
|
|
</citerefentry>.
|
|
</para>
|
|
</refsect1>
|
|
</refentry>
|