1.\" $OpenBSD: chpass.1,v 1.22 2001/06/23 05:57:07 deraadt Exp $ 2.\" $NetBSD: chpass.1,v 1.7 1996/05/15 21:50:40 jtc Exp $ 3.\" 4.\" Copyright (c) 1988, 1990, 1993 5.\" The Regents of the University of California. All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 3. All advertising materials mentioning features or use of this software 16.\" must display the following acknowledgement: 17.\" This product includes software developed by the University of 18.\" California, Berkeley and its contributors. 19.\" 4. Neither the name of the University nor the names of its contributors 20.\" may be used to endorse or promote products derived from this software 21.\" without specific prior written permission. 22.\" 23.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33.\" SUCH DAMAGE. 34.\" 35.\" @(#)chpass.1 8.2 (Berkeley) 12/30/93 36.\" 37.Dd December 30, 1993 38.Dt CHPASS 1 39.Os 40.Sh NAME 41.Nm chpass , 42.Nm chfn , 43.Nm chsh 44.Nd add or change user database information 45.Sh SYNOPSIS 46.Nm chpass 47.Op Fl ly 48.Op Fl a Ar list 49.Op Fl s Ar newshell 50.Op Ar user 51.Sh DESCRIPTION 52.Nm chpass 53allows editing of the user database information associated 54with 55.Ar user , 56or, by default, the current user. 57The information is formatted and supplied to an editor for changes. 58.Pp 59Only the information that the user is allowed to change is displayed. 60.Pp 61If YP in enabled change requests are first tried in the local database, 62and then in the YP database, if there was no entry to change locally. 63.Pp 64.Nm chfn 65and 66.Nm chsh 67are synonyms for 68.Nm chpass . 69.Pp 70The options are as follows: 71.Bl -tag -width Ds 72.It Fl a Ar list 73The superuser is allowed to directly supply a user database 74entry, in the format specified by 75.Xr passwd 5 , 76as an argument. 77This argument must be a colon 78.Pq Sq \&: 79separated list of all the 80user database fields, although they may be empty. 81This operation is not supported in YP environments; only local additions 82can be performed which requires the 83.Fl l 84flag to be specified. 85.It Fl l 86In environments where YP is enabled, always alter local information as 87opposed to information in YP. 88.It Fl s Ar newshell 89Attempts to change the user's shell to 90.Ar newshell . 91.It Fl y 92In environments where YP is enabled, always change the YP entry, even if this 93is a modification request and there is a local entry for the specified user. 94.El 95.Pp 96Possible display items are as follows: 97.Pp 98.Bl -tag -width "Office Location:" -compact -offset indent 99.It Login: 100user's login name 101.It Password: 102user's encrypted password 103.It Uid: 104user's login 105.It Gid: 106user's login group 107.It Change: 108password change time 109.It Expire: 110account expiration time 111.It Class: 112user's general classification 113.It Home Directory: 114user's home directory 115.It Shell: 116user's login shell 117.It Full Name: 118user's real name 119.It Office Location: 120user's office location 121.It Office Phone: 122user's office phone 123.It Home Phone: 124user's home phone 125.El 126.Pp 127The 128.Ar login 129field is the user name used to access the computer account. 130.Pp 131The 132.Ar password 133field contains the encrypted form of the user's password. 134.Pp 135The 136.Ar uid 137field is the number associated with the 138.Ar login 139field. 140Both of these fields should be unique across the system (and often 141across a group of systems) as they control file access. 142.Pp 143While it is possible to have multiple entries with identical login names 144and/or identical user IDs, it is usually a mistake to do so. 145Routines that manipulate these files will often return only one of the multiple 146entries, and that one by random selection. 147.Pp 148The 149.Ar group 150field is the group that the user will be placed in at login. 151Since BSD supports multiple groups (see 152.Xr groups 1 ), 153this field currently has little special meaning. 154This field may be filled in with either a number or a group name (see 155.Xr group 5 ) . 156.Pp 157The 158.Ar change 159field is the date by which the password must be changed. 160.Pp 161The 162.Ar expire 163field is the date on which the account expires. 164.Pp 165Both the 166.Ar change 167and 168.Ar expire 169fields should be entered in the form ``month day year'' where 170.Ar month 171is the month name (the first three characters are sufficient), 172.Ar day 173is the day of the month, and 174.Ar year 175is the year. 176.Pp 177The 178.Ar class 179field is currently unused. 180In the near future it will be a key to a 181.Xr termcap 5 182style database of user attributes. 183.Pp 184The user's 185.Ar home directory 186is the full UNIX path name where the user 187will be placed at login. 188.Pp 189The 190.Ar shell 191field is the command interpreter the user prefers. 192If the 193.Ar shell 194field is empty, the Bourne shell 195.Pq Pa /bin/sh 196is assumed. 197When altering a login shell, and not the superuser, the user 198may not change from a non-standard shell or to a non-standard 199shell. 200Non-standard is defined as a shell not found in 201.Pa /etc/shells . 202.Pp 203The last four fields are for storing the user's 204.Ar full name , office location , 205and 206.Ar work 207and 208.Ar home telephone 209numbers. 210.Pp 211Once the information has been verified, 212.Nm 213uses 214.Xr pwd_mkdb 8 215to update the user database. 216.Sh DIAGNOSTICS 217.Bl -diag 218.It "the passwd file is busy" 219The password file is currently locked by another process, or a 220process previously holding the lock was prematurely terminated. 221In the latter case, it is safe to remove the 222.Pa /etc/ptmp 223file to get rid of this error. 224.El 225.Sh ENVIRONMENT 226The 227.Xr vi 1 228editor will be used unless the environment variable 229.Ev EDITOR 230is set to 231an alternate editor. 232When the editor terminates, the information is re-read and used to 233update the user database itself. 234Only the user, or the superuser, may edit the information associated 235with the user. 236.Sh FILES 237.Bl -tag -width /var/tmp/pw.XXXXXXXX -compact 238.It Pa /etc/master.passwd 239user database 240.It Pa /etc/passwd 241a Version 7 format password file 242.It Pa /etc/ptmp 243lock file for the passwd database 244.It Pa /etc/shells 245list of approved shells 246.It Pa /var/tmp/pw.XXXXXXXX 247temporary copy of the user passwd information 248.El 249.Sh SEE ALSO 250.Xr finger 1 , 251.Xr login 1 , 252.Xr passwd 1 , 253.Xr getusershell 3 , 254.Xr passwd 5 , 255.Xr pwd_mkdb 8 , 256.Xr vipw 8 257.Rs 258.%A Robert Morris 259.%A Ken Thompson 260.%T "UNIX Password Security" 261.Re 262.Sh HISTORY 263The 264.Nm 265command appeared in 266.Bx 4.3 Reno . 267.Sh BUGS 268User information should (and eventually will) be stored elsewhere. 269