xref: /freebsd/usr.bin/chpass/chpass.1 (revision 1719886f6d08408b834d270c59ffcfd821c8f63a)
1.\" Copyright (c) 1988, 1990, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.Dd May 25, 2021
29.Dt CHPASS 1
30.Os
31.Sh NAME
32.Nm chpass ,
33.Nm chfn ,
34.Nm chsh ,
35.Nm ypchpass ,
36.Nm ypchfn ,
37.Nm ypchsh
38.Nd add or change user database information
39.Sh SYNOPSIS
40.Nm chpass
41.Op Fl a Ar list
42.Op Fl e Ar expiretime
43.Op Fl p Ar encpass
44.Op Fl s Ar newshell
45.Op user
46.Nm ypchpass
47.Op Fl loy
48.Op Fl a Ar list
49.Op Fl d Ar domain
50.Op Fl e Ar expiretime
51.Op Fl h Ar host
52.Op Fl p Ar encpass
53.Op Fl s Ar newshell
54.Op user
55.Sh DESCRIPTION
56The
57.Nm
58utility
59allows editing of the user database information associated
60with
61.Ar user
62or, by default, the current user.
63.Pp
64The
65.Nm chfn ,
66.Nm chsh ,
67.Nm ypchpass ,
68.Nm ypchfn
69and
70.Nm ypchsh
71utilities behave identically to
72.Nm .
73(There is only one program.)
74.Pp
75The information is formatted and supplied to an editor for changes.
76.Pp
77Only the information that the user is allowed to change is displayed.
78.Pp
79The options are as follows:
80.Bl -tag -width "-e expiretime"
81.It Fl a Ar list
82The super-user is allowed to directly supply a user database
83entry, in the format specified by
84.Xr passwd 5 ,
85as an argument.
86This argument must be a colon
87.Pq Dq \&:
88separated list of all the
89user database fields, although they may be empty.
90.It Fl e Ar expiretime
91Change the account expire time.
92This option is used to set the expire time
93from a script as if it was done in the interactive editor.
94.It Fl p Ar encpass
95The super-user is allowed to directly supply an encrypted password field,
96in the format used by
97.Xr crypt 3 ,
98as an argument.
99.It Fl s Ar newshell
100Attempt to change the user's shell to
101.Ar newshell .
102.El
103.Pp
104Possible display items are as follows:
105.Pp
106.Bl -tag -width "Other Information:" -compact -offset indent
107.It Login:
108user's login name
109.It Password:
110user's encrypted password
111.It Uid:
112user's login
113.It Gid:
114user's login group
115.It Class:
116user's general classification
117.It Change:
118password change time
119.It Expire:
120account expiration time
121.It Full Name:
122user's real name
123.It Office Location:
124user's office location (1)
125.It Office Phone:
126user's office phone (1)
127.It Home Phone:
128user's home phone (1)
129.It Other Information:
130any locally defined parameters for user (1)
131.It Home Directory:
132user's home directory
133.It Shell:
134user's login shell
135.Pp
136.It NOTE(1) -
137In the actual master.passwd file, these fields are comma-delimited
138fields embedded in the FullName field.
139.El
140.Pp
141The
142.Ar login
143field is the user name used to access the computer account.
144.Pp
145The
146.Ar password
147field contains the encrypted form of the user's password.
148.Pp
149The
150.Ar uid
151field is the number associated with the
152.Ar login
153field.
154Both of these fields should be unique across the system (and often
155across a group of systems) as they control file access.
156.Pp
157While it is possible to have multiple entries with identical login names
158and/or identical user id's, it is usually a mistake to do so.
159Routines
160that manipulate these files will often return only one of the multiple
161entries, and that one by random selection.
162.Pp
163The
164.Ar gid
165field is the group that the user will be placed in at login.
166Since
167.Bx
168supports multiple groups (see
169.Xr groups 1 )
170this field currently has little special meaning.
171This field may be filled in with either a number or a group name (see
172.Xr group 5 ) .
173.Pp
174The
175.Ar class
176field references class descriptions in
177.Pa /etc/login.conf
178and is typically used to initialize the user's system resource limits
179when they login.
180.Pp
181The
182.Ar change
183field is the date by which the password must be changed.
184.Pp
185The
186.Ar expire
187field is the date on which the account expires.
188.Pp
189Both the
190.Ar change
191and
192.Ar expire
193fields should be entered in the form
194.Dq month day year
195where
196.Ar month
197is the month name (the first three characters are sufficient),
198.Ar day
199is the day of the month, and
200.Ar year
201is the year.
202.Pp
203Five fields are available for storing the user's
204.Ar full name , office location ,
205.Ar work
206and
207.Ar home telephone
208numbers and finally
209.Ar other information
210which is a single comma delimited string to represent any additional
211gecos fields (typically used for site specific user information).
212Note that
213.Xr finger 1
214will display the office location and office phone together under the
215heading
216.Ar Office\&: .
217.Pp
218The user's
219.Ar home directory
220is the full
221.Ux
222path name where the user
223will be placed at login.
224.Pp
225The
226.Ar shell
227field is the command interpreter the user prefers.
228If the
229.Ar shell
230field is empty, the Bourne shell,
231.Pa /bin/sh ,
232is assumed.
233When altering a login shell, and not the super-user, the user
234may not change from a non-standard shell or to a non-standard
235shell.
236Non-standard is defined as a shell not found in
237.Pa /etc/shells .
238.Pp
239Once the information has been verified,
240.Nm
241uses
242.Xr pwd_mkdb 8
243to update the user database.
244.Sh ENVIRONMENT
245The
246.Xr vi 1
247editor will be used unless the environment variable
248.Ev EDITOR
249is set to
250an alternate editor.
251When the editor terminates, the information is re-read and used to
252update the user database itself.
253Only the user, or the super-user, may edit the information associated
254with the user.
255.Pp
256See
257.Xr pwd_mkdb 8
258for an explanation of the impact of setting the
259.Ev PW_SCAN_BIG_IDS
260environment variable.
261.Sh NIS INTERACTION
262The
263.Nm
264utility can also be used in conjunction with NIS, however some restrictions
265apply.
266Currently,
267.Nm
268can only make changes to the NIS passwd maps through
269.Xr rpc.yppasswdd 8 ,
270which normally only permits changes to a user's password, shell and GECOS
271fields.
272Except when invoked by the super-user on the NIS master server,
273.Nm
274(and, similarly,
275.Xr passwd 1 )
276cannot use the
277.Xr rpc.yppasswdd 8
278server to change other user information or
279add new records to the NIS passwd maps.
280Furthermore,
281.Xr rpc.yppasswdd 8
282requires password authentication before it will make any
283changes.
284The only user allowed to submit changes without supplying
285a password is the super-user on the NIS master server; all other users,
286including those with root privileges on NIS clients (and NIS slave
287servers) must enter a password.
288(The super-user on the NIS master is allowed to bypass these restrictions
289largely for convenience: a user with root access
290to the NIS master server already has the privileges required to make
291updates to the NIS maps, but editing the map source files by hand can
292be cumbersome.
293.Pp
294Note: these exceptions only apply when the NIS master server is a
295.Fx
296system).
297.Pp
298Consequently, except where noted, the following restrictions apply when
299.Nm
300is used with NIS:
301.Bl -enum -offset indent
302.It
303.Em "Only the shell and GECOS information may be changed" .
304All other
305fields are restricted, even when
306.Nm
307is invoked by the super-user.
308While support for
309changing other fields could be added, this would lead to
310compatibility problems with other NIS-capable systems.
311Even though the super-user may supply data for other fields
312while editing an entry, the extra information (other than the
313password \(em see below) will be silently discarded.
314.Pp
315Exception: the super-user on the NIS master server is permitted to
316change any field.
317.It
318.Em "Password authentication is required" .
319The
320.Nm
321utility will prompt for the user's NIS password before effecting
322any changes.
323If the password is invalid, all changes will be
324discarded.
325.Pp
326Exception: the super-user on the NIS master server is allowed to
327submit changes without supplying a password.
328(The super-user may
329choose to turn off this feature using the
330.Fl o
331flag, described below.)
332.It
333.Em "Adding new records to the local password database is discouraged" .
334The
335.Nm
336utility will allow the administrator to add new records to the
337local password database while NIS is enabled, but this can lead to
338some confusion since the new records are appended to the end of
339the master password file, usually after the special NIS '+' entries.
340The administrator should use
341.Xr vipw 8
342to modify the local password
343file when NIS is running.
344.Pp
345The super-user on the NIS master server is permitted to add new records
346to the NIS password maps, provided the
347.Xr rpc.yppasswdd 8
348server has been started with the
349.Fl a
350flag to permitted additions (it refuses them by default).
351The
352.Nm
353utility tries to update the local password database by default; to update the
354NIS maps instead, invoke chpass with the
355.Fl y
356flag.
357.It
358.Em "Password changes are not permitted".
359Users should use
360.Xr passwd 1
361or
362.Xr yppasswd 1
363to change their NIS passwords.
364The super-user is allowed to specify
365a new password (even though the
366.Dq Password:
367field does not show
368up in the editor template, the super-user may add it back by hand),
369but even the super-user must supply the user's original password
370otherwise
371.Xr rpc.yppasswdd 8
372will refuse to update the NIS maps.
373.Pp
374Exception: the super-user on the NIS master server is permitted to
375change a user's NIS password with
376.Nm .
377.El
378.Pp
379There are also a few extra option flags that are available when
380.Nm
381is compiled with NIS support:
382.Bl -tag -width "-d domain"
383.It Fl d Ar domain
384Specify a particular NIS domain.
385The
386.Nm
387utility uses the system domain name by default, as set by the
388.Xr domainname 1
389utility.
390The
391.Fl d
392option can be used to override a default, or to specify a domain
393when the system domain name is not set.
394.It Fl h Ar host
395Specify the name or address of an NIS server to query.
396Normally,
397.Nm
398will communicate with the NIS master host specified in the
399.Pa master.passwd
400or
401.Pa passwd
402maps.
403On hosts that have not been configured as NIS clients, there is
404no way for the program to determine this information unless the user
405provides the hostname of a server.
406Note that the specified hostname need
407not be that of the NIS master server; the name of any server, master or
408slave, in a given NIS domain will do.
409.Pp
410When using the
411.Fl d
412option, the hostname defaults to
413.Dq localhost .
414The
415.Fl h
416option can be used in conjunction with the
417.Fl d
418option, in which case the user-specified hostname will override
419the default.
420.It Fl l
421Force
422.Nm
423to modify the local copy of a user's password
424information in the event that a user exists in both
425the local and NIS databases.
426.It Fl o
427Force the use of RPC-based updates when communicating with
428.Xr rpc.yppasswdd 8
429.Pq Dq old-mode .
430When invoked by the super-user on the NIS master server,
431.Nm
432allows unrestricted changes to the NIS passwd maps using dedicated,
433non-RPC-based mechanism (in this case, a
434.Ux
435domain socket).
436The
437.Fl o
438flag can be used to force
439.Nm
440to use the standard update mechanism instead.
441This option is provided
442mainly for testing purposes.
443.It Fl y
444Opposite effect of
445.Fl l .
446This flag is largely redundant since
447.Nm
448operates on NIS entries by default if NIS is enabled.
449.El
450.Sh FILES
451.Bl -tag -width /etc/master.passwd -compact
452.It Pa /etc/master.passwd
453the user database
454.It Pa /etc/passwd
455a Version 7 format password file
456.It Pa /etc/pw.XXXXXX
457temporary file
458.It Pa /etc/shells
459the list of approved shells
460.El
461.Sh EXAMPLES
462Change the shell of the current user to
463.Ql /usr/local/bin/zsh :
464.Bd -literal -offset indent
465chsh -s /usr/local/bin/zsh
466.Ed
467.Sh SEE ALSO
468.Xr finger 1 ,
469.Xr login 1 ,
470.Xr passwd 1 ,
471.Xr getusershell 3 ,
472.Xr login.conf 5 ,
473.Xr passwd 5 ,
474.Xr pw 8 ,
475.Xr pwd_mkdb 8 ,
476.Xr vipw 8
477.Rs
478.%A Robert Morris
479.%A Ken Thompson
480.%T "UNIX Password security"
481.Re
482.Sh HISTORY
483The
484.Nm
485utility appeared in
486.Bx 4.3 Reno .
487.Sh BUGS
488User information should (and eventually will) be stored elsewhere.
489