[apple/system_cmds.git] / chpass.tproj / chpass.1

.\" Copyright (c) 1988, 1990, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"	This product includes software developed by the University of
.\"	California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     @(#)chpass.1	8.2 (Berkeley) 12/30/93
.\" $FreeBSD: src/usr.bin/chpass/chpass.1,v 1.34 2002/12/24 13:41:47 ru Exp $
.\"
.Dd December 30, 1993
.Dt CHPASS 1
.Os
.Sh NAME
.Nm chpass ,
.Nm chfn ,
.Nm chsh ,
.Nd add or change user database information
.Sh SYNOPSIS
.Nm
.Op Fl a Ar list
.Op Fl p Ar encpass
.Op Fl e Ar expiretime
.Op Fl s Ar newshell
.Op user
.Pp
.Nm
.Op Fl oly
.Op Fl a Ar list
.Op Fl p Ar encpass
.Op Fl e Ar expiretime
.Op Fl s Ar newshell
.Op Fl d Ar domain
.Op Fl h Ar host
.Op user
.Sh DESCRIPTION
The
.Nm
utility
allows editing of the user database information associated
with
.Ar user
or, by default, the current user.
.Pp
The
.Nm chfn ,
and
.Nm chsh
utilities behave identically to
.Nm .
(There is only one program.)
.Pp
The information is formatted and supplied to an editor for changes.
.Pp
Only the information that the user is allowed to change is displayed.
.Pp
The options are as follows:
.Bl -tag -width indent
.It Fl a
The super-user is allowed to directly supply a user database
entry, in the format specified by
.Xr passwd 5 ,
as an argument.
This argument must be a colon
.Pq Dq \&:
separated list of all the
user database fields, although they may be empty.
.It Fl p
The super-user is allowed to directly supply an encrypted password field,
in the format used by
.Xr crypt 3 ,
as an argument.
.It Fl e Ar expiretime
Change the account expire time.
This option is used to set the expire time
from a script as if it was done in the interactive editor.
.It Fl s Ar newshell
Attempt to change the user's shell to
.Ar newshell .
.El
.Pp
Possible display items are as follows:
.Pp
.Bl -tag -width "Other Information:" -compact -offset indent
.It Login:
user's login name
.It Password:
user's encrypted password
.It Uid:
user's login
.It Gid:
user's login group
.It Class:
user's general classification
.It Change:
password change time
.It Expire:
account expiration time
.It Full Name:
user's real name
.It Office Location:
user's office location (1)
.It Office Phone:
user's office phone (1)
.It Home Phone:
user's home phone (1)
.It Other Information:
any locally defined parameters for user (1)
.It Home Directory:
user's home directory
.It Shell:
user's login shell
.Pp
.It NOTE(1) -
In the actual master.passwd file, these fields are comma-delimited
fields embedded in the FullName field.
.El
.Pp
The
.Ar login
field is the user name used to access the computer account.
.Pp
The
.Ar password
field contains the encrypted form of the user's password.
.Pp
The
.Ar uid
field is the number associated with the
.Ar login
field.
Both of these fields should be unique across the system (and often
across a group of systems) as they control file access.
.Pp
While it is possible to have multiple entries with identical login names
and/or identical user id's, it is usually a mistake to do so.  Routines
that manipulate these files will often return only one of the multiple
entries, and that one by random selection.
.Pp
The
.Ar group
field is the group that the user will be placed in at login.
Since
.Bx
supports multiple groups (see
.Xr groups 1 )
this field currently has little special meaning.
This field may be filled in with either a number or a group name (see
.Xr group 5 ) .
.Pp
The
.Ar class
field references class descriptions in
.Pa /etc/login.conf
and is typically used to initialize the user's system resource limits
when they login.
.Pp
The
.Ar change
field is the date by which the password must be changed.
.Pp
The
.Ar expire
field is the date on which the account expires.
.Pp
Both the
.Ar change
and
.Ar expire
fields should be entered in the form
.Dq month day year
where
.Ar month
is the month name (the first three characters are sufficient),
.Ar day
is the day of the month, and
.Ar year
is the year.
.Pp
Five fields are available for storing the user's
.Ar full name , office location ,
.Ar work
and
.Ar home telephone
numbers and finally
.Ar other information
which is a single comma delimited string to represent any additional
gcos fields (typically used for site specific user information).
Note that
.Xr finger 1
will display the office location and office phone together under the
heading
.Ar Office: .
.Pp
The user's
.Ar home directory
is the full
.Ux
path name where the user
will be placed at login.
.Pp
The
.Ar shell
field is the command interpreter the user prefers.
If the
.Ar shell
field is empty, the Bourne shell,
.Pa /bin/sh ,
is assumed.
When altering a login shell, and not the super-user, the user
may not change from a non-standard shell or to a non-standard
shell.
Non-standard is defined as a shell not found in
.Pa /etc/shells .
.Pp
Once the information has been verified,
.Nm
uses
.Xr pwd_mkdb 8
to update the user database.
.Sh ENVIRONMENT
The
.Xr vi 1
editor will be used unless the environment variable
.Ev EDITOR
is set to
an alternate editor.
When the editor terminates, the information is re-read and used to
update the user database itself.
Only the user, or the super-user, may edit the information associated
with the user.
.Pp
See
.Xr pwd_mkdb 8
for an explanation of the impact of setting the
.Ev PW_SCAN_BIG_IDS
environment variable.
.Sh NIS INTERACTION
The
.Nm
utility can also be used in conjunction with NIS, however some restrictions
apply.
Currently,
.Nm
can only make changes to the NIS passwd maps through
.Xr rpc.yppasswdd 8 ,
which normally only permits changes to a user's password, shell and GECOS
fields.
Except when invoked by the super-user on the NIS master server,
.Nm
(and, similarly,
.Xr passwd 1 )
cannot use the
.Xr rpc.yppasswdd 8
server to change other user information or
add new records to the NIS passwd maps.
Furthermore,
.Xr rpc.yppasswdd 8
requires password authentication before it will make any
changes.
The only user allowed to submit changes without supplying
a password is the super-user on the NIS master server; all other users,
including those with root privileges on NIS clients (and NIS slave
servers) must enter a password.
(The super-user on the NIS master is allowed to bypass these restrictions
largely for convenience: a user with root access
to the NIS master server already has the privileges required to make
updates to the NIS maps, but editing the map source files by hand can
be cumbersome.
.Pp
Note: these exceptions only apply when the NIS master server is a
.Fx
system).
.Pp
Consequently, except where noted, the following restrictions apply when
.Nm
is used with NIS:
.Bl -enum -offset indent
.It
.Em "Only the shell and GECOS information may be changed" .
All other
fields are restricted, even when
.Nm
is invoked by the super-user.
While support for
changing other fields could be added, this would lead to
compatibility problems with other NIS-capable systems.
Even though the super-user may supply data for other fields
while editing an entry, the extra information (other than the
password -- see below) will be silently discarded.
.Pp
Exception: the super-user on the NIS master server is permitted to
change any field.
.Pp
.It
.Em "Password authentication is required" .
The
.Nm
utility will prompt for the user's NIS password before effecting
any changes.
If the password is invalid, all changes will be
discarded.
.Pp
Exception: the super-user on the NIS master server is allowed to
submit changes without supplying a password.
(The super-user may
choose to turn off this feature using the
.Fl o
flag, described below.)
.It
.Em "Adding new records to the local password database is discouraged" .
The
.Nm
utility will allow the administrator to add new records to the
local password database while NIS is enabled, but this can lead to
some confusion since the new records are appended to the end of
the master password file, usually after the special NIS '+' entries.
The administrator should use
.Xr vipw 8
to modify the local password
file when NIS is running.
.Pp
The super-user on the NIS master server is permitted to add new records
to the NIS password maps, provided the
.Xr rpc.yppasswdd 8
server has been started with the
.Fl a
flag to permitted additions (it refuses them by default).
The
.Nm
utility tries to update the local password database by default; to update the
NIS maps instead, invoke chpass with the
.Fl y
flag.
.It
.Em "Password changes are not permitted".
Users should use
.Xr passwd 1
or
.Xr yppasswd 1
to change their NIS passwords.
The super-user is allowed to specify
a new password (even though the
.Dq Password:
field does not show
up in the editor template, the super-user may add it back by hand),
but even the super-user must supply the user's original password
otherwise
.Xr rpc.yppasswdd 8
will refuse to update the NIS maps.
.Pp
Exception: the super-user on the NIS master server is permitted to
change a user's NIS password with
.Nm .
.El
.Pp
There are also a few extra option flags that are available when
.Nm
is compiled with NIS support:
.Bl -tag -width indent
.It Fl l
Force
.Nm
to modify the local copy of a user's password
information in the even that a user exists in both
the local and NIS databases.
.It Fl y
Opposite effect of
.Fl l .
This flag is largely redundant since
.Nm
operates on NIS entries by default if NIS is enabled.
.It Fl d Ar domain
Specify a particular NIS domain.
The
.Nm
utility uses the system domain name by default, as set by the
.Xr domainname 1
utility.
The
.Fl d
option can be used to override a default, or to specify a domain
when the system domain name is not set.
.It Fl h Ar host
Specify the name or address of an NIS server to query.
Normally,
.Nm
will communicate with the NIS master host specified in the
.Pa master.passwd
or
.Pa passwd
maps.
On hosts that have not been configured as NIS clients, there is
no way for the program to determine this information unless the user
provides the hostname of a server.
Note that the specified hostname need
not be that of the NIS master server; the name of any server, master or
slave, in a given NIS domain will do.
.Pp
When using the
.Fl d
option, the hostname defaults to
.Dq localhost .
The
.Fl h
option can be used in conjunction with the
.Fl d
option, in which case the user-specified hostname will override
the default.
.Pp
.It Fl o
Force the use of RPC-based updates when communicating with
.Xr rpc.yppasswdd 8
.Pq Dq old-mode .
When invoked by the super-user on the NIS master server,
.Nm
allows unrestricted changes to the NIS passwd maps using dedicated,
non-RPC-based mechanism (in this case, a
.Ux
domain socket). The
.Fl o
flag can be used to force
.Nm
to use the standard update mechanism instead.
This option is provided
mainly for testing purposes.
.El
.Sh FILES
.Bl -tag -width /etc/master.passwd -compact
.It Pa /etc/master.passwd
the user database
.It Pa /etc/passwd
a Version 7 format password file
.It Pa /etc/chpass.XXXXXX
temporary copy of the password file
.It Pa /etc/shells
the list of approved shells
.El
.Sh SEE ALSO
.Xr finger 1 ,
.Xr login 1 ,
.Xr passwd 1 ,
.Xr getusershell 3 ,
.Xr login.conf 5 ,
.Xr passwd 5 ,
.Xr pwd_mkdb 8 ,
.Xr vipw 8
.Rs
.%A Robert Morris
and
.%A Ken Thompson
.%T "UNIX Password security"
.Re
.Sh BUGS
User information should (and eventually will) be stored elsewhere.
.Sh HISTORY
The
.Nm
utility appeared in
.Bx 4.3 Reno .
Commit	Line	Data
1815bff5 A	1	.\" Copyright (c) 1988, 1990, 1993
	2	.\" The Regents of the University of California. All rights reserved.
	3	.\"
	4	.\" Redistribution and use in source and binary forms, with or without
	5	.\" modification, are permitted provided that the following conditions
	6	.\" are met:
	7	.\" 1. Redistributions of source code must retain the above copyright
	8	.\" notice, this list of conditions and the following disclaimer.
	9	.\" 2. Redistributions in binary form must reproduce the above copyright
	10	.\" notice, this list of conditions and the following disclaimer in the
	11	.\" documentation and/or other materials provided with the distribution.
	12	.\" 3. All advertising materials mentioning features or use of this software
	13	.\" must display the following acknowledgement:
	14	.\" This product includes software developed by the University of
	15	.\" California, Berkeley and its contributors.
	16	.\" 4. Neither the name of the University nor the names of its contributors
	17	.\" may be used to endorse or promote products derived from this software
	18	.\" without specific prior written permission.
	19	.\"
	20	.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	21	.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	22	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	23	.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	24	.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	25	.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	26	.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	27	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	28	.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	29	.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	30	.\" SUCH DAMAGE.
	31	.\"
	32	.\" @(#)chpass.1 8.2 (Berkeley) 12/30/93
20e66415	33	.\" $FreeBSD: src/usr.bin/chpass/chpass.1,v 1.34 2002/12/24 13:41:47 ru Exp $
1815bff5 A	34	.\"
	35	.Dd December 30, 1993
	36	.Dt CHPASS 1
	37	.Os
	38	.Sh NAME
20e66415 A	39	.Nm chpass ,
	40	.Nm chfn ,
	41	.Nm chsh ,
1815bff5 A	42	.Nd add or change user database information
1815bff5 A	43	.Sh SYNOPSIS
20e66415 A	44	.Nm
	45	.Op Fl a Ar list
	46	.Op Fl p Ar encpass
	47	.Op Fl e Ar expiretime
	48	.Op Fl s Ar newshell
	49	.Op user
	50	.Pp
	51	.Nm
	52	.Op Fl oly
1815bff5	53	.Op Fl a Ar list
20e66415 A	54	.Op Fl p Ar encpass
20e66415 A	55	.Op Fl e Ar expiretime
1815bff5	56	.Op Fl s Ar newshell
20e66415 A	57	.Op Fl d Ar domain
20e66415 A	58	.Op Fl h Ar host
1815bff5 A	59	.Op user
1815bff5 A	60	.Sh DESCRIPTION
20e66415 A	61	The
	62	.Nm
	63	utility
1815bff5 A	64	allows editing of the user database information associated
	65	with
	66	.Ar user
	67	or, by default, the current user.
20e66415 A	68	.Pp
	69	The
	70	.Nm chfn ,
	71	and
	72	.Nm chsh
	73	utilities behave identically to
	74	.Nm .
	75	(There is only one program.)
	76	.Pp
1815bff5 A	77	The information is formatted and supplied to an editor for changes.
	78	.Pp
	79	Only the information that the user is allowed to change is displayed.
	80	.Pp
	81	The options are as follows:
20e66415	82	.Bl -tag -width indent
1815bff5 A	83	.It Fl a
	84	The super-user is allowed to directly supply a user database
	85	entry, in the format specified by
	86	.Xr passwd 5 ,
	87	as an argument.
20e66415 A	88	This argument must be a colon
	89	.Pq Dq \&:
	90	separated list of all the
1815bff5	91	user database fields, although they may be empty.
20e66415 A	92	.It Fl p
	93	The super-user is allowed to directly supply an encrypted password field,
	94	in the format used by
	95	.Xr crypt 3 ,
	96	as an argument.
	97	.It Fl e Ar expiretime
	98	Change the account expire time.
	99	This option is used to set the expire time
	100	from a script as if it was done in the interactive editor.
	101	.It Fl s Ar newshell
	102	Attempt to change the user's shell to
1815bff5 A	103	.Ar newshell .
	104	.El
	105	.Pp
	106	Possible display items are as follows:
	107	.Pp
20e66415	108	.Bl -tag -width "Other Information:" -compact -offset indent
1815bff5 A	109	.It Login:
	110	user's login name
	111	.It Password:
	112	user's encrypted password
	113	.It Uid:
	114	user's login
	115	.It Gid:
	116	user's login group
20e66415 A	117	.It Class:
20e66415 A	118	user's general classification
1815bff5 A	119	.It Change:
	120	password change time
	121	.It Expire:
	122	account expiration time
20e66415 A	123	.It Full Name:
	124	user's real name
	125	.It Office Location:
	126	user's office location (1)
	127	.It Office Phone:
	128	user's office phone (1)
	129	.It Home Phone:
	130	user's home phone (1)
	131	.It Other Information:
	132	any locally defined parameters for user (1)
1815bff5 A	133	.It Home Directory:
	134	user's home directory
	135	.It Shell:
	136	user's login shell
20e66415 A	137	.Pp
	138	.It NOTE(1) -
	139	In the actual master.passwd file, these fields are comma-delimited
	140	fields embedded in the FullName field.
1815bff5 A	141	.El
	142	.Pp
	143	The
	144	.Ar login
	145	field is the user name used to access the computer account.
	146	.Pp
	147	The
	148	.Ar password
	149	field contains the encrypted form of the user's password.
	150	.Pp
	151	The
	152	.Ar uid
	153	field is the number associated with the
	154	.Ar login
	155	field.
	156	Both of these fields should be unique across the system (and often
	157	across a group of systems) as they control file access.
	158	.Pp
	159	While it is possible to have multiple entries with identical login names
	160	and/or identical user id's, it is usually a mistake to do so. Routines
	161	that manipulate these files will often return only one of the multiple
	162	entries, and that one by random selection.
	163	.Pp
	164	The
	165	.Ar group
	166	field is the group that the user will be placed in at login.
20e66415 A	167	Since
	168	.Bx
	169	supports multiple groups (see
1815bff5 A	170	.Xr groups 1 )
	171	this field currently has little special meaning.
	172	This field may be filled in with either a number or a group name (see
	173	.Xr group 5 ) .
	174	.Pp
	175	The
20e66415 A	176	.Ar class
	177	field references class descriptions in
	178	.Pa /etc/login.conf
	179	and is typically used to initialize the user's system resource limits
	180	when they login.
	181	.Pp
	182	The
1815bff5 A	183	.Ar change
	184	field is the date by which the password must be changed.
	185	.Pp
	186	The
	187	.Ar expire
	188	field is the date on which the account expires.
	189	.Pp
	190	Both the
	191	.Ar change
	192	and
	193	.Ar expire
20e66415 A	194	fields should be entered in the form
	195	.Dq month day year
	196	where
1815bff5 A	197	.Ar month
	198	is the month name (the first three characters are sufficient),
	199	.Ar day
	200	is the day of the month, and
	201	.Ar year
	202	is the year.
	203	.Pp
20e66415 A	204	Five fields are available for storing the user's
	205	.Ar full name , office location ,
	206	.Ar work
	207	and
	208	.Ar home telephone
	209	numbers and finally
	210	.Ar other information
	211	which is a single comma delimited string to represent any additional
	212	gcos fields (typically used for site specific user information).
	213	Note that
	214	.Xr finger 1
	215	will display the office location and office phone together under the
	216	heading
	217	.Ar Office: .
1815bff5 A	218	.Pp
	219	The user's
	220	.Ar home directory
20e66415 A	221	is the full
	222	.Ux
	223	path name where the user
1815bff5 A	224	will be placed at login.
	225	.Pp
	226	The
	227	.Ar shell
	228	field is the command interpreter the user prefers.
	229	If the
	230	.Ar shell
	231	field is empty, the Bourne shell,
	232	.Pa /bin/sh ,
	233	is assumed.
	234	When altering a login shell, and not the super-user, the user
	235	may not change from a non-standard shell or to a non-standard
	236	shell.
	237	Non-standard is defined as a shell not found in
	238	.Pa /etc/shells .
	239	.Pp
1815bff5	240	Once the information has been verified,
20e66415	241	.Nm
1815bff5 A	242	uses
	243	.Xr pwd_mkdb 8
	244	to update the user database.
	245	.Sh ENVIRONMENT
	246	The
	247	.Xr vi 1
20e66415 A	248	editor will be used unless the environment variable
	249	.Ev EDITOR
	250	is set to
1815bff5 A	251	an alternate editor.
	252	When the editor terminates, the information is re-read and used to
	253	update the user database itself.
	254	Only the user, or the super-user, may edit the information associated
	255	with the user.
20e66415 A	256	.Pp
	257	See
	258	.Xr pwd_mkdb 8
	259	for an explanation of the impact of setting the
	260	.Ev PW_SCAN_BIG_IDS
	261	environment variable.
	262	.Sh NIS INTERACTION
	263	The
	264	.Nm
	265	utility can also be used in conjunction with NIS, however some restrictions
	266	apply.
	267	Currently,
	268	.Nm
	269	can only make changes to the NIS passwd maps through
	270	.Xr rpc.yppasswdd 8 ,
	271	which normally only permits changes to a user's password, shell and GECOS
	272	fields.
	273	Except when invoked by the super-user on the NIS master server,
	274	.Nm
	275	(and, similarly,
	276	.Xr passwd 1 )
	277	cannot use the
	278	.Xr rpc.yppasswdd 8
	279	server to change other user information or
	280	add new records to the NIS passwd maps.
	281	Furthermore,
	282	.Xr rpc.yppasswdd 8
	283	requires password authentication before it will make any
	284	changes.
	285	The only user allowed to submit changes without supplying
	286	a password is the super-user on the NIS master server; all other users,
	287	including those with root privileges on NIS clients (and NIS slave
	288	servers) must enter a password.
	289	(The super-user on the NIS master is allowed to bypass these restrictions
	290	largely for convenience: a user with root access
	291	to the NIS master server already has the privileges required to make
	292	updates to the NIS maps, but editing the map source files by hand can
	293	be cumbersome.
	294	.Pp
	295	Note: these exceptions only apply when the NIS master server is a
	296	.Fx
	297	system).
	298	.Pp
	299	Consequently, except where noted, the following restrictions apply when
	300	.Nm
	301	is used with NIS:
	302	.Bl -enum -offset indent
	303	.It
	304	.Em "Only the shell and GECOS information may be changed" .
	305	All other
	306	fields are restricted, even when
	307	.Nm
	308	is invoked by the super-user.
	309	While support for
	310	changing other fields could be added, this would lead to
	311	compatibility problems with other NIS-capable systems.
	312	Even though the super-user may supply data for other fields
	313	while editing an entry, the extra information (other than the
	314	password -- see below) will be silently discarded.
	315	.Pp
	316	Exception: the super-user on the NIS master server is permitted to
	317	change any field.
	318	.Pp
	319	.It
320	.Em "Password authentication is required" .
321	The
322	.Nm
323	utility will prompt for the user's NIS password before effecting
324	any changes.
325	If the password is invalid, all changes will be
326	discarded.
327	.Pp
328	Exception: the super-user on the NIS master server is allowed to
329	submit changes without supplying a password.
330	(The super-user may
331	choose to turn off this feature using the
332	.Fl o
333	flag, described below.)
334	.It
335	.Em "Adding new records to the local password database is discouraged" .
336	The
337	.Nm
338	utility will allow the administrator to add new records to the
339	local password database while NIS is enabled, but this can lead to
340	some confusion since the new records are appended to the end of
341	the master password file, usually after the special NIS '+' entries.
342	The administrator should use
343	.Xr vipw 8
344	to modify the local password
345	file when NIS is running.
346	.Pp
347	The super-user on the NIS master server is permitted to add new records
348	to the NIS password maps, provided the
349	.Xr rpc.yppasswdd 8
350	server has been started with the
351	.Fl a
352	flag to permitted additions (it refuses them by default).
353	The
354	.Nm
355	utility tries to update the local password database by default; to update the
356	NIS maps instead, invoke chpass with the
357	.Fl y
358	flag.
359	.It
360	.Em "Password changes are not permitted".
361	Users should use
362	.Xr passwd 1
363	or
364	.Xr yppasswd 1
365	to change their NIS passwords.
366	The super-user is allowed to specify
367	a new password (even though the
368	.Dq Password:
369	field does not show
370	up in the editor template, the super-user may add it back by hand),
371	but even the super-user must supply the user's original password
372	otherwise
373	.Xr rpc.yppasswdd 8
374	will refuse to update the NIS maps.
375	.Pp
376	Exception: the super-user on the NIS master server is permitted to
377	change a user's NIS password with
378	.Nm .
379	.El
380	.Pp
381	There are also a few extra option flags that are available when
382	.Nm
383	is compiled with NIS support:
384	.Bl -tag -width indent
385	.It Fl l
386	Force
387	.Nm
388	to modify the local copy of a user's password
389	information in the even that a user exists in both
390	the local and NIS databases.
391	.It Fl y
392	Opposite effect of
393	.Fl l .
394	This flag is largely redundant since
395	.Nm
396	operates on NIS entries by default if NIS is enabled.
397	.It Fl d Ar domain
398	Specify a particular NIS domain.
399	The
400	.Nm
401	utility uses the system domain name by default, as set by the
402	.Xr domainname 1
403	utility.
404	The
405	.Fl d
406	option can be used to override a default, or to specify a domain
407	when the system domain name is not set.
408	.It Fl h Ar host
409	Specify the name or address of an NIS server to query.
410	Normally,
411	.Nm
412	will communicate with the NIS master host specified in the
413	.Pa master.passwd
414	or
415	.Pa passwd
416	maps.
417	On hosts that have not been configured as NIS clients, there is
418	no way for the program to determine this information unless the user
419	provides the hostname of a server.
420	Note that the specified hostname need
421	not be that of the NIS master server; the name of any server, master or
422	slave, in a given NIS domain will do.
423	.Pp
424	When using the
425	.Fl d
426	option, the hostname defaults to
427	.Dq localhost .
428	The
429	.Fl h
430	option can be used in conjunction with the
431	.Fl d
432	option, in which case the user-specified hostname will override
433	the default.
434	.Pp
435	.It Fl o
436	Force the use of RPC-based updates when communicating with
437	.Xr rpc.yppasswdd 8
438	.Pq Dq old-mode .
439	When invoked by the super-user on the NIS master server,
440	.Nm
441	allows unrestricted changes to the NIS passwd maps using dedicated,
442	non-RPC-based mechanism (in this case, a
443	.Ux
444	domain socket). The
445	.Fl o
446	flag can be used to force
447	.Nm
448	to use the standard update mechanism instead.
449	This option is provided
450	mainly for testing purposes.
451	.El
1815bff5 A	452	.Sh FILES
	453	.Bl -tag -width /etc/master.passwd -compact
	454	.It Pa /etc/master.passwd
20e66415	455	the user database
1815bff5	456	.It Pa /etc/passwd
20e66415	457	a Version 7 format password file
1815bff5	458	.It Pa /etc/chpass.XXXXXX
20e66415	459	temporary copy of the password file
1815bff5	460	.It Pa /etc/shells
20e66415	461	the list of approved shells
1815bff5 A	462	.El
1815bff5 A	463	.Sh SEE ALSO
1815bff5	464	.Xr finger 1 ,
20e66415	465	.Xr login 1 ,
1815bff5 A	466	.Xr passwd 1 ,
1815bff5 A	467	.Xr getusershell 3 ,
20e66415	468	.Xr login.conf 5 ,
1815bff5 A	469	.Xr passwd 5 ,
	470	.Xr pwd_mkdb 8 ,
	471	.Xr vipw 8
	472	.Rs
	473	.%A Robert Morris
	474	and
	475	.%A Ken Thompson
	476	.%T "UNIX Password security"
	477	.Re
	478	.Sh BUGS
	479	User information should (and eventually will) be stored elsewhere.
	480	.Sh HISTORY
	481	The
	482	.Nm
20e66415	483	utility appeared in
1815bff5	484	.Bx 4.3 Reno .