chpass.tproj/chpass.1

   1 .\" Copyright (c) 1988, 1990, 1993
   2 .\"     The Regents of the University of California.  All rights reserved.
   3 .\"
   4 .\" Redistribution and use in source and binary forms, with or without
   5 .\" modification, are permitted provided that the following conditions
   6 .\" are met:
   7 .\" 1. Redistributions of source code must retain the above copyright
   8 .\"    notice, this list of conditions and the following disclaimer.
   9 .\" 2. Redistributions in binary form must reproduce the above copyright
  10 .\"    notice, this list of conditions and the following disclaimer in the
  11 .\"    documentation and/or other materials provided with the distribution.
  12 .\" 3. Neither the name of the University nor the names of its contributors
  13 .\"    may be used to endorse or promote products derived from this software
  14 .\"    without specific prior written permission.
  15 .\"
  16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  19 .\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  26 .\" SUCH DAMAGE.
  27 .\"
  28 .\"     @(#)chpass.1    8.2 (Berkeley) 12/30/93
  29 .\" $FreeBSD: src/usr.bin/chpass/chpass.1,v 1.38.2.1 2005/09/24 01:59:39 keramida Exp $
  30 .\"
  31 .Dd December 30, 1993
  32 .Dt CHPASS 1
  33 .Os
  34 .Sh NAME
  35 .Nm chpass ,
  36 .Nm chfn ,
  37 .Nm chsh
  38 .\".Nm ypchpass ,
  39 .\".Nm ypchfn ,
  40 .\".Nm ypchsh
  41 .Nd add or change user database information
  42 .Sh SYNOPSIS
  43 .Nm
  44 .\".Op Fl a Ar list
  45 .\".Op Fl p Ar encpass
  46 .\".Op Fl e Ar expiretime
  47 .Op Fl l Ar location
  48 .Op Fl u Ar authname
  49 .Op Fl s Ar newshell
  50 .Op user
  51 .Sh DESCRIPTION
  52 The
  53 .Nm
  54 utility
  55 allows editing of the user database information associated
  56 with
  57 .Ar user
  58 or, by default, the current user.
  59 .Pp
  60 The
  61 .Nm
  62 utility
  63 .Em cannot
  64 change the user's password on Open Directory
  65 systems.  Use the
  66 .Xr passwd 1
  67 utility instead.
  68 .Pp
  69 The
  70 .Nm chfn ,
  71 and
  72 .Nm chsh
  73 .\".Nm ypchpass ,
  74 .\".Nm ypchfn
  75 .\"and
  76 .\".Nm ypchsh
  77 utilities behave identically to
  78 .Nm .
  79 (There is only one program.)
  80 .Pp
  81 The information is formatted and supplied to an editor for changes.
  82 .Pp
  83 Only the information that the user is allowed to change is displayed.
  84 .Pp
  85 The options are as follows:
  86 .Bl -tag -width indent
  87 .\".It Fl a
  88 .\"The super-user is allowed to directly supply a user database
  89 .\"entry, in the format specified by
  90 .\".Xr passwd 5 ,
  91 .\"as an argument.
  92 .\"This argument must be a colon
  93 .\".Pq Dq \&:
  94 .\"separated list of all the
  95 .\"user database fields, although they may be empty.
  96 .\".It Fl p
  97 .\"The super-user is allowed to directly supply an encrypted password field,
  98 .\"in the format used by
  99 .\".Xr crypt 3 ,
 100 .\"as an argument.
 101 .\".It Fl e Ar expiretime
 102 .\"Change the account expire time.
 103 .\"This option is used to set the expire time
 104 .\"from a script as if it were done in the interactive editor.
 105 .It Fl l Ar location
 106 If not specified,
 107 .Nm
 108 will perform a search for the user record on all available
 109 Open Directory nodes.
 110 When specified,
 111 .Nm
 112 will edit the user record on the directory node at the given
 113 .Ar location .
 114 .It Fl u Ar authname
 115 The user name to use when authenticating to the directory node containing the
 116 user.
 117 .It Fl s Ar newshell
 118 Attempt to change the user's shell to
 119 .Ar newshell .
 120 .El
 121 .Pp
 122 Possible display items are as follows:
 123 .Pp
 124 .Bl -tag -width "Other Information:" -compact -offset indent
 125 .It Login:
 126 user's login name
 127 .\".It Password:
 128 .\"user's encrypted password
 129 .It Uid:
 130 user's login
 131 .It Gid:
 132 user's login group
 133 .It Generated uid:
 134 user's UUID
 135 .\".It Class:
 136 .\"user's general classification
 137 .\".It Change:
 138 .\"password change time
 139 .\".It Expire:
 140 .\"account expiration time
 141 .It Full Name:
 142 user's real name
 143 .It Office Location:
 144 user's office location
 145 .It Office Phone:
 146 user's office phone
 147 .It Home Phone:
 148 user's home phone
 149 .\".It Other Information:
 150 .\"any locally defined parameters for user
 151 .It Home Directory:
 152 user's home directory
 153 .It Shell:
 154 user's login shell
 155 .Pp
 156 .\".It NOTE(1) -
 157 .\"In the actual master.passwd file, these fields are comma-delimited
 158 .\"fields embedded in the FullName field.
 159 .El
 160 .Pp
 161 The
 162 .Ar login
 163 field is the user name used to access the computer account.
 164 .\".Pp
 165 .\"The
 166 .\".Ar password
 167 .\"field contains the encrypted form of the user's password.
 168 .Pp
 169 The
 170 .Ar uid
 171 field is the number associated with the
 172 .Ar login
 173 field.
 174 Both of these fields should be unique across the system (and often
 175 across a group of systems) as they control file access.
 176 .Pp
 177 While it is possible to have multiple entries with identical login names
 178 and/or identical user id's, it is usually a mistake to do so.
 179 Routines
 180 that manipulate these files will often return only one of the multiple
 181 entries, and that one by random selection.
 182 .Pp
 183 The
 184 .Ar group
 185 field is the group that the user will be placed in at login.
 186 Since
 187 .Bx
 188 supports multiple groups (see
 189 .Xr groups 1 )
 190 this field currently has little special meaning.
 191 This field may be filled in with either a number or a group name (see
 192 .Xr group 5 ) .
 193 .Pp
 194 The
 195 .Ar generated uid
 196 field is the globally unique identifier (UUID) for the user.
 197 .\".Pp
 198 .\"The
 199 .\".Ar class
 200 .\"field references class descriptions in
 201 .\".Pa /etc/login.conf
 202 .\"and is typically used to initialize the user's system resource limits
 203 .\"when they login.
 204 .\".Pp
 205 .\"The
 206 .\".Ar change
 207 .\"field is the date by which the password must be changed.
 208 .\".Pp
 209 .\"The
 210 .\".Ar expire
 211 .\"field is the date on which the account expires.
 212 .\".Pp
 213 .\"Both the
 214 .\".Ar change
 215 .\"and
 216 .\".Ar expire
 217 .\"fields should be entered in the form
 218 .\".Dq month day year
 219 .\"where
 220 .\".Ar month
 221 .\"is the month name (the first three characters are sufficient),
 222 .\".Ar day
 223 .\"is the day of the month, and
 224 .\".Ar year
 225 .\"is the year.
 226 .\".Pp
 227 .\"Five fields are available for storing the user's
 228 .\".Ar full name , office location ,
 229 .\".Ar work
 230 .\"and
 231 .\".Ar home telephone
 232 .\"numbers and finally
 233 .\".Ar other information
 234 .\"which is a single comma delimited string to represent any additional
 235 .\"gcos fields (typically used for site specific user information).
 236 .\"Note that
 237 .\".Xr finger 1
 238 .\"will display the office location and office phone together under the
 239 .\"heading
 240 .\".Ar Office: .
 241 The
 242 .Ar full name
 243 field contains the full name of the user.
 244 .Pp
 245 The user's
 246 .Ar home directory
 247 is the full
 248 .Ux
 249 path name where the user
 250 will be placed at login.
 251 .Pp
 252 The
 253 .Ar shell
 254 field is the command interpreter the user prefers.
 255 If the
 256 .Ar shell
 257 field is empty, the Bourne shell,
 258 .Pa /bin/sh ,
 259 is assumed.
 260 When altering a login shell, and not the super-user, the user
 261 may not change from a non-standard shell or to a non-standard
 262 shell.
 263 Non-standard is defined as a shell not found in
 264 .Pa /etc/shells .
 265 .Pp
 266 The
 267 .Ar picture
 268 field is the path to a picture to be displayed for the user.
 269 .Sh OPEN DIRECTORY
 270 User database entries are under the control of
 271 .Xr DirectoryService 8
 272 and may be physically located in many different places,
 273 including the local Directory Service node,
 274 and remote LDAP servers.
 275 This version of
 276 .Nm
 277 uses Open Directory to change user database information.
 278 It does not interact with the historic flat file
 279 database
 280 .Pa /etc/master.passwd
 281 .
 282 .Sh ENVIRONMENT
 283 The
 284 .Xr vi 1
 285 editor will be used unless the environment variable
 286 .Ev EDITOR
 287 is set to
 288 an alternate editor.
 289 When the editor terminates, the information is re-read and used to
 290 update the user database itself.
 291 Only the user, or the super-user, may edit the information associated
 292 with the user.
 293 .Sh FILES
 294 .Bl -tag -width /etc/chpass.XXXXXX -compact
 295 .It Pa /etc/chpass.XXXXXX
 296 temporary copy of the data to edit
 297 .It Pa /etc/shells
 298 the list of approved shells
 299 .El
 300 .Sh SEE ALSO
 301 .\".Xr finger 1 ,
 302 .Xr login 1 ,
 303 .Xr passwd 1 ,
 304 .Xr getusershell 3 ,
 305 .Xr passwd 5
 306 .Rs
 307 .%A Robert Morris
 308 .%A Ken Thompson
 309 .%T "UNIX Password security"
 310 .Re
 311 .Sh HISTORY
 312 The
 313 .Nm
 314 utility appeared in
 315 .Bx 4.3 Reno .