password files management
passmgmt command updates information in the password
files. This command works with both /etc/passwd and
an entry for user name to the password files. This
command does not create any directory for the new user and, unless the
-p option is provided to specify the password hash,
the new login remains locked (with the string *LK* in the
password field) until the password is changed.
modifies the entry for user name in the password
files. The name and password field in the
/etc/shadow entry and all the fields (except the
password field) in the /etc/passwd entry can be
modified by this command. Only fields entered on the command line will be
deletes the entry for user name from the password
files. It will not remove any files that the user owns on the system; they
must be removed manually.
passmgmt can be used only by the
- A short description of the login, enclosed in quotes. It is limited to a
maximum of 128 characters and defaults to an empty field.
- Specify the expiration date for a login. After this date, the user will be
able to access this login. The expire option argument is a date entered
using one of the date formats included in the template file
- The maximum number of days allowed between uses of a login ID before that
ID is declared invalid. Normal values are positive
integers. A value of 0 defeats the status.
Changing the password reactivates an account for the
- The group ID for the login. This number must range from 0 to the maximum
non-negative value for the system. The default is 1.
- Home directory of name. It is limited to a maximum
of 256 characters and defaults to
- Set a key=value pair. See
prof_attr(4). The valid
key=value pairs are defined in
user_attr(4), but the
"type" key is subject to the
rolemod(1m) restrictions. Multiple
key=value pairs may be added
- A directory that contains skeleton information (such as
.profile) that can be copied into a new user's
home directory. This directory must already exist. The system provides the
/etc/skel directory that can be used for this
- This option changes the name to
logname. It is used only with the
-m option. The total size of each login entry is
limited to a maximum of 511 bytes in each of the password files.
- This option allows a UID to be non-unique. It is used
only with the
- Password hash for name. It should be an encrypted
password generated by crypt(3c). The
default value for this field is *LK* which results in
any newly added login remaining locked until the password is changed.
- Login shell for name. It should be the full pathname
of the program that will be executed when the user logs in. The maximum
size of shell is 256 characters. The default is for
this field to be empty and to be interpreted as
- UID of the name. This number must
range from 0 to the maximum non-negative value for the system. It defaults
to the next available UID greater than 99. Without the
enforces the uniqueness of a UID.
passmgmt command exits with one of the following
The command line interface of
- Permission denied.
- Invalid command syntax. Usage message of the
passmgmt command is displayed.
- Invalid argument provided to option.
- UID in use.
- Inconsistent password files (for example, name is in
the /etc/passwd file and not in the
/etc/shadow file, or vice versa).
- Unexpected failure. Password files unchanged.
- Unexpected failure. Password file(s) missing.
- Password file(s) busy. Try again later.
- name does not exist (if
-d is specified), already exists (if
-a is specified), or logname
already exists (if
A NEWLINE or a colon (:) cannot be used as part of an
argument. (: is interpreted as a field separator in the password file).
This command only modifies password definitions in the local
/etc/passwd and /etc/shadow
files. If a network nameservice is being used to supplement the local files
with additional entries,
passmgmt cannot change
information supplied by the network nameservice.