|SHADOW(5)||File Formats and Configurations||SHADOW(5)|
The fields for each user entry are separated by colons. Each user is separated from the next by a newline. Unlike the /etc/passwd file, /etc/shadow does not have general read permission.
Each entry in the shadow file has the form:
The fields are defined as follows:
The lock string is defined as *LK* in the first four characters of the password field.
A value of -1 for min, max, or warn disables password aging.
The encrypted password consists of at most CRYPT_MAXCIPHERTEXTLEN characters chosen from a 64-character alphabet (., /, 0−9, A−Z, a−z). Two additional special characters, "$" and ",", can also be used and are defined in crypt(3C). To update this file, use the passwd(1), useradd(8), usermod(8), or userdel(8) commands.
In order to make system administration manageable, /etc/shadow entries should appear in exactly the same order as /etc/passwd entries; this includes ``+'' and ``-'' entries if the compat source is being used (see nsswitch.conf(5)).
Values for the various time-related fields are interpreted as Greenwich Mean Time.
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
If the /etc/nsswitch.conf passwd policy is not in one of the supported formats, logins will not be allowed upon password expiration, because the software does not know how to handle password updates under these conditions. See nsswitch.conf(5) for additional information.
|February 25, 2017||OmniOS|