- password files management
passmgmt -a options name
passmgmt -m options name
passmgmt -d name
The passmgmt command updates information in the password files. This command works with both /etc/passwd and /etc/shadow.
passmgmt -a adds an entry for user name to the password files. This command does not create any directory for the new user and the new login remains locked (with the string *LK* in the password field) until the passwd(1) command is executed to set the password.
passmgmt -m modifies the entry for user name in the password files. The name field in the /etc/shadow entry and all the fields (except the password field) in the /etc/passwd entry can be modified by this command. Only fields entered on the command line will be modified.
passmgmt -d deletes the entry for user name from the password files. It will not remove any files that the user owns on the system; they must be removed manually.
passmgmt can be used only by the super-user.
A short description of the login, enclosed in quotes. It is limited to a maximum of 128 characters and defaults to an empty field.
Specify the expiration date for a login. After this date, no user will be able to access this login. The expire option argument is a date entered using one of the date formats included in the template file /etc/datemsk. See getdate(3C).
The maximum number of days allowed between uses of a login ID before that ID is declared invalid. Normal values are positive integers. A value of 0 defeats the status.
Changing the password reactivates an account for the inactivity period.
GID of name. This number must range from 0 to the maximum non-negative value for the system. The default is 1.
Home directory of name. It is limited to a maximum of 256 characters and defaults to /usr/name.
Set a key=value pair. See user_attr(4), auth_attr(4), and prof_attr(4). The valid key=value pairs are defined in user_attr(4), but the “type” key is subject to the usermod(1M) and rolemod(1M) restrictions. Multiple key=value pairs may be added with multiple -K options.
A directory that contains skeleton information (such as .profile) that can be copied into a new user's home directory. This directory must already exist. The system provides the /etc/skel directory that can be used for this purpose.
This option changes the name to logname. It is used only with the -m option. The total size of each login entry is limited to a maximum of 511 bytes in each of the password files.
This option allows a UID to be non-unique. It is used only with the -u option.
Login shell for name. It should be the full pathname of the program that will be executed when the user logs in. The maximum size of shell is 256 characters. The default is for this field to be empty and to be interpreted as /usr/bin/sh.
UID of the name. This number must range from 0 to the maximum non-negative value for the system. It defaults to the next available UID greater than 99. Without the -o option, it enforces the uniqueness of a UID.
/etc/passwd /etc/shadow /etc/opasswd /etc/oshadow
See attributes(5) for descriptions of the following attributes:
The passmgmt command exits with one of the following values:
Invalid command syntax. Usage message of the passmgmt command is displayed.
Invalid argument provided to option.
UID in use.
Inconsistent password files (for example, name is in the /etc/passwd file and not in the /etc/shadow file, or vice versa).
Unexpected failure. Password files unchanged.
Unexpected failure. Password file(s) missing.
Password file(s) busy. Try again later.
name does not exist (if -m or -d is specified), already exists (if -a is specified), or logname already exists (if -m -l is specified).
Do not use a colon (:) or RETURN as part of an argument. It is interpreted as a field separator in the password file. The passmgmt command will be removed in a future release. Its functionality has been replaced and enhanced by useradd, userdel, and usermod. These commands are currently available.
This command only modifies password definitions in the local /etc/passwd and /etc/shadow files. If a network nameservice such as NIS or NIS+ is being used to supplement the local files with additional entries, passmgmt cannot change information supplied by the network nameservice.