Solaris Naming Administration Guide

passwd Table

The passwd table contains information about the accounts of users in a domain. These users generally are, but do not have to be, NIS+ principals. Remember though, that if they are NIS+ principals, their credentials are not stored here, but in the domain's cred table. The passwd table usually grants read permission to the world (or to nobody).

Note -

The passwd table should not have an entry for the user root (user ID 0). Root's password information should be stored and maintained in the machine's /etc files.

The information in the passwd table is added when users' accounts are created.

The passwd table contains the following columns:

Table C-12 passwd Table




The user's login name, which is assigned when the user's account is created; the name can contain no uppercase characters and can have a maximum of eight characters 


The user's encrypted password 


The user's numerical ID, assigned when the user's account is created 


The numerical ID of the user's default group 


The user's real name plus information that the user wishes to include in the From: field of a mail-message heading; an "&" in this column simply uses the user's login name 


The path name of the user's home directory. 


The user's initial shell program; the default is the Bourne shell: /usr/bin/sh.


(See Table C-13.)

The passwd table shadow column stores restricted information about user accounts. It includes the following information:

Table C-13 passwd Table Shadow Column




The number of days between January 1, 1970, and the date the password was last modified 


The minimum number of days recommended between password changes 


The maximum number of days that the password is valid 


The number of days' warning a user receives before being notified that his or her password has expired 


The number of days of inactivity allowed for the user 


An absolute date past which the user's account is no longer valid 


Reserved for future use: currently set to 0. 

Earlier Solaris releases used a +/- syntax in local /etc/passwd files to incorporate or overwrite entries in the NIS password maps. Since the Solaris Release 2x environment uses the name service switch file to specify a workstation's sources of information, this is no longer necessary. All you have to do in Solaris Release 2x systems is edit a client's /etc/nsswitch.conf file to specify files, followed by nisplus as the sources for the passwd information. This effectively adds the contents of the passwd table to the contents of the /etc/passwd file.

However, if you still want to use the +/- method, edit the client's nsswitch.conf file to add compat as the passwd source if you are using NIS. If you are using NIS+, add passwd_compat: nisplus.