System Administration Guide: Naming and Directory Services (FNS and NIS+)

passwd Table

The passwd table contains information about the accounts of users in a domain. These users generally are, but do not have to be, NIS+ principals. Remember though, that if they are NIS+ principals, their credentials are not stored here, but in the domain's cred table. The passwd table usually grants read permission to the world (or to nobody).


Note –

The passwd table should not have an entry for the user root (user ID 0). Root's password information should be stored and maintained in the machine's /etc files.


The information in the passwd table is added when users' accounts are created.

The passwd table contains the following columns:

Table 23–12 passwd Table

Column 

Description 

Name 

The user's login name, which is assigned when the user's account is created; the name can contain no uppercase characters and can have a maximum of eight characters 

Passwd 

The user's encrypted password 

UID 

The user's numerical ID, assigned when the user's account is created 

GID 

The numerical ID of the user's default group 

GCOS 

The user's real name plus information that the user wishes to include in the From: field of a mail-message heading; an “&” in this column simply uses the user's login name 

Home 

The path name of the user's home directory. 

Shell 

The user's initial shell program; the default is the Bourne shell: /usr/bin/sh.

Shadow 

(See Table 23–13.)

The passwd table shadow column stores restricted information about user accounts. It includes the following information:

Table 23–13 passwd Table Shadow Column

Item 

Description 

Lastchg 

The number of days between January 1, 1970, and the date the password was last modified 

Min 

The minimum number of days recommended between password changes 

Max 

The maximum number of days that the password is valid 

Warn 

The number of days' warning a user receives before being notified that his or her password has expired 

Inactive 

The number of days of inactivity allowed for the user 

Expire 

An absolute date past which the user's account is no longer valid 

Flag 

Reserved for future use: currently set to 0. 

Earlier Solaris releases used a +/- syntax in local /etc/passwd files to incorporate or overwrite entries in the NIS password maps. Since the Solaris Release 2x environment uses the name service switch file to specify a machine's sources of information, this is no longer necessary. All you have to do in Solaris Release 2x systems is edit a client's /etc/nsswitch.conf file to specify files, followed by nisplus as the sources for the passwd information. This effectively adds the contents of the passwd table to the contents of the /etc/passwd file.

However, if you still want to use the +/- method, edit the client's nsswitch.conf file to add compat as the passwd source if you are using NIS. If you are using NIS+, add passwd_compat: nisplus.