A passwd file is a file consisting of records separated by newline characters, one record per user, containing seven colon (:) separated fields. These fields are as follows:
User's login name. The default length is 8 characters. User's encrypted password. User's ID User's login group ID General information about the user User's home directory User's login shell
The name field is the login used to access the computer account, and the uid field is the number associated with it. They should both be unique across the system (and often across a group of systems) since they control file access.
While it is possible to have multiple entries with identical login names and/or identical user gid's, it is usually a mistake to do so. Routines that manipulate these files will often return only one of the multiple entries, and that one by random selection.
The login name must never begin with a hyphen (-); also, it is strongly suggested that neither uppercase characters or dots (.) be part of the name, as this tends to confuse mailers. No field may contain a colon (:) as this has been used historically to separate the fields in the user database.
The password field is the encrypted form of the password. If the password field is empty, no password is required to gain access to the machine. Because these files contain the encrypted user passwords, they should not be readable by anyone without appropriate privileges.
Use the command to edit password entries. This ensures that the hashed password database is rebuilt. If you have enhanced security installed on your system, the password field contains an asterisk (*). The encrypted password is stored in the user's protected password database.
The gid field is the group that the user will be placed in upon login. Since the operating system supports multiple groups (see the groups command) this field currently has little special meaning.
The gecos field normally contains comma (,) separated subfields as follows:
User's full name User's office number User's work phone number User's home phone number
This information is used by the finger command.
The user's home directory is the full UNIX pathname where the user will be placed on login.
The shell field is the command interpreter the user prefers. If the shell field is empty, the Bourne shell (/bin/sh) is assumed.
The allowable values for the UID are unsigned numbers from 0 to 65535.
The command pwck can be used to verify the accuracy of data entered in the passwd file.
root:TZVtfX5VbS3KY:0:1:System PRIVILEGED Account,,,:/:/bin/sh adm:*:5:16:Admin Login:/usr/adm:/bin/sh operator:HdgoklKwZOlvU:25:28:System PRIVILEGED Account,,,:/etc/operator: guest:Nologin:-2:-2:anonymous NFS user:/:/bin/date osfuser:If2eoZ6gmghJo:50002:15:Osf User:/usr/users/osfuser:/bin/csh marcy:*:201:20:Marcy Swanson,dev,x1234:/usr/users/marcy:/bin/sh
Commands: login(1), passwd(1), pwck(8), vipw(8)
Files: prpasswd(4) delim off