passmgmt(1M)                                                      passmgmt(1M)


NAME
     passmgmt - password files management

SYNOPSIS
     passmgmt -a options name

     passmgmt -m options name

     passmgmt -d name

DESCRIPTION
     The passmgmt command updates information in the password files.  This
     command works with both /etc/passwd and /etc/shadow.  If there is no
     /etc/shadow, any changes made by passmgmt will only go into /etc/passwd.
     If the shadow file is not present, the -f and -e options have no effect,
     because the data fields they modify are not present in the base password
     file.

          passmgmt -a

     adds an entry for user name to the password files.

          passmgmt -a +name

     adds an NIS entry to the password files.  This command does not create
     any directory for the new user and the new login remains locked (with the
     string *LK* in the password field) until the passwd(1) command is
     executed to set the password.

          passmgmt -m

     modifies the entry for username in the password files.  The name field in
     the /etc/shadow entry and all the fields (except the password field) in
     the /etc/passwd entry can be modified by this command.  Only fields
     entered on the command line will be modified.

          passmgmt -d

     deletes the entry for username from the password files.  It will not
     remove any files that the user owns on the system; they must be removed
     manually.

          passmgmt -f days

     sets the period of inactivity for username in the shadow password file.

          passmgmt -e when

     sets the expiration date for the account.  The when argument is an input
     string to the getdate(3) routine.  If the environment variable DATEMSK is
     not set, the file /etc/datemsk is used by getdate to process this input
     argument.  Errors from getdate processing are reported.  Expiration dates


     must be greater than today.

     The following options are available:

     -ccomment   A short description of the login.  It is limited to a maximum
                 of 128 characters and defaults to an empty field.

     -hhomedir   Home directory of name.  It is limited to a maximum of 256
                 characters and defaults to /usr/people.

     -uuid       UID of the name.  This number must range from 0 to the
                 maximum non-negative value for the system.  It defaults to
                 the next available UID greater than 99.  For an NIS entry,
                 the default is 0.  Without the -o option, it enforces the
                 uniqueness of a UID.

     -o          This option allows a UID to be non-unique.  It is used only
                 with the -u option.

     -ggid       GID of the name.  This number must range from 0 to the
                 maximum non-negative value for the system.  The default is 1
                 for a local entry and 0 for an NIS entry.

     -sshell     Login shell for name.  It should be the full pathname of the
                 program that will be executed when the user logs in.  The
                 maximum length of shell is 255 characters.  The default is
                 for this field to be set to /bin/sh.

     -llogname   This option changes the name to logname.  It also can change
                 a local entry to an NIS entry by

                      passmgmt -m -l +name name

                 or change an NIS entry to a local entry by

                      passmgmt -m -l name +name

                 It is used only with the -m option.

     The total size of each login entry is limited to a maximum of 4095 bytes
     (BUFSIZ-1, defined in /usr/include/stdio.h) in each of the password
     files.

CAVEAT
     The passmgmt -m -u command will erase all usage, limit, privilege, and
     accumulated accounting information of the user whose UID is altered.

FILES
     /etc/passwd
     /etc/shadow
     /etc/opasswd
     /etc/oshadow


SEE ALSO
     passwd(1), ypchpass(1), yppasswd(1), passwd(4), shadow(4).

DIAGNOSTICS
     The passmgmt command exits with one of the following values:

     0    SUCCESS.

     1    Permission denied.

     2    Invalid command syntax.  Usage message of the passmgmt command will
          be displayed.

     3    Invalid argument provided to an option.

     4    UID in use.

     5    Inconsistent password files (e.g., name is in the /etc/passwd file
          and not in the /etc/shadow file, or vice versa).

     6    Unexpected failure.  Password files unchanged.

     7    Unexpected failure.  Password file(s) missing.

     8    Password file(s) busy.  Try again later.  A

     9    name does not exist (if -m or -d is specified), already exists (if
          -a is specified), or logname already exists (if -m -l is specified).

NOTE
     You cannot use a colon or <cr> as part of an argument because it will be
     interpreted as a field separator in the password file.

     If the shadow file is used, the NIS entries get the password from the
     shadow file exclusively and must have an entry for each NIS user name.
     This will not permit the use of the general NIS entry, +::0:0:::, or
     netgroup expansions.

   Trusted IRIX restrictions
     passmgmt should only be executed by root at the label dblow, the same
     label as that on both /etc/passwd and /etc/shadow.


                                                                        Page 3