HP-UX Reference (11i v1 05/09) - 1M System Administration Commands N-Z (vol 4)
p
pwconv(1M) pwconv(1M)
NAME
pwconv - install, update, or check the /etc/shadow file
SYNOPSIS
/usr/sbin/pwconv
[-t][-v]
DESCRIPTION
This description of the
pwconv command applies only to standard systems on which the
ShadowPass -
word
bundle has been installed; however, see the "Notes" section for a case where
pwconv can be used on
trusted systems.
The
pwconv command installs or appends /etc/shadow with information from
/etc/passwd ,or
checks for any discrepancies between the contents of the two files.
The
pwconv command without options does the following:
1. Creates the file
/etc/shadow if it does not exist; otherwise, it removes all entries for user-
names which are not present in
/etc/passwd
.
2. For each entry in
/etc/passwd , move the encrypted password and aging information to
/etc/shadow . Entries in /etc/passwd which have no encrypted password or aging infor-
mation will not overwrite information in /etc/shadow .
3. Writes an "x" in each password field of the
/etc/passwd file, to indicate that the password and
aging information reside in the
/etc/shadow file.
The pwconv command relies on a special value of "x" in the password field of
/etc/passwd . A value
different from "x" will prompt
pwconv to move the password and aging information into the corresponding
fields of /etc/shadow , and then replace the password field in /etc/passwd with an "x".
If no aging information exists in
/etc/passwd for a user, none will be added to /etc/shadow
; how-
ever, the
last change field, which indicates when the password was last modified, will always be
updated (default is current date). See shadow(4).
Options
The following options are recognized:
-v Verbose. Performs as
pwconv but also prints error information to stdout.
-t Test. Performs as
pwconv -v but makes no changes to /etc/passwd and /etc/shadow .
Notes
The
pwconv command can only be used by the superuser.
HP recommends running pwck before pwconv. See pwck(1M).
A system which has been converted to a trusted system has no /etc/shadow file. In this case,
pwconv
can be used with no options to update the secure password facility to reflect any changes made in the
/etc/passwd file.
RETURN VALUE
pwconv exits with one of the following values:
0 Successful completion.
1 Conversion error occurred.
FILES
/etc/passwd system password file
/etc/shadow shadow password file
/tcb/files/auth/*/* secure password facility
SEE ALSO
pwck(1M), pwunconv(1M), passwd(4), shadow(4)
Section 1M−−706 Hewlett-Packard Company − 1 − HP-UX 11i Version 1: September 2005