HP-UX Reference (11i v2 03/08) - 1 User Commands N-Z (vol 2)
p
passwd(1) passwd(1)
-g Change the gecos information in the password file, which is used by the
finger com-
mand. The user is prompted for each subfield: name, location, work phone, and home
phone.
-r repository Specify the repository to which the operation is to be applied. Supported repositories
include files, nis, nisplus, and
dce. If repository is not specified, the default is
files.
-s name Display some password attributes associated with the specified name. Superuser
privilege and non-trusted mode is required if the
files repository is specified. For
nisplus, there are no restrictions.
The format of the display will be:
name status mm/dd/yy min max warn
or, if password aging information is not present
name status
where status means: PS =passworded; LK =locked
; and NP =no password.
-a Display some password attributes for all users in the password file. The
-a option must
be used in conjunction with the
-s
option, with no name specified. For nisplus, this
will display entries in the NIS+
passwd table in the local domain. For files, this is
restricted to superuser, and is only valid in non-trusted mode. For a more complete
display of attributes use the command logins -x .
Privileged User Options
A superuser can modify characteristics associated with the user name using the following options:
-d Allow user to login without a password by deleting it. In untrusted mode this
unlocks/activates the user account if found locked/deactivated.
-f Force user to change password upon next login by expiring the current password.
-h Modify the default home directory in the password file.
-l Lock user account. In untrusted mode this replaces the encrypted password with *.
-n min Determine the minimum number of days, min, that must transpire before the user can
change the password. If the -f option was used in a previous invocation of passwd to
immediately expire a password, the effect of the -f option is cancelled. The effect of the
-f option is not cancelled if the -x option and -f option are specified on the same com-
mand line or if the system has been converted to a trusted system.
-w warn Specify the number of days, warn, prior to the password expiring when the user will be
notified that the password needs to be changed. This option is not allowed for systems in
non-shadowed standard mode.
-x max Determine the maximum number of days, max, a password can remain unchanged. The
user must enter another password after that number of days has transpired, known as
the password expiration time. If the -f option was used in a previous invocation of
passwd to immediately expire a password, the effect of the -f option is cancelled, and
the password will not expire until max days. The effect of the -f option is not cancelled
if the -x option and the -f option are specified on the same command line or if the sys-
tem has been converted to a trusted system.
The min and max arguments are each represented in units of days. These arguments will be rounded up
to the nearest week on a nontrusted HP-UX system. If the system is then converted to a trusted system,
the number of days will be based on those weeks. If only one of the two arguments is supplied, and the
other argument does not exist, then the number of days is set to zero.
Password Aging
The following description applies to all repositories except nis, which does not support password aging.
The system requires a minimum time to elapse before a password can be changed. This prevents reuse of
an old password within too brief a period of time. System warnings are displayed as the expiration time
approaches.
A password is no longer usable after a time period known as the password lifetime . After the lifetime
passes, the account is locked until it is re-enabled by a system administrator. Once unlocked, the user is
Section 1−−666 Hewlett-Packard Company − 2 − HP-UX 11i Version 2: August 2003