1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
.\" Copyright (c) 1990, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the University of
.\" California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)passwd.1 8.1 (Berkeley) 6/6/93
.\"
.Dd August 18, 2008
.Dt PASSWD 1
.Os "Mac OS X"
.Sh NAME
.Nm passwd
.Nd modify a user's password
.Sh SYNOPSIS
.Nm passwd
.Op Fl i Ar infosystem Op Fl l Ar location
.Op Fl u Ar authname
.Op Ar user
.Sh DESCRIPTION
The
.Nm
utility changes the user's password.
If the user is not the super-user,
.Nm
first prompts for the current password and will not continue unless the correct
password is entered.
.Pp
When entering the new password, the characters entered do not echo, in order to
avoid the password being seen by a passer-by.
The
.Nm
utility prompts for the new password twice in order to detect typing errors.
.Pp
The new password should be at least six characters long
and not purely alphabetic.
Its total length should be less than
.Dv _PASSWORD_LEN
(currently 128 characters),
although some directory systems allow longer passwords.
Numbers, upper
case letters, and meta characters are encouraged.
.Pp
Once the password has been verified,
.Nm
communicates the new password to the directory system.
.Bl -tag -width flag
.It Fl i Ar infosystem
This option specifies where the password update should be applied.
Under Mac OS X 10.5 and later, supported directory systems are:
.Bl -tag -width flag
.It Ar PAM
(default) Pluggable Authentication Modules.
.It Ar opendirectory
A system conforming to Open Directory APIs and supporting updates
(including LDAP, etc).
If no -l option is specified, the search node is used.
.It Ar file
The local flat-files (included for legacy configurations).
.It Ar nis
A remote NIS server containing the user's password.
.El
.It Fl l Ar location
This option causes the password to be updated in the given location
of the chosen directory system.
.Bl -tag -width flag
.It for file,
location may be a file name (/etc/master.passwd is the default)
.It for nis,
location may be a NIS domainname
.It for opendirectory,
location may be a directory node name
.It for PAM,
location is not used
.El
.It Fl u Ar authname
This option specifies the user name to use when authenticating to
the directory node.
.It Ar user
This optional argument specifies the user account whose password will be
changed. This account's current password may be required, even when run as the
super-user, depending on the directory system.
.El
.Sh FILES
.Bl -tag -width /etc/master.passwd -compact
.It Pa /etc/master.passwd
The user database
.It Pa /etc/passwd
A Version 7 format password file
.It Pa /etc/passwd.XXXXXX
Temporary copy of the password file
.El
.Sh SEE ALSO
.Xr chpass 1 ,
.Xr login 1 ,
.Xr dscl 1 ,
.Xr passwd 5 ,
.Xr pwd_mkdb 8 ,
.Xr vipw 8
.Rs
.%A Robert Morris
.%A Ken Thompson
.%T "UNIX password security"
.Re
.Sh HISTORY
A
.Nm passwd
command appeared in
.At v6 .
|
