6057 login(1) "Last login" hostname is too short
Reviewed by: Gary Mills <gary_mills@fastmail.fm>
Reviewed by: Albert Lee <trisk@omniti.com>
Reviewed by: Jason King <jason.brian.king@gmail.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>

   1 SHADOW(4)               File Formats and Configurations              SHADOW(4)
   2 
   3 
   4 
   5 NAME
   6        shadow - shadow password file
   7 
   8 DESCRIPTION
   9        /etc/shadow is an access-restricted ASCII system file that stores
  10        users' encrypted passwords and related information. The shadow file can
  11        be used in conjunction with other shadow sources, including the NIS
  12        maps passwd.byname and passwd.byuid and the NIS+ table passwd.
  13        Programs use the getspnam(3C) routines to access this information.
  14 
  15 
  16        The fields for each user entry are separated by colons. Each user is
  17        separated from the next by a newline. Unlike the /etc/passwd file,
  18        /etc/shadow does not have general read permission.
  19 
  20 
  21        Each entry in the shadow file has the form:
  22 
  23          username:password:lastchg:min:max:warn:inactive:expire:flag
  24 
  25 
  26 
  27        The fields are defined as follows:
  28 
  29        username
  30                    The user's login name (UID).
  31 
  32 
  33        password
  34                    An encrypted password for the user generated by crypt(3C),
  35                    a lock string to indicate that the login is not accessible,
  36                    or no string, which shows that there is no password for the
  37                    login.
  38 
  39                    The lock string is defined as *LK* in the first four
  40                    characters of the password field.
  41 
  42 
  43        lastchg
  44                    The number of days between January 1, 1970, and the date
  45                    that the password was last modified. The lastchg value is a
  46                    decimal number, as interpreted by strtol(3C).
  47 
  48 
  49        min
  50                    The minimum number of days required between password
  51                    changes. This field must be set to 0 or above to enable
  52                    password aging.
  53 
  54 
  55        max
  56                    The maximum number of days the password is valid.
  57 
  58 
  59        warn
  60                    The number of days before password expires that the user is
  61                    warned.
  62 
  63 
  64        inactive
  65                    The number of days of inactivity allowed for that user.
  66                    This is counted on a per-machine basis; the information
  67                    about the last login is taken from the machine's lastlog
  68                    file.
  69 
  70 
  71        expire
  72                    An absolute date expressed as the number of days since the
  73                    Unix Epoch (January 1, 1970). When this number is reached
  74                    the login can no longer be used. For example, an expire
  75                    value of 13514 specifies a login expiration of January 1,
  76                    2007.
  77 
  78 
  79        flag
  80                    Failed login count in low order four bits; remainder
  81                    reserved for future use, set to zero.
  82 
  83 
  84 
  85        A value of -1 for min, max, or warn disables password aging.
  86 
  87 
  88        The encrypted password consists of at most CRYPT_MAXCIPHERTEXTLEN
  89        characters chosen from a 64-character alphabet (., /, 0-9, A-Z, a-z).
  90        Two additional special characters, "$" and ",", can also be used and
  91        are defined in crypt(3C). To update this file, use the passwd(1),
  92        useradd(1M), usermod(1M), or userdel(1M) commands.
  93 
  94 
  95        In order to make system administration manageable, /etc/shadow entries
  96        should appear in exactly the same order as /etc/passwd entries; this
  97        includes ``+'' and ``-'' entries if the compat source is being used
  98        (see nsswitch.conf(4)).
  99 
 100 
 101        Values for the various time-related fields are interpreted as Greenwich
 102        Mean Time.
 103 
 104 FILES
 105        /etc/shadow
 106                              shadow password file
 107 
 108 
 109        /etc/passwd
 110                              password file
 111 
 112 
 113        /etc/nsswitch.conf
 114                              name-service switch configuration file
 115 
 116 
 117        /var/adm/lastlog.v2
 118                              time of last login
 119 
 120 
 121 ATTRIBUTES
 122        See attributes(5) for descriptions of the following attributes:
 123 
 124 
 125 
 126 
 127        +--------------------+-----------------+
 128        |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
 129        +--------------------+-----------------+
 130        |Interface Stability | Stable          |
 131        +--------------------+-----------------+
 132 
 133 SEE ALSO
 134        login(1), passwd(1), useradd(1M), userdel(1M), usermod(1M), strtol(3C),
 135        crypt(3C), crypt_gensalt(3C), getspnam(3C), putspent(3C),
 136        nsswitch.conf(4), passwd(4), attributes(5), pam_unix_account(5),
 137        pam_unix_auth(5)
 138 
 139 NOTES
 140        If password aging is turned on in any name service the passwd: line in
 141        the /etc/nsswitch.conf file must have a format specified in the
 142        nsswitch.conf(4) man page.
 143 
 144 
 145        If the /etc/nsswitch.conf passwd policy is not in one of the supported
 146        formats, logins will not be allowed upon password expiration, because
 147        the software does not know how to handle password updates under these
 148        conditions.  See nsswitch.conf(4) for additional information.
 149 
 150 
 151 
 152                                November 9, 2015                      SHADOW(4)
--- EOF ---