'\"macro stdmacro
.if n .pH g4.shadow @(#)shadow	40.9 of 10/10/89
.\" Copyright 1989 AT&T
.nr X
.if \nX=0 .ds x} shadow 4 "" "\&"
.if \nX=1 .ds x} shadow 4 ""
.if \nX=2 .ds x} shadow 4 "" "\&"
.if \nX=3 .ds x} shadow "" "" "\&"
.TH \*(x}
.SH NAME
\f4shadow\f1 \- shadow password file
.SH DESCRIPTION
\f4/etc/shadow\^\f1
is an access-restricted \s-1ASCII\s0 system file.
The fields for each user entry are separated by colons.
Each user is separated from the next by a new-line.
Unlike the \f4/etc/passwd\f1 file, \f4/etc/shadow\f1 does
not have general read permission.
.PP
Here are the fields in \f4/etc/shadow\fP:
.RS 3
.TP 12
\f2username\f1
The user's login name (\s-1ID\s+1).
.TP
\f2password\f1
A 13-character encrypted password for the user, a \f2lock\f1 string
to indicate that the login is not accessible, or no string to show
that there is no password for the login.
.TP
\f2lastchanged\f1
The number of days between January 1, 1970, and the date that the
password was last modified.
.TP
\f2minimum\f1
The minimum number of days required between password changes.
.TP
\f2maximum\f1
The maximum number of days the password is valid.
.TP
\f2warn\f1
The number of days before password expires that the user is warned.
.TP
\f2inactive\f1
The number of days of inactivity allowed for that user.
.TP
\f2expire\f1
An absolute date specifying when the login may no longer be used.
.TP
\f2flag\f1
Reserved for future use, set to zero.
Currently not used.
.RE
.PP
The encrypted password consists of 13 characters chosen from a 64-character 
alphabet
\f1(\f4.\f1, \f4/\f1,
\f40\-9\f1, \f4A\-Z\f1, \f4a\-z\f1).
.PP
To update this file, use the \f4passwd\f1, \f4useradd\f1,
\f4usermod\f1, or \f4userdel\f1 commands.
.SH FILES
/etc/shadow
.SH "SEE ALSO"
\f4useradd\f1(1M), \f4usermod\f1(1M), \f4userdel\f1(1M),
\f4passwd\f1(4)
.sp .2
\f4putspent\fP(3X), \f4getspent\fP(3X) in the \f2Programmer's Reference Manual\f1
.sp .2
\f4login\f1(1), \f4passwd\f1(1) in the
\f2User's Reference Manual\f1
.Ee

