edauth(8)edauth(8)Nameedauth - edit user auth entry
Syntaxedauth username
Description
The command is an authorization editor. creates a temporary file with
an ASCII representation of the current database entry for the user
specified by username and then invokes an editor on the file. You can
then modify the user's fields. Upon leaving the editor, reads the tem‐
porary file and modifies the binary database to reflect the changes
made. If there are errors in the temporary file will allow the user to
resume editing the file to fix them.
The editor invoked is unless the environment variable EDITOR specifies
otherwise. Here is an example of the temporary file produced by
uid = 268
password = MXP3BnKLEWW960BEJc9DbHb6
passlifemin = 1 hour
passlifemax = 60 days
passmod = 12/20/89 - 10:24:38
authmask = login,change_password,enter_password
fail_count = 0
audit_id = 268
audit_control = or
audit_syscalls = creat,unlink
audit_tevents = login:0:1
Each field of the entry is represented as a keyword followed by an
equals sign. The value part of the field may be an integer, a string,
a time specification, a date, or a comma-separated list of value key‐
words. The effect of the field is described in
The and fields expect integer values.
The field is a string containing the encrypted password. One way of
disabling an account is to set this to a non-empty string less than 24
characters in length such as `nologin'.
The and fields specify the password expiration information. They may
contain an integer specifying seconds, or a combination of scaled val‐
ues. The units recognized for scaling are and Only the first letter of
the unit need be supplied. A of one day, one hour and five minutes
could be specified as any of:
passlifemax = 1 day 1 hour 5 minutes
passlifemax = 25 h 5 m
passlifemax = 90300 seconds
passlifemax = 90300
in addition to other combinations.
The field is a date. It is specified in the same format as the default
output of the ULTRIX command. The time portion is optional and
defaults to the beginning of the day.
The and fields expect a comma-separated list of value tokens. For this
is zero or more of and For the audit information this corresponds to
the name of the audit event. See the manpage for more information on
audit events.
The field may be one of or See the manpage for more information on the
affect of these values.
Restrictions
Only the superuser can edit entries.
Changing the entry will not affect the uid and audit information of
existing login sessions.
If the uid field of the entry is changed the mapping to the file will
be affected. Changes to the passwd file will probably be necessary.
Diagnostics
Various messages about incorrect input. All are self-explanatory.
Files
Contains all authorization information
Maps usernames to UIDs
See Alsoaudcntl(2), auth(5), auditmask(8), getauth(8), vipw(8)
Security Guide for Administrators
edauth(8)