FreeBSD Manual Pages
PASSWD.ADJUNCT(5) File Formats Manual PASSWD.ADJUNCT(5) NAME passwd.adjunct - user security data file SYNOPSIS /etc/security/passwd.adjunct DESCRIPTION The passwd.adjunct file contains the following information for each user: name:password:min-label:max-label:default-label:always-audit- flags:never-audit-flags: name The user's login name in the system and it must be unique. password The encrypted password. min-label The lowest security level at which this user is al- lowed to login (not used at C2 level). max-label The highest security level at which this user is allowed to login (not used at C2 level). default-label The security level at which this user will run un- less a label is specified at login. always-audit-flags Flags specifying events always to be audited for this user's processes; see audit_control(5). never-audit-flags Flags specifying events never to be audited for this user's processes; see audit_control(5). Field are separated by a colon, and each user from the next by a NEW- LINE. The passwd.adjunct file can also have line beginning with a `+' (plus sign), which means to incorporate entries from the Network Information Service (NIS). There are three styles of `+' entries: all by itself, `+' means to insert the entire contents of the NIS passwd.adjunct file at that point; +name means to insert the entry (if any) for name from the NIS service at that point; +@name means to insert the entries for all members of the network group name at that point. If a `+' entry has a non-null password, it will override what is contained in the NIS service. EXAMPLE Here is a sample /etc/security/passwd.adjunct file: root:q.mJzTnu8icF.:::::: ignatz:7KsI8CFRPNVXg::b,ap,bp,gp,dp,ic,r,d,l::+dc,+da:-dr: rex:7HU8UUGRPNVXg:b,ap:b,ap,bp:b,bp::+ad: +fred:9x.FFUw6xcJBa:::::: +: The user root is the super-user, who has no special label constraints nor audit interest. The user ignatz may have any label from the lowest to the level b and any of a large number of categories. ignatz will run at system low unless he specifies otherwise. He is being audited on the system default event classes as well as data creations and ac- cess changes, but never for failed data reads. The user rex can func- tion only at the level b and only in the categories ap or ap and bp. By default, he will run at `b,bp'. He is audited with the system de- faults, except that successful administrative operations are not au- dited. The user fred will have the labels and audit flags that are specified in the NIS passwd.adjunct file. Any other users specified in the NIS service will be able to log in on this system. The user security data file resides in the /etc/security directory. Because it contains encrypted passwords, it does not have general read permission. FILES /etc/security/passwd.adjunct /etc/security SEE ALSO login(1), passwd(1), crypt(3), getpwaent(3), getpwent(3V), audit_con- trol(5), passwd(5), adduser(8) NOTES The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed. 14 December 1987 PASSWD.ADJUNCT(5)
NAME | SYNOPSIS | DESCRIPTION | EXAMPLE | FILES | SEE ALSO | NOTES
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=passwd.adjunct&sektion=5&manpath=SunOS+4.1.3>