topic Re: modify password file in Operating System - HP-UX

modify password file

Rushank — Wed, 13 Mar 2002 21:24:16 GMT

I need to change the comment field (desciption field ) in passwd file in trusted environment. OS 10.20 and 11.00

Plan A is to change passwd file by copying passwd as passwd.new and directly modify the field and then copy back as passwd file.
In this scenario
-What happens if users are already logged in..?
-Does it effect /tcb/auth Files ?

Plan B use usermod -c option
in this scenario if user logged in I can not modify any fields.

What would be the best way to do this.??

Re: modify password file

Christopher McCray_1 — Wed, 13 Mar 2002 21:29:54 GMT

Hello,

Try the vipw command.

Hope this helps
Chris

Re: modify password file

Scott Van Kalken — Wed, 13 Mar 2002 21:30:31 GMT

if you edit directly and run an authck -a it should fix errors, but you know, it's a nasty way to do it.

usermod is a better way to do it.

Re: modify password file

steven Burgess_2 — Wed, 13 Mar 2002 22:01:29 GMT

Hi

I'd go with the last comment. At the end of the day all your changing id the comment field

usermod -c

Re: modify password file

Peter Kloetgen — Thu, 14 Mar 2002 07:17:51 GMT

Hi Rushank,

i agree with the others, the better way seems to be to use the command:

usermod -c new_comments username

If you have a lot of users you can easily put this in a script: (if you need different comments you have to take care to get the correct values with variables ... )

for i in $*
do
usermod -c new_comment $i
done

Using vi- editor to do this job is also possible, but allways use the command:

vipw /etc/passwd

This command locks the file while you are editing it. So if any user trys to change his password during your operation he gets a message that the file is locked, and his action is forbidden.

The comment field was used by several services in the past, but in these days it is not that important as it was, so: NO, doesn't effect users.

The shadow- password files are a security feature. Users who login are checked from system if username and password are correct. Without shadow- files, /etc/passwd is read to confirm the username and password. With shadow- files this information is read out of shadow files. ( These are only readable for root, but not for the users... ) So: No, doesn't take effect on the shadow- files either.

Allways stay on the bright side of life!

Peter

Re: modify password file

K.Vijayaragavan. — Thu, 14 Mar 2002 09:09:50 GMT

Hi
Since itis just a comment field change.

I have done this for root in a trusted system in all the methods mentioned in your note

I could do it without any issue.

/tcb/auth file is not affected.

-Vijay