As a system administrator, you need to add and remove
user accounts and groups, manage passwords, and troubleshoot users' problems.
You must be logged in as
root to do this, because other users don't have permission to
modify /etc/passwd, /etc/shadow, and
/etc/group.
CAUTION:
While it's safe at any time to use the
passwd utility
to change the
password of an existing user who already has a password, it isn't necessarily
safe to make any other change to the account database while your system is in
active use. Specifically, the following
operations may cause applications and utilities to operate incorrectly when
handling user-account information:
- adding a user, either by using the passwd utility or by
manually editing /etc/passwd
- putting a password on an account that previously didn't have a password
- editing the /etc/passwd or /etc/group files
If it's likely that
someone might try to use the passwd utility or
update the account database files while you're editing them, lock
the password database by creating the /etc/.pwlock file
before making your changes.
As described below, you should use the passwd utility to change
an account's password.
However, you need to use a text editor to:
- change an existing user's user name, full name, user ID, group ID,
home directory, or login shell
- create a new account that doesn't conform to the passwd
utility's allowed configuration
- remove a user account
- add or remove a group
- change the list of members of a group
Note:
The changes you make manually to the account files aren't checked for
conformance to the rules set in the
passwd configuration file.
For more information, see the description of
/etc/default/passwd in the documentation for
passwd
in the
Utilities Reference.