Home > Articles

  • Print
  • + Share This
This chapter is from the book

Administrative System Files

Three administrative system files are used to define and manage user and group accounts:

  • /etc/passwd

  • /etc/shadow

  • /etc/group

/etc/passwd

The /etc/passwd file is an ASCII file that is used to define user accounts on the local system. Each line represents a user account and consists of seven colon-delimited fields. Table 3.5 lists the fields of an entry in the /etc/passwd file.

Table 3.5 /etc/passwd Fields

Field

Purpose

user name

The unique name assigned to the user account.

password

In earlier versions of Unix, the password field contained the encrypted account password. For security reasons, the passwords have been moved to the /etc/shadow file. The letter "x" is typically placed in this field to indicate that the password is in /etc/shadow.

UID

A unique numeric identification assigned to the user account. Any processes or files created by the user account will be owned by this UID. The system administrator account, root, is assigned the UID of 0. This is the UID of a superuser account. System maintenance accounts are usually assigned a UID of less than 100, whereas user accounts typically start at 1001.

GID

The numeric identification of the default group that the user account has been assigned to as a member. Groups are defined in the /etc/group file.

comment field

Information about the owner of the user account, such as real name, phone number, mailing address, and so on. An ampersand in this field is interpreted as the contents of the username field.

home directory

The full path to the directory where the user is initially located after logging in.

login shell

The full pathname of the initial shell used as a command inter-preter. If left empty, the default is /usr/bin/sh.


The following listing shows the default contents of a Solaris 9 /etc/password file:

root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:Nobody:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x Nobody:/:

/etc/shadow

The /etc/shadow file is an ASCII file that is used to store passwords for local user accounts along with any password restrictions or aging. Access is restricted to superusers to protect the passwords. Each line represents the password of a user account and consists of nine colon-delimited fields. Table 3.6 lists the fields of an entry in the /etc/shadow file.

The /etc/shadow file should always be protected from unauthorized access or copying because it contains all user passwords for the system. Although the passwords are stored in encrypted form, it is still possible to find passwords using specialized software.

Table 3.6 /etc/shadow Fields

Field

Purpose

User account

Used to relate the /etc/shadow entry to a user account defined in the /etc/passwd file.

password

A 13-character encrypted password for the associated user account. If the field contains NP, this account is used only to own processes or files (setuid) and cannot be used to log in to the system. If the field contains *LK*, the account is locked and cannot be used to access the system. If the field is empty, no password exists, and the user is forced to enter a password the first time the account is used.

last changed

The number of days between January 1, 1970, and the last date the password was changed.

minimum

The minimum number of days required to pass before the user is allowed to change the password again.

maximum

The maximum number of days the password is valid.

warning

The number of days the user is warned before the password expires.

inactivity

The number of days account can be inactive before the password must be changed.

expiration

The number of days between January 1, 1970, and the date on which the account expires.

flag

Reserved for future use.


The following listing shows the guest entry from a Solaris 9 /etc/shadow file that uses all the fields except flag:

guest:on7GbE18yYAek:10688:5:30:5:20:10844:

/etc/group

The /etc/group file is an ASCII file that is used to store information about groups on the local system. Each line represents a group and consists of four colon-delimited fields. Table 3.7 lists the fields of an entry in the /etc/group file.

Table 3.7 /etc/group Fields

Field

Purpose

group name

The unique name of the group.

password

The password associated with the group. If a password is present, the newgrp(1) command prompts users to enter it.

GID

The unique numeric group identification.

users

A comma-separated list of user accounts that belong to the group.


The following listing shows the default contents of a Solaris 9 /etc/group file:

root::0:root
other::1:
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
uucp::5:root,uucp
mail::6:root
tty::7:root,adm
lp::8:root,lp,adm
nuucp::9:root,nuucp
staff::10:
daemon::12:root,daemon
sysadmin::14:
smmsp::25:smmsp
nobody::60001:
noaccess::60002:
nogroup::65534:
  • + Share This
  • 🔖 Save To Your Account