Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to understand the / etc/passwd file and etc/shadow file in the Linux system, the content of the article is of high quality, so the editor shares it for you to do a reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

The / etc/passwd file and the etc/shadow file are two very important files in Linux systems.

The / etc/passwd file introduces    first, let's look at the contents of the / etc/passwd file through the command line cat / etc/passwd:

Root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6: 12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin: / usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin): / var/lib/ Gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin libuuid:x:100:101::/var/lib/libuuid: syslog:x:101:104::/home/syslog:/bin/false messagebus:x:102:106::/var/run/dbus:/bin/false usbmux:x:103:46:usbmux daemon ,: / home/usbmux:/bin/false dnsmasq:x:104:65534:dnsmasq,:/var/lib/misc:/bin/false avahi-autoipd:x:105:113:Avahi autoip daemon,:/var/lib/avahi-autoipd:/bin/false kernoops:x:106:65534:Kernel Oops Tracking Daemon,:/:/bin/false rtkit:x:107:114:RealtimeKit : / proc:/bin/false saned:x:108:115::/home/saned:/bin/false whoopsie:x:109:116::/nonexistent:/bin/false speech-dispatcher:x:110:29:Speech Dispatcher,:/var/run/speech-dispatcher:/bin/sh avahi:x:111:117:Avahi mDNS daemon : / var/run/avahi-daemon:/bin/false lightdm:x:112:118:Light Display Manager:/var/lib/lightdm:/bin/false colord:x:113:121:colord colour management daemon,:/var/lib/colord:/bin/false hplip:x:114:7:HPLIP system user,:/var/run/hplip:/bin/false pulse:x:115:122:PulseAudio daemon,:/var/run/pulse:/bin/false yaofei:x:1000:1000:ubuntu14.04 : / home/yaofei:/bin/bash sshd:x:116:65534::/var/run/sshd:/usr/sbin/nologin mysql:x:117:125:MySQL Server,:/nonexistent:/bin/false    We can see from the file One row of records in / etc/passwd corresponds to a user, and each row of records is divided into seven fields by a colon (:). The format and meaning are as follows: user name: password: user identification number: group identification number: annotative description: home directory: login Shell

User name (login_name): a string that represents the user's account. It is usually no more than 8 characters long and consists of uppercase and lowercase letters and / or numbers. There cannot be a colon (:) in the login, because the colon is the delimiter here. For compatibility, it is best not to include a dot character (.) in the login name and not to start with a hyphen (-) and a plus sign (+).

Passwd: in some systems, encrypted user passwords are stored. Although this field holds only an encrypted string of user passwords, not clear text, this is still a security concern because the / etc/passwd file is readable to all users. Therefore, many Linux systems (such as SVR4) now use shadow technology to store the real encrypted user password in the / etc/shadow file, while only one special character, such as "x" or "*", is stored in the password field of the / etc/passwd file.

User identification number (UID): an integer that is used internally by the system to identify the user. In general, it corresponds to the user name one by one. If several user names have the same user identification number, they will be treated as the same user internally, but they can have different passwords, different home directories, different login Shell, and so on. The value range is 0-65535. 0 is the identification number of the super user root. 1-99 is reserved by the system. As an administrative account, the identification number of the ordinary user starts from 100. In Linux systems, the limit is 500.

Group identification number (GID): the field records the user group to which the user belongs. It corresponds to a record in the / etc/group file.

Annotative description (users): the field records some personal information of the user, such as the user's real name, phone number, address, etc., and this field has no practical use. The format of this field is not uniform in different Linux systems. In many Linux systems, this field holds an arbitrary annotative description text that is used as the output of the finger command.

Home directory (home_directory): this is the user's starting working directory, which is the directory where the user is located after logging in to the system. In most systems, each user's home directory is organized under the same specific directory, and the name of the user's home directory is the user's login name. Each user has read, write, and execute (search) rights to his home directory, and other users' access to this directory is set on a case-by-case basis.

Login Shell (Shell): after the user logs in, he starts a process responsible for passing the user's actions to the kernel. This process is the command interpreter or a specific program, Shell, that the user runs after logging in to the system. Shell is the interface between the user and the Linux system. There are many kinds of Shell for Linux, each of which has its own characteristics. The commonly used ones are sh (BourneShell), csh (CShell), ksh (KornShell), tcsh (TENEX/TOPS-20typeCShell), bash (BourneAgainShell) and so on. The system administrator can specify a Shell for the user according to the system condition and the user's habit. If Shell is not specified, the system uses sh as the default login Shell, that is, the value of this field is / bin/sh.

The / etc/shadow file introduces that the    / etc/shadow file format is similar to the / etc/passwd file format, but also consists of several fields separated by ":".

   enters sudo cat / etc/shadow on the command line to view the contents of the file:

Root:!:17043:0:99999:7::: daemon:*:16652:0:99999:7::: bin:*:16652:0:99999:7::: sys:*:16652:0:99999:7::: sync:*:16652:0:99999:7::: games:*:16652:0:99999:7::: man:*:16652:0:99999:7::: lp:*:16652:0:99999:7::: mail:*:16652:0: 99999:7::: news:*:16652:0:99999:7::: uucp:*:16652:0:99999:7::: proxy:*:16652:0:99999:7::: www-data:*:16652:0:99999:7::: backup:*:16652:0:99999:7::: list:*:16652:0:99999:7::: irc:*:16652:0:99999:7::: gnats:*:16652:0:99999:7::: Nobody:*:16652:0:99999:7::: libuuid:!:16652:0:99999:7::: syslog:*:16652:0:99999:7::: messagebus:*:16652:0:99999:7::: usbmux:*:16652:0:99999:7::: dnsmasq:*:16652:0:99999:7::: avahi-autoipd:*:16652:0:99999:7::: kernoops:*:16652:0:99999:7::: rtkit:*:16652: 0Rd 99999For saned:*:16652:0:99999:7::: whoopsie:*:16652:0:99999:7::: Speechslay. CherRose: 16652. 0Rd 99999V7. :: yaofei:$1 $5M0Rbozgmeter 1fWsJaQB.TFAL24b96xi41VG 17043VOV99999VOV: sshd:*:17043:0:99999:7::: mysqlVRbozg1fWsJaQB.TFAL24b96xi41WaJaQB.TFAL24b96xi41VERV: sshd:*:17043:0:99999:7::: mysqlRbozg1fWsJaQB.TFAL24b96xi41WaJaQB.TFAL24b96xi41FWsJaQB.

Login name is a user account that matches the login name in the / etc/passwd file

The password field stores the encrypted user password:

If empty, the corresponding user does not have a password and does not need a password to log in

The asterisk indicates that the account is locked.

A double exclamation mark indicates that the password has expired.

Starting with $6, indicating that it is encrypted with SHA-512

$1$ indicates that it is encrypted with MD5

$2$ is encrypted with Blowfish

$5$ is encrypted with SHA-256

"Last modified time" represents the number of days from a certain time to the time when the user last changed the password. The time starting point may be different for different systems. For example, in SCOLinux, the time starting point is January 1, 1970. "minimum time interval" refers to the minimum number of days between password changes.

The "minimum time interval" refers to the minimum number of days between password changes.

The "maximum time interval" refers to the maximum number of days that the password remains valid.

The warning time field represents the number of days between the time the system warns the user and the time the user's password officially expires.

"inactive time" represents the maximum number of days that the user has no login activity but the account can remain valid.

The "expiration time" field gives an absolute number of days, and if this field is used, the lifetime of the corresponding account is given. After the expiration of the period, the account is no longer a legitimate account and can no longer be used to log in.

The / etc/group file introduces the Linux / etc/group file and the / etc/passwd and / etc/shadow files are related to the system administrator's management of users and user groups. The linux / etc/group file is a file about the system administrator's management of users and user groups, and all information about linux user groups is stored in the / etc/group file. A collection of users with some common characteristics is a user group (Group). The user group (Group) configuration files are mainly / etc/group and / etc/gshadow, where / etc/gshadow is the encrypted information file of / etc/group.

Grouping users is a means to manage users and control access rights in Linux system. Each user belongs to a user group; there can be multiple users in a group, or a user can belong to a different group. When a user is a member of multiple groups at the same time, the primary group to which the user belongs is recorded in the / etc/passwd file, that is, the default group to which the user is logged in, while the other groups are called additional groups.

All the information about the user group is stored in the / etc/group file. The format of this file is separated by a colon (:) with several fields as follows:

Group name: password: group identification number: list of users in the group

Group name: the group name is the name of the user group, which is composed of letters or numbers. Like the login in / etc/passwd, the group name should not be duplicated. Password: the password field stores the encrypted password of the user group. In general, user groups in Linux systems do not have a password, that is, this field is usually empty, or x. Group identification number: the group identification number, which is similar to the user identification number, is also an integer and is used to identify the group within the system. Otherwise known as GID.

List of users in a group: a list of all users who belong to this group, separated by commas (,). This user group may be the user's primary group or an additional group.

Examples of use:

[root@localhost test6] # cat / etc/group root:x:0:root,linuxsir bin:x:1:root,bin,daemon daemon:x:2:root,bin,daemon sys:x:3:root,bin We take root ❌ 0cat rootjournal Linuxsir as an example: user group root,x is a password segment, which means no password is set, and GID includes root, linuxsir and other users with a GID of 0 under the 0Lind root user group.

What is Linux system Linux is a free-to-use and free-spread UNIX-like operating system, is a POSIX-based multi-user, multi-task, multi-threaded and multi-CPU operating system, using Linux can run major Unix tools, applications and network protocols.

About the Linux system / etc/passwd file and etc/shadow file how to understand to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.