- Etc passwd file in linux
- NAME
- DESCRIPTION
- FILES
- SEE ALSO
- Introduction
- What is /etc/passwd file?
- How can I view that file?
- Can I modify that file?
- Understanding /etc/passwd file format
- 1) Username :
- 2) Password :
- 3) User ID (UID):
- 4) Group ID(GID):
- 5) GECOS :
- 6) Home directory :
- 7) Login Shell :
- /etc/passwd File Explained
- What is passwd file in Linux
- Fields of /etc/passwd file
- Permissions of the passwd file
- Reading the passwd file
- Editing the /etc/passwd file
- Commands that manipulate the /etc/passwd file
- Conclusion
Etc passwd file in linux
NAME
passwd - the password file
DESCRIPTION
/etc/passwd contains one line for each user account, with seven fields delimited by colons (“:”). These fields are: • login name • optional encrypted password • numerical user ID • numerical group ID • user name or comment field • user home directory • optional user command interpreter If the password field is a lower-case “x”, then the encrypted password is actually stored in the shadow(5) file instead; there must be a corresponding line in the /etc/shadow file, or else the user account is invalid. The encrypted password field may be empty, in which case no password is required to authenticate as the specified login name. However, some applications which read the /etc/passwd file may decide not to permit any access at all if the password field is blank. A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked. Refer to crypt(3) for details on how this string is interpreted. If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means). The comment field is used by various system utilities, such as finger(1). The home directory field provides the name of the initial working directory. The login program uses this information to set the value of the $HOME environmental variable. The command interpreter field provides the name of the user's command language interpreter, or the name of the initial program to execute. The login program uses this information to set the value of the $SHELL environmental variable. If this field is empty, it defaults to the value /bin/sh.
FILES
/etc/passwd User account information. /etc/shadow optional encrypted password file /etc/passwd- Backup file for /etc/passwd. Note that this file is used by the tools of the shadow toolsuite, but not by all user and password management tools.
SEE ALSO
crypt(3), getent(1), getpwnam(3), login(1), passwd(1), pwck(8), pwconv(8), pwunconv(8), shadow(5), su(1), sulogin(8).
© 2019 Canonical Ltd. Ubuntu and Canonical are registered trademarks of Canonical Ltd.
Introduction
Linux is truly fascinating. In this blog, we’ll understand about a special file in linux.
Let’s dive straight into it.
What is /etc/passwd file?
/etc/passwd is a configuration file which stores user account information. It is a plain text-based file containing information like username, user ID and group ID.
This file is owned by root and has rw-r—r— permissions(octal 644). Thus, the file can be read by any user but only root user or user with sudo privileges can write to the file.
How can I view that file?
To view the contents of the file, open the terminal and type in:
The output of this command should be similar to the one shown below.
daniel@DVM:~$ cat /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin systemd-network:x:100:102:systemd Network Management. /run/systemd:/usr/sbin/nologin systemd-resolve:x:101:103:systemd Resolver. /run/systemd:/usr/sbin/nologin systemd-timesync:x:102:104:systemd Time Synchronization. /run/systemd:/usr/sbin/nologin messagebus:x:103:106::/nonexistent:/usr/sbin/nologin syslog:x:104:110::/home/syslog:/usr/sbin/nologin _apt:x:105:65534::/nonexistent:/usr/sbin/nologin tss:x:106:111:TPM software stack. /var/lib/tpm:/bin/false uuidd:x:107:112::/run/uuidd:/usr/sbin/nologin tcpdump:x:108:113::/nonexistent:/usr/sbin/nologin sshd:x:109:65534::/run/sshd:/usr/sbin/nologin landscape:x:110:115::/var/lib/landscape:/usr/sbin/nologin pollinate:x:111:1::/var/cache/pollinate:/bin/false daniel:x:1000:1000:Daniel Tanzer. /home/daniel:/bin/bash
Can I modify that file?
Yes, you can modify the file contents using any text editor like vim, nano or emacs but it’s considered to be a bad idea unless you know what you are doing.
You must always use dedicated commands to modify the file. Let’s say for an example, you want to add a new user to the system. For doing so, you must use adduser or useradd command instead of manually editing the /etc/passwd file using a text editor.
Understanding /etc/passwd file format
/etc/passwd file contains many lines, one for each user. The first line contains information about root user followed by system user accounts and normal user accounts.
It has 7 fields separated by colon(:).
1) Username :
This is the first field in a line which represents the login name of the user. It has a length ranging from 1 to 32 characters.
2) Password :
This is the second field in a line. In older linux systems, user’s encrypted password was stored here. Now in the modern systems, this field is replaced by a character x and the encrypted password is stored in a file called /etc/shadow .
If the field is blank, we do not need a password to login to the system.
To change the password of any user, use passwd command which stores the password in encrypted form in /etc/shadow .
3) User ID (UID):
This is the third field in a line. It contains a unique identifier of a user which is used by an operating system to refer to a user.
UID 0 is reserved for root user.
UID 1-99 is reserved for other predefined accounts.
UID 100-999 is reserved for system accounts.
UID above 999 are for normal user accounts.
4) Group ID(GID):
This is the fourth field in a line. It determines the primary group of the user. Users can belong to more than one group in linux. To get a full list of groups a user belongs to, type in the command:
The first group in the output is the primary group and the rest are secondary groups .
5) GECOS :
This is the fifth field in a line. It contains comma-separated information about the user including:
6) Home directory :
This is the sixth field in a line which contains the path to the user’s home directory. By default, this path is under /home directory and is named after the user. For example, for a user having a username daniel , his home directory would be /home/daniel .
7) Login Shell :
This is the seventh and the last field in the line. It contains path to the user’s default login shell. For most of the distributions, it is bash having the path /bin/bash .
It is not necessary to for it to be a shell. For example, system administrators can use nologin shell having path /sbin/nologin . So, if a user tries to login to an account with nologin shell, the nologin shell closes the connection.
This is it for the blog. I hope you understood the format of the file /etc/passwd .
/etc/passwd File Explained
In this tutorial, we’ll be understanding /etc/passwd file in Linux operating system and its format. It is one of the principal files in Linux that stores information about the user accounts in the system.
What is passwd file in Linux
The passwd file is an important plaintext file in Linux that holds necessary information about all the users in the system. The file contains system users which are required for specific applications and the normal users. It is located inside the /etc directory and its full pathname is /etc/passwd .
The file contains one record per line and each represents a user account. Each record contains seven fields and is separated by colons.
The /etc/passwd is called password file but the user’s password is stored encrypted in /etc/shadow file.
Fields of /etc/passwd file
Each entry in /etc/passwd file is defined by seven fields and separated by a colon (:) delimiter.
Passwd file fields explained:
- Username: The first field in the line represents the unique username or login name used by users for logging into the system. It must be unique for every user. It can have a maximum length of 32 characters.
- Password: The second field shows the users encrypted password. The x signifies that the corresponding user’s encrypted passwords are stored in the /etc/shadow file.
- UID (User ID): Third field stores the user identifier or the User ID for the user accounts, a unique number assigned to each user by the system for identification. The User ID is a 32 bits integer. The UID 0 is reserved for root, UID 1-99 are reserved for predefined accounts and UID 100-999 are reserved for administrative and system accounts.
- GID (Group ID): The fourth field stores the Group Identifier, a 32 bits integer number assigned to the user’s primary group or the default group the user belongs to. In most cases, it is the same as the UID. Information about the groups in the Linux system is stored in a separate file /etc/group.
- GECOS: Fifth is the comment field which stores additional information related to the users such as full name, building number, room number, telephone number, etc in comma separated values.
- Home directory: Sixth field stores the absolute path of the user’s home directory . It stores user-specific configurations and files. By default, the user’s home directory has the same name as the user and is under the /home directory. Also, different users have their separate home directories fitting in the multi-user philosophy of Linux.
- Login shell: The last field in the line represents the absolute path of the user’s default shell. It is the shell that is initiated when the user logs in. By default, it is Bash on most Linux distros. If a shell is not required for a user, it can be set to blank. There are special accounts , especially the service accounts, that do not require shell access at all. In that case, a fake shell such as /bin/false is assigned to them or the field is left blank.
Permissions of the passwd file
To view the permissions of the passwd file, type:
By default /etc/passwd has 644 permission and the file is owned by root user. The file is readable to all users of the system but editable only by someone who has root access or a sudo user.
To view detailed information about /etc/passwd file such as size, access permissions use stat command:
Reading the passwd file
To read the contents of /etc/passwd file by simply running the cat command:
The first line of the /etc/passwd file contains the record for the root user and the subsequent lines contain the other user accounts.
For easy easy navigation, pipe the output of passwd file using less command:
You may also use grep command to filter the specific user accounts.
grep linuxopsys /etc/passwd
To make the entries of the passwd file more readable, we parse using awk command:
The same way to view a specifier user record, type:
user="werewolf";grep $user /etc/passwd | awk -F: ''
Editing the /etc/passwd file
You require root or sudo access to edit the passwd file. Use your favorite editor such as vi or nano to edit the /etc/passwd file.
To edit the /etc/passwd file using vi, type:
For safety purposes, it’s better to avoid direct editing of the /etc/passwd file. You can use the command vipw which prevents file corruption by setting proper locks. It even gives us the option to choose a preferred editor.
To edit the /etc/passwd file using vipw , type:
Commands that manipulate the /etc/passwd file
The following commands manipulate the /etc/passwd file:
- passwd command — change the password for a user account.
- useradd command — add/update new user account.
- usermod command — modify user account.
- userdel command — delete user account.
- chfn command — change finger information of user account.
- chsh command — change default login shell of user account.
- chpasswd command — update user passwords in batch mode.
- su command — switch user.
- login command — initiate a new session.
- sulogin command — perform single-user login.
- getent command — get entries from Name Service Switch Libraries.
- pwck command — perform integrity check of password files.
- pwunconv command — convert to and from shadow passwords and groups.
Conclusion
In this tutorial, we learned about the file structure of /etc/passwd and its format in detail. We learned this is a very important file in Linux and should be very careful when editing it.
If this resource helped you, let us know your care by a Thanks Tweet. Tweet a thanks