- Understanding the /etc/passwd File
- What Is /etc/passwd File?
- /etc/passwd File Example
- How to Read /etc/passwd File?
- Method 1: cat Command
- Method 2: less command
- Method 3: head Command
- Method 4: tail command
- Method 5: Text Editor
- How to Check /etc/passwd File Permissions
- How to Edit /etc/passwd File?
- Method 1: vipw command
- Method 2: usermod command
- Method 3: Text Editor
- What Is /etc/shadow File?
- What Is the /etc/passwd File and What Is It Used For?
- What Is /etc/passwd?
- Viewing the /etc/passwd File
- The /etc/passwd Fields Explained
- 1. Username
- 2. Password
- 3. User ID
- 4. Group ID
- 5. GECOS
- 6. Home Directory
Understanding the /etc/passwd File
The /etc/passwd file stores user account information important for the login process in Unix-like operating systems. Therefore, understanding the /etc/passwd structure and contents is crucial for system administrators and other users.
In this article, you will learn about the /etc/passwd file, how to read its contents, check file permissions, and make necessary edits.
What Is /etc/passwd File?
Various authentication methods are available for Linux systems, but the standard one is authentication against the /etc/passwd and /etc/shadow files.
The/etc/passwd file is a plain text file with information for all user accounts. It includes a list of user accounts on the system, as well as details such as user ID, group ID, home directory, and default shell.
The root user owns the file, and only the root user or users with sudo privileges are able to modify the file. However, all system users have read access.
/etc/passwd File Example
The /etc/passwd file has one entry per line for each user on the system. The following example entry in the /etc/passwd file demonstrates the structure:
sara:x:1000:1000:Sara Z:/home/sara:/bin/bash
Each line consists of several fields separated by colons (:). In the example, the fields are:
- The username (sara). A unique string with a maximum length of 32 characters.
- x. The encrypted password stored in the /etc/shadow file.
- UID (1000). The user ID (UID) is a unique number assigned to each user by the operating system.
- GID (1000). The Group ID (GID) refers to the user’s primary group. The primary group has the same name as the user. Secondary groups are listed in the /etc/groups file.
- GECOS (Sara Z). Represents the User ID Info (GECOS), the comment field containing additional information about the user. For example, the user’s full name, phone number, and other contact details.
- The home directory (/home/sara). The absolute path to the directory where users are placed when they log in. It contains the user’s files and configurations.
- The default shell (bin/bash). The user’s default shell that starts when the user logs into the system.
How to Read /etc/passwd File?
The /etc/passwd file has read permissions, and anyone can view its contents without additional privileges. There are several ways to read the file.
Method 1: cat Command
Use cat to print the entire file content in the terminal.
The first line represents the root user, followed by system and standard user accounts. New entries are appended at the end.
Method 2: less command
Another command that displays the file is less. Unlike cat , the less command shows the file one page at a time, making it easier to navigate through large files.
To view the file with less , execute:
Press the Spacebar to scroll down or the q key to exit the viewer.
Method 3: head Command
The head command, by default, displays the first ten lines. Run the following command to read the file:
To print a different number of lines, specify the count using the -n option.
For example, to print the first fifteen lines of /etc/passwd, run:
Method 4: tail command
Run tail without any arguments to print the last ten lines:
However, to set a different number of lines, run tail with the -n option. For instance, print the last fifteen lines with:
Method 5: Text Editor
Another option is to open the /etc/passwd file in a text editor of choice. For instance, to open the file in Vim, run:
Use the commands provided by the text editor to navigate, view, and exit the file.
Note: If you don’t have a text editor installed, check out our list of best Linux text editors for coding.
How to Check /etc/passwd File Permissions
File permissions are essential for maintaining the security and integrity of system files.
The /etc/passwd file is owned by root and has permissions set to 644. These permissions signify the owner (root) has read and write access, while the group and other users have read-only access.
To verify the /etc/passwd file permissions, run the ls command with the -l option:
The output provides the file’s owner, group, size, and permissions. To see additional file details, run the stat command:
How to Edit /etc/passwd File?
Editing the /etc/passwd file requires root access or sudo privileges. Any incorrect modification of /etc/passwd often leads to login issues or security vulnerabilities.
Several methods exist for editing the file.
Method 1: vipw command
The vipw command is a safe way to edit the /etc/passwd file by locking it against simultaneous modifications. The command opens the /etc/passwd file in the system editor and locks the file, which prevents other users and processes from making any changes.
Execute the following command:
To test if the tool works, open another terminal window and try to change a user’s password. For instance, the example below uses passwd to change the password for the user sara:
The terminal doesn’t print the confirmation of password change, and the password won’t get updated until you exit vipw .
Use the appropriate keys to exit the editor running vipw . For Vim, type wq and hit Enter.
Next, return to the other terminal window:
The output now shows that the password is updated.
Method 2: usermod command
The usermod command allows users to modify various account attributes. Depending on the changes to be made, use different arguments with usermod :
Option | Description |
---|---|
-c | Add info to the user. |
-s | Change the default shell. |
-d | Change the home directory. |
-e | Change account expiration date. |
-u | Change user ID. |
-l | Change username. |
For example, change the user’s name with:
sudo usermod -c "Sara ZV" sara
Verify the change was successful using the commands for viewing the /etc/passwd file. For instance:
Method 3: Text Editor
Another option is to open the /etc/passwd file in a text editor like Vim. However, using a text editor to modify the file does not protect against simultaneous user changes.
For example, the root user is editing the /etc/passwd file in Vim. If another user tries to change the password, the initial change may not be successful. Moreover, users sometimes encounter login issues if the modification fails to update the password in /etc/passwd.
However, caution and confirmation of a single user modifying the file allow for successful editing using a text editor. For instance, open the file in Vim with:
Using sudo when accessing a text editor allows users to edit the file. The example above shows Vim in the insert mode, and changes are being made with the user’s name.
Note: If Vim is your preferred text editor, level up your knowledge with our Vim commands cheat sheet.
What Is /etc/shadow File?
The /etc/shadow file is a companion file to /etc/passwd, designed to store encrypted user passwords.
The file follows a specific format for each entry. Each line represents a user account and consists of several fields separated by colons (:).
- The username.
- Encrypted password.
- Password aging info (such as password expiration and change history).
- Account locking status.
However, unlike the /etc/passwd file, the /etc/shadow file is readable only by privileged users.
To read the /etc/shadow file, use the same commands used for reading the /etc/passwd file ( cat , less , head , tail ) but with sudo.
After reading the article, you now understand the /etc/passwd file. Choose your preferred tool for reading and editing the file to make the necessary changes.
Sara Zivanov is a technical writer at phoenixNAP who is passionate about making high-tech concepts accessible to everyone. Her experience as a content writer and her background in Engineering and Project Management allows her to streamline complex processes and make them user-friendly through her content.
The chpasswd command in Linux is a useful tool for batch-updating passwords. This article provides examples and explanations of how to use chpasswd for optimal security.
Maximize your data security with our comprehensive list of 40 Linux security tips and best practices. Despite the inherent security advantages of Linux, remember that no operating system is foolproof. Implement these.
Are you looking to change the root password in Ubuntu? Changing passwords is a good practice and should be done periodically. Linux allows multiple user accounts, each having its own.
In Linux, root privileges (or root access) refers to a user account that has full access to all files, applications, and system functions. Most basic Linux user accounts run with limited privileges.
What Is the /etc/passwd File and What Is It Used For?
You might have heard of the /etc/passwd file in Linux before. But do you know what’s the use of this passwd file?
Readers like you help support MUO. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.
Linux is a multiuser operating system. And to facilitate proper user management, the system stores the user information in the /etc/passwd file.
This guide will help you understand what the passwd file is and the important role it plays when it comes to user management in Linux.
What Is /etc/passwd?
The passwd file in Linux is a configuration file that contains user details. An important characteristic of the passwd file is that it is an ASCII text file that users can edit easily using any text editor such as nano and vim.
Although you can add and manage users directly using the passwd file, it is not advisable because this action is prone to typos and errors. You should instead use the various user management commands such as useradd for adding users to your system.
Viewing the /etc/passwd File
To view the content of the passwd file, you can use any text editor or a file viewing command tool. In this guide, we will be using cat.
The output should be similar to the one below.
Each line actually represents one user on your system, so do not be surprised that you have so many users listed. Most of them are system users that control specific applications on your Linux machine. For example, the user mail is responsible for the Mail application.
The /etc/passwd Fields Explained
From the output above, it is very clear that the /etc/passwd file follows a very specific pattern.
Each user line is further subdivided into seven sections or fields separated by the colon character (:) as below.
1. Username
The first field in a line represents the username or login name of the user. In the example above, the username is john.
2. Password
The second field shows the user’s encrypted password. For security purposes, the passwords are kept in a separate file that is not readable to regular users. The /etc/shadow file stores user passwords in Linux.
Normally, the password field contains an x to show that the shadow file is storing the password securely. If the field is blank then the user does not need a password to log in. To maintain the overall system security, every user on your system should have a password. You can use the passwd command to change or manage user passwords in Linux.
3. User ID
The user ID field, commonly known as UID, is a number used by the Linux system to identify users. Most systems users have a user ID less than the number 1000 whereas regular users have IDs ranging from 1000 upwards. The root (administrative) user usually has the ID 0.
4. Group ID
The fourth field is for the group ID (commonly known as GID). As the user ID, the GID is also a number. The group ID determines the primary group of a user. In addition, GIDs categorize all users in specific sets for easier administration. A user can belong to more than one group in Linux. To find out more about which groups a user belongs to you can look at the /etc/group file.
5. GECOS
The next field is the GECOS field. It usually contains a user’s full name and additional details such as the phone number or room numbers, which are comma-separated. This field is optional and can therefore be blank.
6. Home Directory
This field contains the /home directory associated with the user. This is the primary directory that stores main user files and directories such as /Desktop and /Pictures. In this example, the user’s home directory is at /home/john.