The password file

A while back I talked about how users have ids and how we can find out what they are using a command.  Remember, Linux loves files, so this information must be kept in a file somewhere.  It’s called the password file.  It should be called the ‘here are the users’ file, but it’s the password file.

You can actually look at this file.

Alpha:~ computerlamp$ more /etc/passwd

Here’s an example of what that can look like:

root:x:0:0:root:/root:/bin/tcsh
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:

There’s 7 different parts to each line of this file and they’re separated by a colon (:).  Each part is:

  1. username
  2. password
  3. user ID
  4. group ID
  5. real name
  6. home directory
  7. login shell

Let’s pull apart each part of this file.  We know what the user name is, mine’s computerlamp.  What’s yours?

The next one is the password.  It looks weird in that file, there’s an x where you’d think we’d see the encrypted password.  That’s because it isn’t in this file, that’s actually what we call a placeholder.  It’s a ‘one used to be here, but isn’t any more’.  That’s because the actual encrypted password is now in a different file, /etc/shadow that only root can read.

Then there’s the user ID and group ID, we know what those are too and I’d assume you know what your real name is, right?

The last two are the home directory and login shell.  That’s the directory you’re dropped in when you first log in and the shell that you’re going to use.  My home directory is /home/computerlamp and my shell is /bin/bash.

There’s something weird in that result though, right?  For example, the user mail has a login password that’s /sbin/nologin.  If someone tries to login to that account, then they’ll get a polite ‘no, you can’t do that’ message and will be logged out.  Another way of doing this is by putting /bin/false as the shell.

Leave a Reply

Your email address will not be published. Required fields are marked *