A very detailed explanation of/etc/passwd in Linux __linux

Today encountered a problem, has been prompted operation not permitted, it is obvious that people associate with the issue of permissions, check the passwd file, sure enough. I searched for some detailed explanations.

Root:x:0:0:root:/root:/bin/bash

Bin:x:1:1:bin:/bin:/sbin/nologin

Daemon:x:2:2:daemon:/sbin:/sbin/nologin

Desktop:x:80:80:desktop:/var/lib/menu/kde:/sbin/nologin

Mengqc:x:500:500:mengqc:/home/mengqc:/bin/bash

In this file, the individual data segments for each row of user records are separated by ":" to define each aspect of the user's attributes. The order and meaning of each field are as follows:

Registration Name: Password: User identification number: Group ID: User name: With head of Household directory: command interpreter

(1) Registration name (LOGIN_NAME): used to differentiate between different users. Registering names on the same system is unique. On many systems, the field is limited to a length of 8 characters (letters or numbers), and note that it is usually sensitive to letter capitalization in Linux systems. This is not the same as msdos/windows.

(2) password (passwd): The system uses the password to authenticate the user's legality. Superuser root or some advanced user can use System command passwd to change the password for all users in the system, and ordinary users can use the passwd command to change their password after logging on to the system.

Now in the Unix/linux system, the password is no longer stored directly in the passwd file, the password field in the passwd file is usually replaced by an "X", and the/etc/shadow is used as the real password file for saving data including personal passwords. Of course shadow files are not readable by ordinary users, only superuser can read them.

In addition, it should be noted that if the first character in the passwd field is "*" then it means that the account is closed and the system does not allow the user who holds the account to log in.

(3) User identification number (UID): UID is a numeric value, is the only user identity in the Linux system, used to distinguish between different users. Use the UID field when managing processes and file protection within the system. In a Linux system, the registration name and UID can be used to identify the user, but the UID is more important to the system, and for the user, the registration name is more convenient to use. For some specific purposes, there can be multiple users with different registered names but the same UID, and in fact these users with different registration names are actually the same user.

(4) Group identification Number (GID): This is the default workgroup identity for the current user. Multiple users with similar attributes can be assigned to the same group, each with its own group name and distinguished by its own group identification number. Like the UID, the user's group identification number is also stored in the passwd file. In modern Unix/linux, each user can belong to more than one group at a time. In addition to the base group where the attribution is specified in the passwd file, the user in the/etc/group file is indicated in a group.

(5) User name (USER_NAME): Contains some information about the user, such as the user's real name, office address, contact telephone, etc. In Linux systems, programs such as mail and finger use this information to identify users of the system.

(6) User home directory (home_directory): This field defines the home directory of the individual user, and when the user logs on, his shell will use the directory as the user's working directory. In the Unix/linux system, the working directory of Superuser Root is/root, while other individual users have their own working environment under the/home directory, and the system configures their own home directory for each user in the directory. Individual user's files are placed in their respective

The home directory.

(7) command interpreter (shell): Shell is the name of a program that runs when a user logs on to the system, usually a full pathname of a shell program.

such as/bin/bash.

It should be noted that system administrators usually do not need to modify passwd files directly, Linux provides some account management tools to help system administrators to create and maintain user accounts.

Linux Password management/etc/passwd file

The/etc/passwd file is one of the key files for Linux/unix security. This file is used to verify the user's password at logon, but should only be written to root. The general format for each line in the file is:

LOGNAME:PASSWORD:UID:GID:USERINFO:HOME:SHELL

The first two entries in each row are the logins and encrypted passwords, followed by the UID and GID two digits. The next item is any information that the system administrator wants to write about the user, and the last two are two pathname: one is the home directory assigned to the user, and the second is the shell that the user will execute after logging in (if the space is Default is/bin/sh).

(1) Password prescription

The format of the/etc/passwd file allows the system administrator to ask users to change their passwords on a regular basis. As you can see in the password file, some encrypted passwords have commas, followed by a few characters and a colon. For example:

Steve:xydfcctrt180x,m.y8:0:0:admin:/:/bin/sh

Restrict:pomjk109jky41,.1:0:0:admin:/:/bin/sh

Pat:xmottvoyumjls:0:0:admin:/:/bin/sh

As you can see, Steve's password has 4 characters, restrict 2, and Pat has no comma.

The first character after the comma is the maximum number of weeks that the password expires, and the second determines the minimum number of weeks that the original password should be used before the user modifies the message again (this prevents the user from changing the new password and then changing back to the old password). The remaining characters indicate when the password was last modified

To be able to read the information after the comma in the password, you must first know how to use the Passwd_esc count, the counting method is:

. =0/=1 0-9=2-11 a-z=12-37 a-z=38-63

The system administrator must put the first two characters into the/etc/passwd file to require the user to periodically modify the password, while the other two characters are filled in by the passwd command when the user modifies the password.

Note: If you want the user to change the password, you can put two "." When the last password is modified, and the next time the user logs on, they will be asked to modify their password.

There are two kinds of special situations:

. The maximum number of weeks (the first character) is less than the minimum number of weeks (the second character), the user is not allowed to modify the password, and only the superuser can modify the user's password.

. The first and second characters are ".", when the user is asked to modify the password the next time they log on, and after the password is modified, the passwd command will "." deleted, and the user will not be asked to modify the password thereafter.

(2) UID and GID

The UID information in/etc/passwd is important, and the system uses UID instead of logins to distinguish users. In general, the UID of the user should be unique and other users should not have the same UID value. According to the Convention, the UID from 0 to 99 is reserved as the UID for the system user (root, BIN,UUCP, etc.).

If there are two different entry entries in the/etc/passwd file that have the same UID, the two users have the same access rights to each other's files.

The/etc/group file contains information about the group, and each GID in/etc/passwd should have a corresponding entry in this file, which lists the team name and the users in the group. This makes it easy to understand the users of each group, otherwise it must be based on the GID in the/etc/ passwd files to find the same group of users from beginning to the beginning.

/etc/group file control of permissions to the group is not necessary because the system uses Uid,gid (taken from/etc/passwd) to determine file access permissions, even if the/etc/group file does not exist in the system, with Users with the same GID can also share files with group access permission permissions.

The group has the same password as the logged-in user. If the second field of the/etc/group file entry is non-null, it is considered an encrypted password, and the NEWGRP command will require the user to give the password, then encrypt the password and compare it with the encrypted password for that domain.

It is generally not a good practice to set up a password for the team. First, if a group shares files, if someone guesses a group password, all users of the group may leak the file, and second, the management team password is cumbersome because there is no similar passwd command for the group. Available/usr/lib/ Makekey generates a password write to/etc/group.

A new group must be established in the following situations:

(1) may want to add new users, the user does not belong to any one of the existing team.

(2) Some users may often need to be alone for a group.

(3) Some users may have a Sgid program that needs to be alone for a group.

(4) Sometimes it is possible to install a software system running SGID, the software system needs to establish a new group.

To add a new group, you must edit the file to add an entry entry for the new group. The group file and password file should be consistent because the system takes a GID from the/etc/passwd file when the user logs on, instead of the GID from the/etc/group. For a user's group, UID and The GID should be the same. The GID of a multiuser group should be different from the UID of any user, typically 5 digits, so that when viewing a/etc/passwd file, a multiuser group can be identified based on a 5-bit data gid, which will reduce the confusion that may arise when adding new groups to new users.

Wooden Old wilted | Http://www.akmumu.com/2013/08/05/203/.html