9.3 "Linux learning is not difficult"
User Management (
3
):
/etc/shadow
File Details
The/etc/shadow file is a shadow file of/etc/passwd, and these two files should be complementary to each other. the contents of the/etc/shadow file include passwords that are encrypted by the user and information that other/etc/passwd files cannot include, such as the expiration date of the user's account.
/etc/shadow files can only be read and manipulated by Root, and the permissions of a file cannot be easily changed to other user readable, which is very dangerous. If the permissions for this file are found to be readable by other groups or users, check to prevent system security issues from occurring.
the contents of the/etc/shadow file include 9 fields, separated by ":" between each segment , and the following is part of the/etc/shadow file.
root:$6$fhfk5ioc8/e6itoo$.0f9nobjjd/ubi2umphybsnoxjpnacankfhcrkgkyhtm83qiumf7n1iskitrwf8fkngv3mt9ghpe/ Kwd6yxdm0::0:99999:7:::
Bin:*:16579:0:99999:7:::
Daemon:*:16579:0:99999:7:::
Adm:*:16579:0:99999:7:::
Lp:*:16579:0:99999:7:::
Sync:*:16579:0:99999:7:::
........................ ( omitted )
oprofile:!! : 16789::::::
tcpdump:!! : 16789::::::
zhangsan:$6$sn23sozqagraqlqx$ 4fkpehrrn9y2z20rj2coigb07fsgoeqeqtosuqehcpjpc73k0qikvgb6rp1zxn39zpcrx85iagusp48gwmlel0::0:99999:7:::
The table shows the meaning of the fields in the/etc/shadow file.
Duan |
meaning |
username |
Here the user name and /etc/passwd The user name in the file is the same |
encryption password |
The password has been encrypted, if some users are shown here is "!!" , it means that the user has not set a password and cannot log on to the system |
user last changed password date |
from 1970 year 1 month 1 date to the last time interval between password changes |
If set to 0 |
If set to 0 |
Number of days before password change |
After the user logs on to the system, the system logon program reminds the user that the password will expire |
Indicates how many days after the user password expires, the system disables the user, that is, the system will not let the user log in, will not prompt the user to expire, is completely disabled |
user account expiration date |
Specify the number of days to disable for user accounts (from 1970 1 month 1 date to the number of days the account was disabled), if the value of this field is empty, the account is permanently available |
Reserved Fields |
currently empty to prepare for future Linux System Development Use |
This article extracts from "Linux Learning is not difficult" textbook, which is one of the most practical, theoretical and practical Linux Introductory materials.
"Linux learning is not difficult" user management (3):/etc/shadow File Detailed Introduction