/etc/passwd and/etc/shadow in Linux

Source: Internet
Author: User

/etc/passwd and/etc/shadow in Linux
First,/etc/passwd
The/etc/passwd file is a plain text file with the same format for each line:
Name:password:uid:gid:comment:home:shell
Name User Login Name
Password user password. Passwords in this domain are encrypted and commonly represented by X. When the user logs on to the system, the system takes the same algorithm for the input password and compares it to the content in this domain. If this field is empty, it indicates that the user does not require a password when logging on.
UID Specifies the UID of the user. When a user logs in to the system, the system uses this value instead of the user name to identify the user.
GID specifies the GID of the user. This value is used if the system wants to assign the same rights to the same group of people.
Comment Note information. Used to save the user's real name and personal details, or the full name.
Home directory. Specifies the absolute path of the user's home directory.
Shell shell script. If the user is logged on successfully, the absolute path of the command to be executed is placed in this area. It can be any command.
If the/etc/passwd file holds the user's information, the 7 messages consisting of 6 semicolons are explained as follows
(1): User name.
(2): password (already encrypted)
(3): UID (User ID), operating system's own
(4): GID group identification.
(5): User's full name or local account
(6): Start directory
(7): The shell used for login is the tool to parse the login command.
Example: User1:x:501:501::/home/abc:/bin/bash
Second,/etc/shadow
Unlike the linux/etc/passwd file, the Linux/etc/shadow file is a file that only the system administrator has the right to view and modify, and the system administrator should figure out the corresponding meaning of each character segment in the Linux/etc/shadow file. Clear management of the specific meaning.
The record line in the Linux/etc/shadow file corresponds to one by one in/etc/passwd, which is automatically generated by the PWCONV command based on the data in the/etc/passwd.
Its file format is similar to/etc/passwd and consists of several fields, separated by ":" Between the fields. These fields are:
Login: Encrypted password: Last modified: Minimum time interval: Maximum time interval: Warning Time: Inactivity time: Expiry time: Flag
If you view the general account information stored under/etc/shadow as follows:
1) "Login name" is a user account that matches the login name in the/etc/passwd file
2) The password field holds the encrypted user password Word, which is 13 characters long. If null, the corresponding user does not have a password, the password is not required at logon, and if it contains characters that are not part of the collection {./0-9a-za-z}, the corresponding user cannot log on.
3) "Last Modified Time" represents the number of days from the time the user last modified the password. The beginning of time may not be the same for different systems. For example, in Scolinux, the starting point for this time is January 1, 1970.
4) "Minimum time interval" refers to the minimum number of days required between changing the password two times.
5) "Maximum time interval" refers to the maximum number of days that a password remains valid.
6) The "Warning Time" field represents the number of days from the beginning of the system warning user to the official expiration of the user's password.
7) "Inactivity Time" represents the maximum number of days that a user does not have a login activity but the account remains valid.
8) The "Expiration Time" field gives an absolute number of days, and if this field is used, the lifetime of the corresponding account is given. After expiry, the account is no longer a legitimate account, and can no longer be used to log on.
9) "Flag" field reserved for future use

/etc/passwd and/etc/shadow in Linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.