Linux passwd file parsing

#cat/etc/passwdroot:x:0:0: superuser:/:d aemon:x:1:1: systemdaemons:/etc:bin:x:2:2: ownerofsystemcommands:/bin:sys:x:3:3: ownerofsystemfiles:/usr/sys:adm:x:4:4: systemaccounting:/usr/adm:uucp:x:5:5: uucpadministrator:/usr/lib/uucp:auth:x:7: +: authenticationadministrator:/tcb/files/auth:cron:x:9: -: crondaemon:/usr/spool/cron:listen:x:Panax Notoginseng:4: networkdaemon:/usr/net/nls:lp:x: in: -:P rinteradministrator:/usr/spool/lp:sam:x: $: -: samsan:/usr/sam:/bin/sh

As we can see from the above example, one row of records in/etc/passwd corresponds to a user, and each row of records is separated by a colon (:) into 7 fields, with the following format and meaning:

User name: Password: User id: Group identification number: Annotative Description: Home directory: Login Shell

(1) Registration name (LOGIN_NAME): Used to distinguish between different users. The registration name is unique in the same system. On many systems, the field is limited to a length of 8 characters (letters or numbers), and note that it is usually sensitive to the case of letters in a Linux system. This is not the same as msdos/windows.

(2) password (passwd): The system uses the password to verify the legality of the user. Superuser root or some advanced users can use the system command passwd to change passwords for all users in the system, and regular users can use the passwd command to change their passwords after logging on to the system.

Now the Unix/linux system, passwords are no longer stored directly in the passwd file, usually the password field in the passwd file using an "X" instead, the/etc/shadow as a real password file, for the preservation of data including personal passwords. Of course, shadow files cannot be read by ordinary users, only the superuser is entitled to read them.

In addition, it should be noted that if the first character in the passwd field is "*", then it means that the account is blocked, and the system does not allow the user who owns the account to log in.

(3) User identification number (UID): UID is a numeric value, is the only user identity in the Linux system, used to distinguish between different users. Use the UID field when managing processes and file protection within the system. In a Linux system, both the registration name and the UID can be used to identify the user, but the UID is more important for the system, and it is more convenient for the user to use the registration name. For some specific purposes, there can be multiple users with different registered names, but the same UID, in fact, these users with different registered names are actually the same user.

(4) Group identification Number (GID): This is the default workgroup identity for the current user. Multiple users with similar attributes can be assigned to the same group, each with its own group name and distinguished by its own group identification number. Like the UID, the user's group identification number is also stored in the passwd file. In modern Unix/linux, each user can belong to more than one group at a time. In addition to specifying the base groups for which they belong in the passwd file, the users in a group are indicated in the/etc/group file.

(5) User name (USER_NAME): Contains some information about the user, such as the user's real name, office address, contact telephone, etc. In Linux systems, programs such as mail and finger use this information to identify users of the system.

(6) User home directory (home_directory): This field defines the home directory of the individual user, and when the user logs in, his or her shell will use that directory as the user's working directory. In Unix/linux system, the working directory of Superuser Root is/root, while other individual users have their own working environment under the/home directory, and the system configures their own master directory for each user in this directory. Individual users ' files are placed in their respective

The home directory.

(7) command interpreter (shell): The shell is the name of the program that is run when the user logs on to the system, usually a full path name for a shell program.

such as/bin/bash.

Expand:

After the user logs in, to start a process that is responsible for passing the user's actions to the kernel, the process is a command interpreter or a specific program, the shell, that the user logs on to the system. The shell is the interface between the user and the Linux system. There are many types of Linux shells, each of which has different characteristics. Commonly used are sh (bourneshell), CSH (Cshell), Ksh (KornShell), tcsh (Tenex/tops-20typecshell), Bash (Bourneagainshell), etc. System administrators can assign a shell to a user based on system conditions and user habits. If you do not specify a shell, then the system uses SH as the default login shell, that is, the value of this field is/bin/sh. The user's login shell can also be specified as a specific program (this program is not a command interpreter). With this feature, we can restrict the user from running only the specified application, and the user exits the system automatically after the application has finished running. Some Linux systems require only those programs that are registered in the system to appear in this field.

There is a class of users in the system called Pseudo-users (psuedousers), who also occupy a record in the linux/etc/passwd file, but cannot log on because their logon shell is empty. Their existence is mainly to facilitate the system management, to meet the corresponding system process of the document owner requirements. Common pseudo-users are shown below.
Pseudo user meaning
Bin has an executable user command file
SYS has system files
ADM has account files
UUCPUUCP use
LPLP or LPD subsystem use
Nobodynfs use
Owning an account file
In addition to the pseudo-users listed above, there are many standard pseudo-users, such as Audit,cron,mail,usenet, which are also required for related processes and files.
Since the linux/etc/passwd file is readable by all users, if the user's password is too simple or the rule is obvious, a common computer can easily crack it, so the security requirements of the Linux system are encrypted password word separated out, stored separately in a file, this file is a/etc/shadow file. Only the superuser has the file Read permission, which guarantees the security of the user's password.

Linux passwd file parsing