Administrative System Files
Three administrative system files are used to define and manage user and group accounts:
/etc/passwd
/etc/shadow
/etc/group
/etc/passwd
| Field | Purpose |
| user name | The unique name assigned to the user account. |
| password | In earlier versions of Unix, the password field contained the encrypted account password. For security reasons, the passwords have been moved to the /etc/shadow file. The letter "x" is typically placed in this field to indicate that the password is in /etc/shadow. |
| UID | A unique numeric identification assigned to the user account. Any processes or files created by the user account will be owned by this UID. The system administrator account, root, is assigned the UID of 0. This is the UID of a superuser account. System maintenance accounts are usually assigned a UID of less than 100, whereas user accounts typically start at 1001. |
| GID | The numeric identification of the default group that the user account has been assigned to as a member. Groups are defined in the /etc/group file. |
| comment field | Information about the owner of the user account, such as real name, phone number, mailing address, and so on. An ampersand in this field is interpreted as the contents of the username field. |
| home directory | The full path to the directory where the user is initially located after logging in. |
| login shell | The full pathname of the initial shell used as a command inter-preter. If left empty, the default is /usr/bin/sh. |
The following listing shows the default contents of a Solaris 9 /etc/password file:
root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
nobody:x:60001:60001:Nobody:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x Nobody:/:
/etc/shadow
The /etc/shadow file is an ASCII file that is used to store passwords for local user accounts along with any password restrictions or aging. Access is restricted to superusers to protect the passwords. Each line represents the password of a user account and consists of nine colon-delimited fields. Table 3.6 lists the fields of an entry in the /etc/shadow file.
The /etc/shadow file should always be protected from unauthorized access or copying because it contains all user passwords for the system. Although the passwords are stored in encrypted form, it is still possible to find passwords using specialized software.
| Field | Purpose |
| User account | Used to relate the /etc/shadow entry to a user account defined in the /etc/passwd file. |
| password | A 13-character encrypted password for the associated user account. If the field contains NP, this account is used only to own processes or files (setuid) and cannot be used to log in to the system. If the field contains *LK*, the account is locked and cannot be used to access the system. If the field is empty, no password exists, and the user is forced to enter a password the first time the account is used. |
| last changed | The number of days between January 1, 1970, and the last date the password was changed. |
| minimum | The minimum number of days required to pass before the user is allowed to change the password again. |
| maximum | The maximum number of days the password is valid. |
| warning | The number of days the user is warned before the password expires. |
| inactivity | The number of days account can be inactive before the password must be changed. |
| expiration | The number of days between January 1, 1970, and the date on which the account expires. |
| flag | Reserved for future use. |
The following listing shows the guest entry from a Solaris 9 /etc/shadow file that uses all the fields except flag:
guest:on7GbE18yYAek:10688:5:30:5:20:10844:
/etc/group
The /etc/group file is an ASCII file that is used to store information about groups on the local system. Each line represents a group and consists of four colon-delimited fields. Table 3.7 lists the fields of an entry in the /etc/group file.
| Field | Purpose |
| group name | The unique name of the group. |
| password | The password associated with the group. If a password is present, the newgrp(1) command prompts users to enter it. |
| GID | The unique numeric group identification. |
| users | A comma-separated list of user accounts that belong to the group. |
The following listing shows the default contents of a Solaris 9 /etc/group file:
root::0:root
other::1:
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
uucp::5:root,uucp
mail::6:root
tty::7:root,adm
lp::8:root,lp,adm
nuucp::9:root,nuucp
staff::10:
daemon::12:root,daemon
sysadmin::14:
smmsp::25:smmsp
nobody::60001:
noaccess::60002:
nogroup::65534:
Source From: InformIT
