Skip to content

Latest commit

 

History

History
179 lines (135 loc) · 5.92 KB

System-File-in-Linux.md

File metadata and controls

179 lines (135 loc) · 5.92 KB

Explanation of /etc/passwd, /etc/shadow, /etc/group, and /etc/gshadow in Linux

In Linux, user and group-related information is stored in separate files. These files help in managing users and groups efficiently. The following files contain the relevant information for users and groups:

  1. /etc/passwd
  2. /etc/shadow
  3. /etc/group
  4. /etc/gshadow

1. /etc/passwd

Purpose:
This file contains basic information about all users on the system, such as username, UID (User ID), GID (Group ID), home directory, and shell. It is public, meaning all users can read it.

Format:
Each line represents a user and is structured as follows:

username:password:UID:GID:user_info:home_directory:shell
  • username: The login name of the user (e.g., john).
  • password: Typically x, indicating that the password is stored encrypted in /etc/shadow.
  • UID: The unique user ID (e.g., 1001).
  • GID: The primary group ID of the user (e.g., 1001).
  • user_info: Additional information about the user (e.g., John Doe).
  • home_directory: The path to the user's home directory (e.g., /home/john).
  • shell: The default shell for the user (e.g., /bin/bash).

Example:

john:x:1001:1001:John Doe:/home/john:/bin/bash

Input:
When a new user is created (using useradd), a new entry is added to /etc/passwd. If user information needs to be updated, /etc/passwd is modified by using commands like usermod.

Output:
You can view this file with cat /etc/passwd:

john:x:1001:1001:John Doe:/home/john:/bin/bash
root:x:0:0:root:/root:/bin/bash

2. /etc/shadow

Purpose:
This file stores the encrypted passwords of users and other password-related information. It can be read only by the root user for security reasons.

Format:
Each line corresponds to a user and is structured as follows:

username:encrypted_password:last_changed:minimum_age:maximum_age:warning_period:inactive_period:expire_date:reserved
  • username: The username of the user (e.g., john).
  • encrypted_password: The encrypted password (e.g., $6$somehash).
  • last_changed: The date when the password was last changed (in days).
  • minimum_age: The minimum number of days required before the password can be changed.
  • maximum_age: The maximum validity period for the password (after which the user is forced to change it).
  • warning_period: The number of days before password expiration that the user is warned.
  • inactive_period: The number of days after password expiration before the account is deactivated.
  • expire_date: The date when the account expires.
  • reserved: Reserved space for future use (often empty).

Example:

john:$6$somehash:17542:0:99999:7::::
root:$6$rootpasswdhash:17542:0:99999:7::::

Input:
When a password is set or changed (using passwd), the encrypted password is updated in /etc/shadow.

Output:
You can view it with cat /etc/shadow (requires root privileges):

john:$6$somehash:17542:0:99999:7::::
root:$6$rootpasswdhash:17542:0:99999:7::::

3. /etc/group

Purpose:
This file contains information about groups on the system, such as the group name, GID (Group ID), and the members of the group. It is public, meaning all users can read it.

Format:
Each line represents a group and is structured as follows:

groupname:password:GID:member1,member2,member3,...
  • groupname: The name of the group (e.g., developers).
  • password: In the past, there was an encrypted password for the group, but it is now typically x.
  • GID: The unique group ID (e.g., 1001).
  • members: The members of the group (e.g., alice,bob).

Example:

developers:x:1001:alice,bob
staff:x:1002:john,jane

Input:
When a new group is created (using groupadd), a new entry is added to /etc/group. If group membership changes, /etc/group is updated.

Output:
You can view this file with cat /etc/group:

developers:x:1001:alice,bob
staff:x:1002:john,jane

4. /etc/gshadow

Purpose:
This file stores group passwords and other group-related security settings. It can be read only by the root user.

Format:
Each line represents a group and is structured as follows:

groupname:encrypted_password:group_admins:group_members
  • groupname: The name of the group (e.g., developers).
  • encrypted_password: The encrypted password for the group (e.g., $6$somehash).
  • group_admins: Users who can change the group password (e.g., alice,bob).
  • group_members: Members of the group (e.g., alice,bob,john).

Example:

developers:$6$somehash:alice,bob:alice,bob,john
staff::john,jane:jane

Input:
When the group password is set or changed (using gpasswd), /etc/gshadow is updated.

Output:
You can view it with cat /etc/gshadow (requires root privileges):

developers:$6$somehash:alice,bob:alice,bob,john
staff::john,jane:jane

Summary

  1. /etc/passwd:

    • Stores basic user information: username, UID, GID, shell, home directory.
    • Input: When a user is added or modified.
    • Output: Can be viewed with cat /etc/passwd.

  2. /etc/shadow:

    • Stores the encrypted password and password-related information for users.
    • Input: When the password is set or changed.
    • Output: Can be viewed with cat /etc/shadow (root privileges required).

  3. /etc/group:

    • Stores information about groups: group name, GID, and members.
    • Input: When a group is created or modified.
    • Output: Can be viewed with cat /etc/group.

  4. /etc/gshadow:

    • Stores the group password and group-related security settings.
    • Input: When a group password is set or changed.
    • Output: Can be viewed with cat /etc/gshadow (root privileges required).