Understanding /etc/passwd
Q. Can you explain /etc/passwd file format for Linux and UNIX operating systems?
A. /etc/passwd file stores essential information, which is required during login i.e. user account information. /etc/passwd is a text file, that contains a list of the system’s accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc. It should have general read permission as many utilities, like ls use it to map user IDs to user names, but write access only for the superuser (root).
Understanding fields in /etc/passwd
The /etc/passwd contains one entry per line for each user (or user account) of the system. All fields are separated by a colon (:) symbol. Total seven fields as follows.
Generally, passwd file entry looks as follows (click to enlarge image):
Fig.01: /etc/passwd file format
- Username: It is used when user logs in. It should be between 1 and 32 characters in length.
- Password: An x character indicates that encrypted password is stored in /etc/shadow file.
- User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.
- Group ID (GID): The primary group ID (stored in /etc/group file)
- User ID Info: The comment field. It allow you to add extra information about the users such as user’s full name, phone number etc. This field use by finger command.
- Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
- Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please note that it does not have to be a shell.
Task: See User List
/etc/passwd is only used for local users only. To see list of all users, enter:
$ cat /etc/passwd
To search for a username called tom, enter:
$ grep tom /etc/passwd
/etc/passwd file permission
The permission on the /etc/passwd file should be read only to users (-rw-r–r–) and the owner must be root:
$ ls -l /etc/passwd
Output:
-rw-r--r-- 1 root root 2659 Sep 17 01:46 /etc/passwd
Reading /etc/passwd file
You can read /etc/passwd file using the while loop and IFS separator as follows:
#!/bin/bash # seven fields from /etc/passwd stored in $f1,f2...,$f7 # while IFS=: read -r f1 f2 f3 f4 f5 f6 f7 do echo "User $f1 use $f7 shell and stores files in $f6 directory." done < /etc/passwd
Your password is stored in /etc/shadow file
Your encrypted password is not stored in /etc/passwd file. It is stored in /etc/shadow file. In the good old days there was no great problem with this general read permission. Everybody could read the encrypted passwords, but the hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that of a friendly user-community.
Almost, all modern Linux / UNIX line operating systems use some sort of the shadow password suite, where /etc/passwd has asterisks (*) instead of encrypted passwords, and the encrypted passwords are in /etc/shadow which is readable by the superuser only.
Share this:
How to check if a directory exists in a shell script
To check if a directory exists and is a directory use the following syntax:
[ -d "/path/to/dir" ] && echo "Directory /path/to/dir exits." || echo "Error: Directory /path/to/dir does not exits."
The following version also check for symbolic link:
[ -d "/path/to/dir" && ! -L "/path/to/dir" ] && echo "Directory /path/to/dir exits." || echo "Error: Directory /path/to/dir exits but point to $(readlink -f /path/to/dir)."
OR
[ -d "/path/to/dir" && ! -h "/path/to/dir" ] && echo "Directory /path/to/dir exits." || echo "Error: Directory /path/to/dir exits but point to $(readlink -f /path/to/dir)."
Finally, you can use the traditional if..else..fi:
if [ -d "/path/to/dir" ]
then
echo "Directory /path/to/dir exits."
else
echo "Error: Directory /path/to/dir does not exits."
fi
Shell script examples to see if a ${directory} exists or not
#!/bin/bash
dir="$1"
[ $# -eq 0 ] && { echo "Usage: $0 dir-name"; exit 1; }
if [ -d "$dir" -a ! -h "$dir" ]
then
echo "$dir found and setting up new Apache/Lighttpd/Nginx jail, please wait..."
# __WWWJailSetup "cyberciti.biz" "setup"
else
echo "Error: $dir not found or is symlink to $(readlink -f ${dir})."
fi
In this example, create directories if does not exits:
# Purpose: Setup jail and copy files
# Category : Core
# Override : No
# Parameter(s) : d => domain name
# action => setup or update
__WWWJailSetup(){
local d="$1"
local action="${2:setup}" # setup or update???
local index="$d
$d
" # default index.html
local J="$(_getJailRoot $d)/$d" # our sweet home
local _i=""
[ "$action" == "setup" ] && echo "* Init jail config at $J..." || echo "* Updating jail init config at $J..."
__init_domain_config "$d"
[ "$action" == "setup" ] && echo "* Setting up jail at $J..." || echo "* Updating jail at $J..."
[ ! -d "$J" ] && $_mkdir -p "$J"
for _i in $J/{etc,tmp,usr,var,home,dev,bin,lib64}
do
[ ! -d "$_i" ] && $_mkdir -p "$_i"
done
for _i in $_lighttpd_webalizer_base/$d/stats/{dump,out}
do
[ ! -d "$_i" ] && $_mkdir -p "$_i"
done
for _i in $_lighttpd_webalizer_prepost_base/$d/{pre.d,post.d}
do
[ ! -d "$_i" ] && $_mkdir -p "$_i"
done
## truncated
}
Summary
Use the following to check file/directory types and compare values:
- -L "FILE" : FILE exists and is a symbolic link (same as -h)
- -h "FILE" : FILE exists and is a symbolic link (same as -L)
- -d "FILE" : FILE exists and is a directory
- -w "FILE" : FILE exists and write permission is granted
RobDurdle.com 
You must be logged in to post a comment.