test

System Administration Guide: Basic Administration

Where User Account and Group Information Is Stored

Depending on your site policy, user account and group information can be stored in your local system's /etc files or in a name or directory service as follows:

Note –

To avoid confusion, the location of the user account and group information is generically referred to as a file rather than as a database, table, or map.

Most user account information is stored in the passwd file. Password information is stored as follows:

Password aging is available when you are using NIS+ or LDAP, but not NIS.

Group information is stored in the group file for NIS, NIS+, and files. For LDAP, group information is stored in the group container.

Fields in the passwd File

The fields in the passwd file are separated by colons and contain the following information: 


username:password:uid:gid:comment:home-directory:login-shell

For example:


kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh

For a complete description of the fields in the passwd file, see the passwd(1) man page.

Default passwd File

The default passwd file contains entries for standard daemons. Daemons are processes that are usually started at boot time to perform some system-wide task, such as printing, network administration, or port monitoring.


root:x:0:0:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
unknown:x:96:96:Unknown Remote UID:/:
svctag:x:95:12:Service Tag UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
Table 4–6 Default passwd File Entries

User Name 

User ID 

Description 

root

0

Superuser account 

daemon

1

Umbrella system daemon associated with routine system tasks 

bin

2

Administrative daemon associated with running system binaries to perform some routine system task 

sys

3

Administrative daemon associated with system logging or updating files in temporary directories 

adm

4

Administrative daemon associated with system logging 

lp

71

Line printer daemon 

uucp

5

Daemon associated with uucp functions

nuucp

6

Another daemon associated with uucp functions

smmsp

25

Sendmail message submission program daemon 

webservd

80

Account reserved for WebServer access 

postgres

90

Account reserved for PostgresSQL access 

unknown

96

Account reserved for unmappable remote users in NFSv4 ACLs 

svctag

95

Service Tag Registry access 

gdm

50

GNOME Display Manager daemon 

listen

37

Network listener daemon 

nobody

60001

Account reserved for anonymous NFS access. 

noaccess

60002

Assigned to a user or a process that needs access to a system through some application but without actually logging in 

nobody4

65534

SunOS 4.0 or 4.1 version of the nobody user account

Fields in the shadow File

The fields in the shadow file are separated by colons and contain the following information: 


username:password:lastchg:min:max:warn:inactive:expire

For example:


rimmer:86Kg/MNT/dGu.:8882:0::5:20:8978

For a complete description of the fields in the shadow file, see the shadow(4) and crypt(1) man pages.

Fields in the group File

The fields in the group file are separated by colons and contain the following information: 


group-name:group-password:gid:user-list

For example:


bin::2:root,bin,daemon

For a complete description of the fields in the group file, see the group(4) man page.

Default group File

The default group file contains the following system groups that support some system-wide task, such as printing, network administration, or electronic mail. Many of these groups having corresponding entries in the passwd file.


root::0:
other::1:root
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
sysadmin::14:
smmsp::25:
gdm::50:
webservd::80:
postgres::90:
unknown::96:
nobody::60001:
noaccess::60002:
nogroup::65534:
Table 4–7 Default group File Entries

Group Name 

Group ID 

Description 

root

0

Superuser group 

other

1

Optional group 

bin

2

Administrative group associated with running system binaries 

sys

3

Administrative group associated with system logging or temporary directories 

adm

4

Administrative group associated with system logging 

uucp

5

Group associated with uucp functions

mail

6

Electronic mail group 

tty

7

Group associated with tty devices

lp

8

Line printer group 

nuucp

9

Group associated with uucp functions

staff

10

General administrative group. 

daemon

12

Group associated with routine system tasks 

sysadmin

14

Administrative group associated with legacy Admintool and Solstice AdminSuite tools 

smmsp

25 

Daemon for Sendmail message submission program 

gdm

50 

Group reserved for the GNOME Display Manager daemon 

webservd

80

Group reserved for WebServer access 

postgres

90

Group reserved for PostgresSQL access 

unknown

96

Group reserved for unmappable remote groups in NFSv4 ACLs 

nobody

60001

Group assigned for anonymous NFS access 

noaccess

60002

Group assigned to a user or a process that needs access to a system through some application but without actually logging in 

nogroup

65534

Group assigned to a user who is not a member of a known group