Where User Account and Group Information Is Stored

Depending on your site policy, user account and group information can be stored in your local system's /etc files or in a name or directory service as follows:

The NIS name service information is stored in maps.
The LDAP directory service information is stored in indexed database files.

Note - To avoid confusion, the location of the user account and group information is generically referred to as a file rather than as a database, table, or map.

Most user account information is stored in the passwd file. Password information is stored as follows:

In the passwd file when you are using NIS
In the /etc/shadow file when you are using /etc files
In the people container when you are using LDAP

Password aging is available when you are using LDAP, but not NIS.

Group information is stored in the group file for NIS, and files. For LDAP, group information is stored in the group container.

Fields in the `passwd` File

The fields in the passwd file are separated by colons and contain the following information:

username:password:uid:gid:comment:home-directory:login-shell

For example:

kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh

For a complete description of the fields in the passwd file, see the passwd(1) man page.

Default `passwd` File

The default passwd file contains entries for standard daemons. Daemons are processes that are usually started at boot time to perform some system-wide task, such as printing, network administration, or port monitoring.

root:x:0:0:Super-User:/root:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
dladm:x:15:3:Datalink Admin:/:
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/var/lib/gdm:
zfssnap:x:51:12:ZFS Automatic Snapshots Reserved UID:/:/usr/bin/pfsh
upnp:x:52:52:UPnP Server Reserved UID:/var/coherence:/bin/ksh
xvm:x:60:60:xVM User:/:
mysql:x:70:70:MySQL Reserved UID:/:
openldap:x:75:75:OpenLDAP User:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
svctag:x:95:12:Service Tag UID:/:
unknown:x:96:96:Unknown Remote UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:

root:x:0:0:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
unknown:x:96:96:Unknown Remote UID:/:
svctag:x:95:12:Service Tag UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:

Table 1-4 Default passwd File Entries

User Name	User ID	Description
`root`	`0`	Superuser account
`daemon`	`1`	Umbrella system daemon associated with routine system tasks
`bin`	`2`	Administrative daemon associated with running system binaries to perform some routine system task
`sys`	`3`	Administrative daemon associated with system logging or updating files in temporary directories
`adm`	`4`	Administrative daemon associated with system logging
`lp`	`71`	Line printer daemon
`uucp`	`5`	Daemon associated with `uucp` functions
`nuucp`	`6`	Another daemon associated with `uucp` functions
`dladm`	`15`	Account reserved for datalink administration.
`zfssnap`	`51`	Account reserved for automatic snapshots.
`upnp`	`52`	Account reserved for UPnP server.
`xvm`	`60`	Reserved for xVM user.
`openldap`	`75`	Reserved for OpenLDAP user.
`smmsp`	`25`	Sendmail message submission program daemon
`webservd`	`80`	Account reserved for WebServer access
`postgres`	`90`	Account reserved for PostgresSQL access
`svctag`	`95`	Service Tag Registry access
`gdm`	`50`	GNOME Display Manager daemon
`listen`	`37`	Network listener daemon
`nobody`	`60001`	Account reserved for anonymous NFS access.
`noaccess`	`60002`	Assigned to a user or a process that needs access to a system through some application but without actually logging in
`nobody4`	`65534`	SunOS 4.0 or 4.1 version of the `nobody` user account
`unknown`	`96`	Account reserved for unmappable remote users in NFSv4 ACLs

Fields in the `shadow` File

The fields in the shadow file are separated by colons and contain the following information:

username:password:lastchg:min:max:warn:inactive:expire

Note - In the current Oracle Solaris release, the default password hashing algorithm has been changed to SHA256. The password hash for the user is similar to the following:

$5$cgQk2iUy$AhHtVGx5Qd0.W3NCKjikb8.KhOiA4DpxsW55sP0UnYD

For a complete description of the fields in the shadow file, see the shadow(4) and crypt(1) man pages.

Fields in the `group` File

The fields in the group file are separated by colons and contain the following information:

group-name:group-password:gid:user-list

For example:

bin::2:root,bin,daemon

For a complete description of the fields in the group file, see the group(4) man page.

Default `group` File

The default group file contains the following system groups that support some system-wide task, such as printing, network administration, or electronic mail. Many of these groups having corresponding entries in the passwd file.

root::0:
other::1:root
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
sysadmin::14:
games::20:
smmsp::25:
gdm::50:
upnp::52:
xvm::60:
mysql::70:
openldap::75:
webservd::80:
postgres::90:
slocate::95:
unknown::96:
nobody::60001:
noaccess::60002:
nogroup::65534:

Table 1-5 Default group File Entries

Group Name	Group ID	Description
`root`	`0`	Superuser group
`other`	`1`	Optional group
`bin`	`2`	Administrative group associated with running system binaries
`sys`	`3`	Administrative group associated with system logging or temporary directories
`adm`	`4`	Administrative group associated with system logging
`uucp`	`5`	Group associated with `uucp` functions
`mail`	`6`	Electronic mail group
`tty`	`7`	Group associated with `tty` devices
`lp`	`8`	Line printer group
`nuucp`	`9`	Group associated with `uucp` functions
`staff`	`10`	General administrative group.
`daemon`	`12`	Group associated with routine system tasks
`sysadmin`	`14`	Administrative group that is useful for system administrators
`smmsp`	25	Daemon for Sendmail message submission program
`gdm`	50	Group reserved for the GNOME Display Manager daemon
`webservd`	`80`	Group reserved for WebServer access
`postgres`	`90`	Group reserved for PostgresSQL access
`nobody`	`60001`	Group assigned for anonymous NFS access
`noaccess`	`60002`	Group assigned to a user or a process that needs access to a system through some application but without actually logging in
`nogroup`	`65534`	Group assigned to a user who is not a member of a known group
`unknown`	`96`	Group reserved for unmappable remote groups in NFSv4 ACLs

Skip Navigation Links
Exit Print View
	System Administration Guide: Basic Administration Oracle Solaris 11 Express 11/10