Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Administration: Common Tasks Oracle Solaris 11 Information Library |
1. Locating Information About Oracle Solaris Commands
2. Managing User Accounts and Groups (Overview)
What's New in User Accounts and Groups?
Removal of Support for Solaris Management Console
Default Password Hashing Algorithm
What Are User Accounts and Groups?
Using Large User IDs and Group IDs
Guidelines for Assigning User Names, User IDs, and Group IDs
Command-Line Tools for User and Group Account Management
Customizing a User's Work Environment
Using Site Initialization Files
Avoiding Local System References
Bash and ksh93 Shell Environment Variables
About the MANPATH Environment Variable
Default File Permissions (umask)
Customizing a User Initialization File
3. Managing User Accounts and Groups (Tasks)
4. Booting and Shutting Down an Oracle Solaris System
5. Working With Oracle Configuration Manager
6. Managing Services (Overview)
9. Managing System Information (Tasks)
10. Managing System Processes (Tasks)
11. Monitoring System Performance (Tasks)
12. Managing Software Packages (Tasks)
14. Scheduling System Tasks (Tasks)
15. Setting Up and Administering Printers by Using CUPS (Tasks)
16. Managing the System Console, Terminal Devices, and Power Services (Tasks)
17. Managing System Crash Information (Tasks)
18. Managing Core Files (Tasks)
19. Troubleshooting System and Software Problems (Tasks)
20. Troubleshooting Miscellaneous System and Software Problems (Tasks)
Depending on your site policy, user account and group information can be stored in your local system's /etc files or in a name or directory service as follows:
The NIS name service information is stored in maps.
The LDAP directory service information is stored in indexed database files.
Note - To avoid confusion, the location of the user account and group information is generically referred to as a file rather than as a database, table, or map.
Most user account information is stored in the passwd file. Password information is stored as follows:
In the passwd file when you are using NIS
In the /etc/shadow file when you are using /etc files
In the people container when you are using LDAP
Password aging is available when you are using LDAP, but not NIS.
Group information is stored in the group file for NIS, and files. For LDAP, group information is stored in the group container.
The fields in the passwd file are separated by colons and contain the following information:
username:password:uid:gid:comment:home-directory:login-shell
For example:
kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh
For a complete description of the fields in the passwd file, see the passwd(1) man page.
The default passwd file contains entries for standard daemons. Daemons are processes that are usually started at boot time to perform some system-wide task, such as printing, network administration, or port monitoring.
root:x:0:0:Super-User:/root:/usr/bin/bash daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/: uucp:x:5:5:uucp Admin:/usr/lib/uucp: nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico dladm:x:15:65:Datalink Admin:/: netadm:x:16:65:Network Admin:/: netcfg:x:17:65:Network Configuration Admin:/: smmsp:x:25:25:SendMail Message Submission Program:/: listen:x:37:4:Network Admin:/usr/net/nls: gdm:x:50:50:GDM Reserved UID:/var/lib/gdm: zfssnap:x:51:12:ZFS Automatic Snapshots Reserved UID:/:/usr/bin/pfsh upnp:x:52:52:UPnP Server Reserved UID:/var/coherence:/bin/ksh xvm:x:60:60:xVM User:/: mysql:x:70:70:MySQL Reserved UID:/: openldap:x:75:75:OpenLDAP User:/: webservd:x:80:80:WebServer Reserved UID:/: postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh svctag:x:95:12:Service Tag UID:/: unknown:x:96:96:Unknown Remote UID:/: nobody:x:60001:60001:NFS Anonymous Access User:/: noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/: ftp:x:21:21:FTPD Reserved UID:/: dhcpserv:x:18:65:DHCP Configuration Admin:/: aiuser:x:60003:60001:AI User:/: pkg5srv:x:97:97:pkg(5) server UID:/:
Table 2-3 Default passwd File Entries
|
The fields in the shadow file are separated by colons and contain the following information:
username:password:lastchg:min:max:warn:inactive:expire
The default password hashing algorithm is SHA256. The password hash for the user is similar to the following:
$5$cgQk2iUy$AhHtVGx5Qd0.W3NCKjikb8.KhOiA4DpxsW55sP0UnYD
For a complete description of the fields in the shadow file, see the shadow(4) man page.
The fields in the group file are separated by colons and contain the following information:
group-name:group-password:gid:user-list
For example:
bin::2:root,bin,daemon
For a complete description of the fields in the group file, see the group(4) man page.
The default group file contains the following system groups that support some system-wide task, such as printing, network administration, or electronic mail. Most of these groups have corresponding entries in the passwd file.
root::0: other::1:root bin::2:root,daemon sys::3:root,bin,adm adm::4:root,daemon uucp::5:root mail::6:root tty::7:root,adm lp::8:root,adm nuucp::9:root staff::10: daemon::12:root sysadmin::14: games::20: smmsp::25: gdm::50: upnp::52: xvm::60: netadm::65: mysql::70: openldap::75: webservd::80: postgres::90: slocate::95: unknown::96: nobody::60001: noaccess::60002: nogroup::65534: ftp::21 pkg5srv::97:
Table 2-4 Default group File Entries
|