Local User and Group Information Storage

Unless you specify a different authentication mechanism, Oracle Linux verifies a user's identity by using the information stored in the /etc/passwd and /etc/shadow files.

The /etc/passwd file stores account information for each user such as their unique user ID (or UID, which is an integer), username, home directory, and login shell. A user signs in with their username, but the OS uses the associated UID. When the user signs in, they're placed in their home directory and their login shell runs.

The /etc/shadow file contains a cryptographic hash of the user's password that can only be viewed by an administrator.

The /etc/group file stores information about groups of users. A user belongs to one or more groups, and each group can contain one or more users. If you grant access privileges to a group, all members of the group receive the same access privileges. Each group account has a unique group ID (GID, also an integer) and an associated group name. The administrator can set a group password that a user must enter to become a member of the group. If a group doesn't have a password, a user can only join the group if the administrator adds that user as a member. A cryptographic hash of the group password is stored in /etc/gshadow.

By default, Oracle Linux implements the user private group (UPG) scheme where adding a user account also creates a corresponding group with the same name as the user, which the user is the only member of.

A user can use the newgrp command to override their current primary group. If the user has a password, they can add group membership on a permanent basis. See the newgrp(1) manual page.

The /etc/login.defs file defines parameters for password aging and related security policies.

For more information about the content of these files, see the group(5), gshadow(5), login.defs(5), passwd(5), and shadow(5) manual pages.