Where User Account and Group Information Is Stored
Depending on your site policy, user account and group information can be stored on the local system's /etc
files or in the LDAP database file.
- In the
/etc/passwd
and/etc/shadow
files when you are using/etc
files - In the
people
container when you are using LDAP
Group information is stored in LDAP's group
container. LDAP also supports password aging.
The /etc/passwd File
Password information is stored in /etc/passwd
. After installation, the file is automatically filled with information about standard daemons and processes. These daemons are started at boot time to perform system-wide tasks such as printing, network administration, or port monitoring. The file also contains the initial user that is created during installation.
As you add or remove packages from the system, additional users and groups are created or removed in the file. You do not perform any administrative tasks on this file.
The fields in the passwd
file are separated by colons and contain the following information:
username:password:UID:GID:comment:home-directory:login-shell
For example:
kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh
For a complete description of the fields in the passwd
file, see the passwd(1) man page.
The /etc/shadow File
This file stores encrypted user passwords and related information. Typically, you do not manually administer this file.
For the regular user, the fields in the shadow
file are separated by colons and contain the following information:
username:password:lastchg:min:max:warn:inactive:expire
In this file, the password is represented by a hash, such as $5$cgQk2iUy$AhHtVGx5Qd0. W3NCKjikb8.KhOiA4DpxsW55sP0UnYD
.
For a complete description of the fields in the shadow file, see the shadow(5) man page.
The /etc/group File
This file is a local source of group information. After installation, groups are created by default that support some system-wide tasks such as printing, network administration, or electronic mail. Most of these groups have corresponding entries in the /etc/passwd
file.
The fields in the group
file are separated by colons and contain the following information:
group-name:group-password:GID:user-list
For example:
bin::2:root,bin,daemon
For a complete description of the fields in the group
file, see the group(5) man page.