User Accounts and the Password File

When a new user account is added to a Linux system, an entry is added to a list of users in the password file, which is stored in /etc/passwd. This file gets its name from its original use, which was to store user information, including an encrypted form of the user’s password. The password file is in plain text and is readable by everyone on the system. Each line in the password file contains information for a single user account, with fields separated by colons, as illustrated in Figure 15-1.

Sample lines from a password file
Figure 15-1. Sample lines from a password file

Each line in the file contains information for a single system account and includes the following pieces of information in colon-separated fields:

Username

The first field on a line is a unique username for the person or service using the account.

Password

Each username has an associated password. The password stored in this field is in a hashed (unreadable and unrecoverable) form. Despite the hash, for security reasons, most systems now store user passwords in a separate /etc/shadow file that has restricted permissions. If the password is not included, its field is filled by the letter x, which indicates that the shadow password system is in use.

User ID

Each username requires a unique user identifier, or UID. The UID is simply a nonnegative integer. The root account is assigned the UID of 0, which gives it global privilege ...

Get LPI Linux Certification in a Nutshell, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.