User Accounts and the Password File
When a new user account is added to a Linux system, an entry is added to a list of users in the password file, which is stored in /etc/passwd. This file gets its name from its original use, which was to store user information, including an encrypted form of the user’s password. The password file is in plain text and is readable by everyone on the system. Each line in the password file contains information for a single user account, with fields separated by colons, as illustrated in Figure 15-1.
Each line in the file contains information for a single system account and includes the following pieces of information in colon-separated fields:
The first field on a line is a unique username for the person or service using the account.
Each username has an associated password. The password stored in this field is in a hashed (unreadable and unrecoverable) form. Despite the hash, for security reasons, most systems now store user passwords in a separate /etc/shadow file that has restricted permissions. If the password is not included, its field is filled by the letter
x, which indicates that the shadow password system is in use.
- User ID
Each username requires a unique user identifier, or UID. The UID is simply a nonnegative integer. The root account is assigned the UID of 0, which gives it global privilege ...