Practical UNIX and Internet Security, 3rd Edition
by Simson Garfinkel, Gene Spafford, Alan Schwartz
How Unix Implements Passwords
This section describes how passwords are implemented inside the Unix operating system for both locally administered and network-based systems.
The /etc/passwd File
Traditionally, Unix uses the /etc/passwd file to keep track of every user on the system. The /etc/passwd file contains the username, real name, identification information, and basic account information for each user. Each line in the file contains a database record; the record fields are separated by a colon (:).
You can use the cat command to display your system’s /etc/passwd file. Here are a few sample lines from a typical file:
root:x:0:1:System Operator:/:/bin/ksh daemon:x:1:1::/tmp: uucp:x:4:4::/var/spool/uucppublic:/usr/lib/uucp/uucico rachel:x:181:100:Rachel Cohen:/u/rachel:/bin/ksh arlin:x.:182:100:Arlin Steinberg:/u/arlin:/bin/csh
The first three accounts, root, daemon, and uucp, are system accounts, while rachel and arlin are accounts for individual users.
The individual fields of the /etc/passwd file have fairly straightforward meanings. Table 4-1 explains a sample line from the file shown above.
Table 4-1. Example /etc/passwd fields
|
Field |
Contents |
|---|---|
|
rachel |
Username. |
|
x |
Holding place for the user’s “encrypted password.” Traditionally, this field actually stored the user’s encrypted password. Modern Unix systems store encrypted passwords in a separate file (the shadow password file) that can be accessed only by privileged users. |
|
181 |
User’s user identification number (UID). |
|
100 ... |