Detailed explanation of /etc/passwd file in Linux system
Overview
In Linux systems, each user has a corresponding /etc/passwd
record line in the file. This file is readable by all users and records some basic attribute information for each user.
This article will introduce in detail /etc/passwd
the syntax, practical operations and meaning of each field of the file, as well as some key command operations.
grammar
Each /etc/passwd
record line in the file consists of 7 fields separated by colons. Here's what each field means:
Field name | describe |
---|---|
username | A string of user accounts, usually no more than 8 characters in length, and composed of uppercase and lowercase letters and/or numbers. |
password | Stores the encrypted user password. However, due to security risks, most Linux systems now use shadow technology to store the real encrypted user password in a file /etc/shadow . |
user identification number | An integer used internally by the system to identify the user. Generally, it corresponds to the username one-to-one. |
group identification number | Record the user groups to which the user belongs. It corresponds to /etc/group a record in the file. |
annotative description | It records some personal information of the user, such as the user's real name, phone number, address, etc. This field has no practical use. |
Main directory | The user's starting working directory, which is the directory where the user is located after logging in to the system. |
Login Shell | The process started after the user logs in is the interface between the user and the Linux system. |
Practical operation
In order to facilitate 管理员
the management of user accounts and passwords, Linux provides some /etc/passwd
commands for managing files. The following is a description of these commonly used commands:
-
See which users have been created:
-
Order:
cat /etc/passwd
$ cat /etc/passwd root:x:0:0:root:/root:/bin/bash ...
-
-
Check how many accounts there are on this machine:
- Order:
cat /etc/passwd | wc -l
其实想查看本机一共有多少账号,直接数passwd文件的行数就可以了。
$ cat /etc/passwd | wc -l 42
- Order:
-
Find which ones are root users:
- Order:
cat /etc/passwd | grep :0
$ cat /etc/passwd | grep :0 root:x:0:0:root:/root:/bin/bash
In a colon-delimited
/etc/passwd
file, each line represents a user account, and each line consists of multiple fields. In the example rowroot:x:0:0:root:/root:/bin/bash
, there are two0
.- The third field is the user's User ID (UID), which is the user's unique identifier in the system. In this example, the first
0
is the UID of the root user. - The fourth field is the user's Group ID (GID), which indicates the user group to which the user belongs. In this example, the second
0
is the GID of the root user.
So in the given example row, the first
0
is the third field (UID) and the second0
is the fourth field (GID).- Explanation: By looking for
/etc/passwd
the line with the third field of 0 in the file, you can determine which users belong to the administrator group account.
In Linux systems, users are divided into the following three types:
- Super user (root, UID=0): The super user is the system administrator and has the highest authority. Only the root user has complete system control and can perform all operations on the system, including managing users, installing software, modifying configuration files, etc.
- Ordinary user (UID 500-60000): An ordinary user is a general user in the system, and its UID is between 500-60000. Ordinary users can use system resources, but their permissions are restricted and they cannot perform sensitive operations on the system. Normal users are typically used for general daily work and personal tasks.
- Pseudo user (UID 1-499): Pseudo user is a special user reserved by the system, and its UID is between 1-499. These users are not used directly to log in and perform normal operations, but are used to run on behalf of certain system services or processes. Pseudo users usually exist to meet system operation needs, such as running network services, databases, etc.
To create a new user and promote it to superuser, you need to perform the following steps:
- Create a new user using
useradd
the command and specify a unique username likeuseradd -m username
. Please replace "username" with the username you want to create. - Set a password for the new user using
passwd
a command likepasswd username
. Please replace "username" with the username you created. - Change the new user's UID to 0 using
usermod
the command to promote them to superuser, egusermod -u 0 username
. Please replace "username" with the username you created.
Please note that changing the user's UID to 0 will elevate the user to superuser, but this does not mean that the user has full root permissions. Additional configuration and authorization are required to achieve full system control.
Also, when creating a new user, make sure to specify a UID between 500-60000 to comply with regulations in Linux. Existing UIDs cannot be repeatedly assigned to other users to prevent conflicts and confusion.
- Order:
PS : In CentOS 7
, you can use the following command to see which are root users:
- Use
cat /etc/passwd | grep :0
the command to find lines with the user name field "root". The users corresponding to these lines are the root users. - Use
getent passwd | awk -F: '$3 == 0 {print $1}'
the command to directly obtain the user whose user identification code (UID) is 0, that is, the root user, from the /etc/passwd file. - Use
cut -d: -f1 /etc/passwd | grep "root"
the command to list lines starting with "root", which means the user named root.
In addition to the above commands, administrators can also use command line tools or directly edit /etc/passwd
files to add, modify, or delete user account information.
Important note again : modifying /etc/passwd
the file needs to root
be executed as an identity.
Common /etc/passwd variant files and their functions
There is usually only one file on a Linux system /etc/passwd
. However, in some special cases, other variants of /etc/passwd
the file may exist. The following table lists some common /etc/passwd
files and their differences:
file name | describe |
---|---|
/etc/passwd |
On most Linux systems, this is the most commonly used /etc/passwd file. |
/etc/passwd- |
This is /etc/passwd a backup file of files that is usually only backed up before a system administrator performs a change operation. |
/etc/passwd+ |
This file is used by the Network Information Services (NIS) server to distribute user account information. |
/etc/passwd- |
In many UNIX systems, this file stores information about various system accounts, such as daemon, root, bin, sys, etc. These accounts usually do not need to log in to the shell, and their passwords cannot be changed. |
/etc/passwd file under normal circumstances
Under normal circumstances, there is only one /etc/passwd
file in the Linux system, which records the basic attribute information of each user.
In Linux systems, generally,
/etc/passwd
files are readable by all users, that is, all users can access the file. This is because/etc/passwd
the file stores the user's basic attribute information, such as user name, user identification number, home directory, etc. This information is necessary for the normal operation of the system, so it is usually set to readable.However, it is important to note that although
/etc/passwd
the file can be read by all users, the password field stored in it has been encrypted (usually stored in a cryptographically hashed form). Therefore, even if other users can read/etc/passwd
the file, they still cannot directly view other users' passwords.Although
/etc/passwd
the file is readable, modifying it requires an administrator or a user with specific permissions. For ordinary users, they can onlypasswd
change their passwords by using specific command line tools (such as ), but cannot directly edit/etc/passwd
files.In summary, although
/etc/passwd
the file is readable by all users, the password field has been encrypted and ordinary users cannot modify/etc/passwd
the file unless they have administrator rights.
管理员
User account information can be added, modified, or deleted using command line tools or by editing the file directly. However, it should be noted that modifying /etc/passwd
the file requires execution as root.
For passwords, it is usually required that the password length does not exceed 8 characters. In actual projects, the password of the root account has stricter requirements. It must exceed 8 characters and cannot be the same as the user name. User personal information such as ID number, mobile phone number, birthday, etc. should not be used.
It should be noted that ordinary users do not have permission to execute commands such useradd
as , userdel
, usermod
and passwd
, and these commands need to be executed as root.
To sum up, /etc/passwd
the file is a file in the Linux system that records the basic attributes of each user. It consists of colon-separated fields that can be used to manage user account information through command line tools or direct editing. In addition, other variations of /etc/passwd
files exist, such as backup files, NIS server files, and files that store system account information. In actual projects, the password of the root account has stricter requirements, and ordinary users do not have the right to execute specific commands.
Summarize
This article introduces in detail /etc/passwd
the syntax, practical operations, and meaning of each field in the Linux system, as well as common key command operations. /etc/passwd
The file records the basic attribute information of each user. User account information can be managed through command line tools or directly editing the file. In actual projects, the password of the root account has stricter requirements, and ordinary users do not have the right to execute specific commands. At the same time, some common /etc/passwd
variant files and their functions are also introduced.
/etc/passwd
I hope this article helps you understand and use files.