ABOUT \/etc\/passwd file<\/p>\n
\nThe \/etc\/passwd file is a text-based database of information about users that may log into the system or other operating system user identities that own running processes.\n\nIn many operating systems this file is just one of many possible back-ends for the more general passwd name service.\n\nThe file's name originates from one of its initial functions as it contained the data used to verify passwords of user accounts. However, on modern Unix systems the security-sensitive password information is instead often stored in a different file using shadow passwords, or other database implementations.\n\nThe \/etc\/passwd file typically has file system permissions that allow it to be readable by all users of the system (world-readable), although it may only be modified by the superuser or by using a few special purpose privileged commands.\n\nThe \/etc\/passwd file is a text file with one record per line, each describing a user account. Each record consists of seven fields separated by colons. The ordering of the records within the file is generally unimportant.\n\n\nThe fields, in order from left to right, are:\n\nUser name: the string a user would type in when logging into the operating system: the logname. Must be unique across users listed in the file.\n\nInformation used to validate a user's password; in most modern uses, this field is usually set to \"x\" (or \"*\", or some other indicator) with the actual password information being stored in a separate shadow \npassword file. On Linux systems, setting this field to an asterisk (\"*\") is a common way to disable direct logins to an account while still preserving its name, while another possible value is \"*NP*\" which indicates to use an NIS server to obtain the password.[2] Without password shadowing in effect, this field would typically contain a cryptographic hash of the user's password (in combination with a salt).\n\nuser identifier number, used by the operating system for internal purposes. It need not be unique.\n\ngroup identifier number, which identifies the primary group of the user; all files that are created by this user may initially be accessible to this group.\n\nGecos field, commentary that describes the person or account. Typically, this is a set of comma-separated values including the user's full name and contact details.\n\nPath to the user's home directory.\n\nProgram that is started every time the user logs into the system. For an interactive user, this is usually one of the system's command line interpreters (shells).\n<\/pre>\nRELATED SHELL SESSION EXPOSURE<\/u><\/p>\n
[bash]
\n$cat \/etc\/passwd
\nroot:x:0:0:root:\/root:\/bin\/bash
\ndaemon:x:1:1:daemon:\/usr\/sbin:\/bin\/sh
\nbin:x:2:2:bin:\/bin:\/bin\/sh
\nsys:x:3:3:sys:\/dev:\/bin\/sh
\nsync:x:4:100534:sync:\/bin:\/bin\/sync
\ngames:x:5:60:games:\/usr\/games:\/bin\/sh
\nman:x:6:12:man:\/var\/cache\/man:\/bin\/sh
\nlp:x:7:7:lp:\/var\/spool\/lpd:\/bin\/sh
\nmail:x:8:8:mail:\/var\/mail:\/bin\/sh
\nnews:x:9:9:news:\/var\/spool\/news:\/bin\/sh
\nuucp:x:10:10:uucp:\/var\/spool\/uucp:\/bin\/sh
\nproxy:x:13:13:proxy:\/bin:\/bin\/sh
\nwww-data:x:33:33:www-data:\/var\/www:\/bin\/sh
\nbackup:x:34:34:backup:\/var\/backups:\/bin\/sh
\nlist:x:38:38:Mailing List Manager:\/var\/list:\/bin\/sh
\nirc:x:39:39:ircd:\/var\/run\/ircd:\/bin\/sh
\ngnats:x:41:41:Gnats Bug-Reporting System (admin):\/var\/lib\/gnats:\/bin\/sh
\nnobody:x:100534:100534:nobody:\/nonexistent:\/bin\/sh
\nlibuuid:x:100:101::\/var\/lib\/libuuid:\/bin\/sh
\njeffrin:x:1000:1000:Jeffrin Jose Thalakkottoor,,,:\/home\/jeffrin:\/bin\/bash
\nmessagebus:x:101:103::\/var\/run\/dbus:\/bin\/false
\navahi:x:102:105:Avahi mDNS daemon,,,:\/var\/run\/avahi-daemon:\/bin\/false
\nfestival:x:103:29::\/home\/festival:\/bin\/false
\nusbmux:x:104:46:usbmux daemon,,,:\/home\/usbmux:\/bin\/false
\nsaned:x:106:113::\/home\/saned:\/bin\/false
\ngdm:x:107:114:Gnome Display Manager:\/var\/lib\/gdm:\/bin\/false
\nsshd:x:108:100534::\/var\/run\/sshd:\/usr\/sbin\/nologin
\nhaldaemon:x:110:116:Hardware abstraction layer,,,:\/var\/run\/hald:\/bin\/false
\nDebian-exim:x:111:118::\/var\/spool\/exim4:\/bin\/false
\nmysql:x:112:119:MySQL Server,,,:\/var\/lib\/mysql:\/bin\/false
\npulse:x:109:115:PulseAudio daemon,,,:\/var\/run\/pulse:\/bin\/false
\nrtkit:x:113:124:RealtimeKit,,,:\/proc:\/bin\/false
\njetty:x:114:125::\/usr\/share\/jetty:\/bin\/false
\nklog:x:115:127::\/home\/klog:\/bin\/false
\nsyslog:x:116:128::\/home\/syslog:\/bin\/false
\ncolord:x:117:129:colord colour management daemon,,,:\/var\/lib\/colord:\/bin\/false
\nvde2-net:x:118:132::\/var\/run\/vde2:\/bin\/false
\nfetchmail:x:119:100534::\/var\/lib\/fetchmail:\/bin\/false
\nlibvirt-qemu:x:120:131:Libvirt Qemu,,,:\/var\/lib\/libvirt:\/bin\/false
\nspeech-dispatcher:x:121:29:Speech Dispatcher,,,:\/var\/run\/speech-dispatcher:\/bin\/sh
\nDebian-gdm:x:105:111:Gnome Display Manager:\/var\/lib\/gdm3:\/bin\/false
\nkdm:x:122:100534::\/home\/kdm:\/bin\/false
\nsnmp:x:123:134::\/var\/lib\/snmp:\/bin\/false
\n$<\/p>\n[\/bash]<\/p>\n
RELATED SOURCE CODE EXPOSURE<\/u><\/p>\n
[code lang=”c”]
\n\/*
\n * new_password – validate old password and replace with new (both old and
\n * new in global "char crypt_passwd[128]")
\n *\/
\nstatic int new_password (const struct passwd *pw)
\n{
\n\tchar *clear;\t\t\/* Pointer to clear text *\/
\n\tchar *cipher;\t\t\/* Pointer to cipher text *\/
\n\tconst char *salt;\t\/* Pointer to new salt *\/
\n\tchar *cp;\t\t\/* Pointer to getpass() response *\/
\n\tchar orig[200];\t\t\/* Original password *\/
\n\tchar pass[200];\t\t\/* New password *\/
\n\tint i;\t\t\t\/* Counter for retries *\/
\n\tbool warned;
\n\tint pass_max_len = -1;
\n\tconst char *method;<\/p>\n#ifdef HAVE_LIBCRACK_HIST
\n\tint HistUpdate (const char *, const char *);
\n#endif\t\t\t\t\/* HAVE_LIBCRACK_HIST *\/<\/p>\n\t\/*
\n\t * Authenticate the user. The user will be prompted for their own
\n\t * password.
\n\t *\/<\/p>\n\tif (!amroot && (‘\0’ != crypt_passwd[0])) {
\n\t\tclear = getpass (_("Old password: "));
\n\t\tif (NULL == clear) {
\n\t\t\treturn -1;
\n\t\t}<\/p>\n\t\tcipher = pw_encrypt (clear, crypt_passwd);<\/p>\n
\t\tif (NULL == cipher) {
\n\t\t\tstrzero (clear);
\n\t\t\tfprintf (stderr,
\n\t\t\t _("%s: failed to crypt password with previous salt: %s\\n"),
\n\t\t\t Prog, strerror (errno));
\n\t\t\tSYSLOG ((LOG_INFO,
\n\t\t\t "Failed to crypt password with previous salt of user ‘%s’",
\n\t\t\t pw->pw_name));
\n\t\t\treturn -1;
\n\t\t}<\/p>\n\t\tif (strcmp (cipher, crypt_passwd) != 0) {
\n\t\t\tstrzero (clear);
\n\t\t\tstrzero (cipher);
\n\t\t\tSYSLOG ((LOG_WARN, "incorrect password for %s",
\n\t\t\t pw->pw_name));
\n\t\t\t(void) sleep (1);
\n\t\t\t(void) fprintf (stderr,
\n\t\t\t _("Incorrect password for %s.\\n"),
\n\t\t\t pw->pw_name);
\n\t\t\treturn -1;
\n\t\t}
\n\t\tSTRFCPY (orig, clear);
\n\t\tstrzero (clear);
\n\t\tstrzero (cipher);
\n\t} else {
\n\t\torig[0] = ‘\0’;
\n\t}<\/p>\n\t\/*
\n\t * Get the new password. The user is prompted for the new password
\n\t * and has five tries to get it right. The password will be tested
\n\t * for strength, unless it is the root user. This provides an escape
\n\t * for initial login passwords.
\n\t *\/
\n\tmethod = getdef_str ("ENCRYPT_METHOD");
\n\tif (NULL == method) {
\n\t\tif (!getdef_bool ("MD5_CRYPT_ENAB")) {
\n\t\t\tpass_max_len = getdef_num ("PASS_MAX_LEN", 8);
\n\t\t}
\n\t} else {
\n\t\tif ( (strcmp (method, "MD5") == 0)
\n#ifdef USE_SHA_CRYPT
\n\t\t || (strcmp (method, "SHA256") == 0)
\n\t\t || (strcmp (method, "SHA512") == 0)
\n#endif\t\t\t\t\/* USE_SHA_CRYPT *\/
\n\t\t ) {
\n\t\t\tpass_max_len = -1;
\n\t\t} else {
\n\t\t\tpass_max_len = getdef_num ("PASS_MAX_LEN", 8);
\n\t\t}
\n\t}
\n\tif (!qflg) {
\n\t\tif (pass_max_len == -1) {
\n\t\t\t(void) printf (_(
\n"Enter the new password (minimum of %d characters)\\n"
\n"Please use a combination of upper and lower case letters and numbers.\\n"),
\n\t\t\t\tgetdef_num ("PASS_MIN_LEN", 5));
\n\t\t} else {
\n\t\t\t(void) printf (_(
\n"Enter the new password (minimum of %d, maximum of %d characters)\\n"
\n"Please use a combination of upper and lower case letters and numbers.\\n"),
\n\t\t\t\tgetdef_num ("PASS_MIN_LEN", 5), pass_max_len);
\n\t\t}
\n\t}<\/p>\n\twarned = false;
\n\tfor (i = getdef_num ("PASS_CHANGE_TRIES", 5); i > 0; i–) {
\n\t\tcp = getpass (_("New password: "));
\n\t\tif (NULL == cp) {
\n\t\t\tmemzero (orig, sizeof orig);
\n\t\t\treturn -1;
\n\t\t}
\n\t\tif (warned && (strcmp (pass, cp) != 0)) {
\n\t\t\twarned = false;
\n\t\t}
\n\t\tSTRFCPY (pass, cp);
\n\t\tstrzero (cp);<\/p>\n\t\tif (!amroot && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
\n\t\t\t(void) puts (_("Try again."));
\n\t\t\tcontinue;
\n\t\t}<\/p>\n\t\t\/*
\n\t\t * If enabled, warn about weak passwords even if you are
\n\t\t * root (enter this password again to use it anyway).
\n\t\t * –marekm
\n\t\t *\/
\n\t\tif (amroot && !warned && getdef_bool ("PASS_ALWAYS_WARN")
\n\t\t && (!obscure (orig, pass, pw) || reuse (pass, pw))) {
\n\t\t\t(void) puts (_("\\nWarning: weak password (enter it again to use it anyway)."));
\n\t\t\twarned = true;
\n\t\t\tcontinue;
\n\t\t}
\n\t\tcp = getpass (_("Re-enter new password: "));
\n\t\tif (NULL == cp) {
\n\t\t\tmemzero (orig, sizeof orig);
\n\t\t\treturn -1;
\n\t\t}
\n\t\tif (strcmp (cp, pass) != 0) {
\n\t\t\t(void) fputs (_("They don’t match; try again.\\n"), stderr);
\n\t\t} else {
\n\t\t\tstrzero (cp);
\n\t\t\tbreak;
\n\t\t}
\n\t}
\n\tmemzero (orig, sizeof orig);<\/p>\n\tif (i == 0) {
\n\t\tmemzero (pass, sizeof pass);
\n\t\treturn -1;
\n\t}<\/p>\n\t\/*
\n\t * Encrypt the password, then wipe the cleartext password.
\n\t *\/
\n\tsalt = crypt_make_salt (NULL, NULL);
\n\tcp = pw_encrypt (pass, salt);
\n\tmemzero (pass, sizeof pass);<\/p>\n\tif (NULL == cp) {
\n\t\tfprintf (stderr,
\n\t\t _("%s: failed to crypt password with salt ‘%s’: %s\\n"),
\n\t\t Prog, salt, strerror (errno));
\n\t\treturn -1;
\n\t}<\/p>\n#ifdef HAVE_LIBCRACK_HIST
\n\tHistUpdate (pw->pw_name, crypt_passwd);
\n#endif\t\t\t\t\/* HAVE_LIBCRACK_HIST *\/
\n\tSTRFCPY (crypt_passwd, cp);
\n\treturn 0;
\n}<\/p>\n[\/code]<\/p>\n
SOURCE CODE FROM DEBIAN SOURECE PACKAGE NAMED “shadow”<\/p>\n
LINKS (SOURCE AND OTHER)<\/p>\n
https:\/\/en.wikipedia.org\/wiki\/Passwd<\/a>
\nhttps:\/\/www.ibm.com\/support\/knowledgecenter\/en\/ssw_aix_72\/com.ibm.aix.security\/passwords_etc_passwd_file.htm<\/a>
\nhttps:\/\/www.digitalocean.com\/community\/tutorials\/how-to-use-passwd-and-adduser-to-manage-passwords-on-a-linux-vps<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"ABOUT \/etc\/passwd file The \/etc\/passwd file is a text-based database of information about users that may log into the system or other operating system user identities that own running processes. In many operating systems this file is just one of many possible back-ends for the more general passwd name service. The file’s name originates from … <\/p>\n