HB Computer Security | Aide Memoire
  • Introduction
  • Core Technical Skills
    • Core Skills
      • Linux
        • Getting to Know Linux
          • Using the Shell
            • Shells, Terminals, and Virtual Consoles
            • Choose your Shell
            • Shell Commands
              • Non-PATH Commands
              • Command History
                • Command Line Editing
                  • Keystrokes for Navigating Command Lines
                  • Keystrokes for Editing Command Lines
                  • Keystrokes for Cutting and Pasting Text from within Command Lines
                • Command Line Recall
                  • Keystrokes for Command Line Recall
              • Connecting and Expanding Commands
                • Piping Between Commands
                • Sequential Commands
                • Expanding Commands
            • Shell Variables
              • Common Shell Variables
            • Aliases
            • Create your Own Shell Environment
              • Modification Ideas
          • Navigating the Linux File System (LFS)
            • Filesystem Commands
            • Listing Files and Directories
            • File Permissions and Ownership
              • Modifying Permissions with chmod
              • Modifying Default Permissions with umask
              • Change File Ownership with chown
            • Copying, Moving, and Removing Files
            • Finding Files
              • locate
              • find
              • grep
            • Downloading Files
              • axel
              • wget
              • curl
                • User-Agent: Googlebot
          • Working with Text Files
            • Using vim and vi to Edit Text Files
              • Starting with vi
              • Adding Text
              • Moving Around in the Text
            • Text Manipulation
        • System Administration
          • Installing Linux
            • Installing from Live Media
            • Installing in the Enterprise
            • Partitioning Hard Disks
              • Tips for Creating Partitions
          • Account Administration
            • The root Account
              • Becoming root with su
              • sudo
                • The /etc/sudoers File
                • Granting sudo privileges
                  • visudo Guidance
                • Useful sudo Hints
            • Other Administrative Accounts
            • Standard User Accounts
              • Risks of userdel: Orphaned Files
          • Graphical Remote Administration
            • Cockpit
              • Installation Guide
            • Remote Desktop Protocol with xrdp
              • Installation and Configuration
            • Remote Desktop with vnc
              • Installation and Configuration
              • Running VNC as a System Service
          • Managing Running Processes
            • Listing Processes
              • ps
              • top
              • htop
            • Backgrounding and Foregrounding
              • Starting a Background Process
              • Using Foreground and Background Commands
            • Killing and Recining Processes
              • kill and killall
          • Managing Software
            • Managing Software from the Desktop
            • Going Beyond the Limitations of Software Center
              • Debian Packages
                • Advanced Package Tool (apt)
                • Repositories
                • dpkg
        • Shell Scripting
          • Variables
            • Command Substitution
            • Arguments
          • Reading User Input
          • if, else, and elif
          • BOOLEAN Logic
          • Loops
            • for Loops
            • while Loops
          • Functions
          • Local Vs Global Variables
          • Summary
        • Securing Linux
      • Windows
        • Security Hardening
Powered by GitBook
On this page
  • Understanding /etc/passwd

Was this helpful?

  1. Core Technical Skills
  2. Core Skills
  3. Linux
  4. System Administration

Account Administration

PreviousTips for Creating PartitionsNextThe root Account

Last updated 1 year ago

Was this helpful?

A computer is pretty useless without accounts. So, we need to learn how to administer user accounts, both privileged and non-privileged, as well as service accounts.

To begin with, we need to understand a very important file; /etc/passwd.

Understanding /etc/passwd

The /etc/passwd file is basically a roster of all the user accounts on the system. It's a simple text file that gives out a bunch of details for each account, such as your user ID, the group ID you belong to, where your home directory is, which shell you use, and a few other bits and bobs. Pretty much anyone can read this file since it's used by various system commands to match user IDs with their usernames. But when it comes to writing to this file, that's kept under lock and key, with only root having the authority to make any changes.

The /etc/passwd file contains one entry per line for each account present on the system. All fields are separated by a colon (:) symbol. There are seven fields in total, which generally appears as follows:

  1. Username It is used when user logs in. It should be between 1 and 32 characters in length

  2. Password An x character indicates that encrypted password is stored in another file; the /etc/shadow file. Please note that you need to use the passwd command to change an account passed to ensure that the password typed at the CLI is hashed correctly. We will revisit this mechanism later...

  3. User ID (UID) Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups

  4. Group ID (GID) The primary group ID, stored in /etc/group file

  5. User ID Info (GECOS) The comment field. It allow you to add extra information about the users such as user’s full name, phone number etc. This field use by finger command

  6. Home directory The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /

  7. Command/shell The absolute path of a command or shell (typically /bin/bash). Please note that it does not have to be a shell. For example, sysadmin can use the nologin shell, which acts as a replacement shell for the user accounts. If shell set to /sbin/nologin and the user tries to log in to the Linux system directly, the /sbin/nologin shell closes the connection

Example /etc/passwd entry