PASSWD.5
上传用户:jnzhq888
上传日期:2007-01-18
资源大小:51694k
文件大小:6k
- PASSWD(5) Minix Programmer's Manual PASSWD(5)
- NAME
- passwd, group, shadow - user and group databases, shadow passwords
- SYNOPSIS
- /etc/passwd
- /etc/group
- /etc/shadow
- DESCRIPTION
- /etc/passwd lists all the users of the system, and /etc/group lists all
- the groups the users may belong to. Both files also contain encrypted
- passwords, numeric ID's etc. Encrypted passwords may be hidden in the
- file /etc/shadow if extra protection is warranted.
- Each file is an text file containing one line per user or group. The
- data fields on a line are separated by colons. Each line in the password
- file has the following form:
- name:passwd:uid:gid:gecos:dir:shell
- The name field is the login name of a user, it is up to 8 letters or
- numbers long starting with a letter. The login name must be unique. The
- password field is either empty (no password), a 13 character encrypted
- password as returned by crypt(3), or a login name preceded by two number
- signs (#) to index the shadow password file. Anything else (usually *)
- is invalid. The uid and gid fields are two numbers indicating the users
- user-id and group-id. These id's do not have to be unique, there may be
- more than one name with the same id's. The gecos field can be set by the
- user. It is expected to be a comma separated list of personal data where
- the first item is the full name of the user. The dir field is the path
- name of the users home directory. Lastly the shell field is the path
- name of the users login shell, it may be empty to indicate /bin/sh. A
- Minix specific extension allows the shell field to contain extra space
- separated arguments for the shell.
- Lines in the group file consist of four fields:
- name:passwd:gid:mem
- The name field is the name of the group, same restrictions as a login
- name. The passwd field may be used to let users change groups. The gid
- field is a number telling the group-id. The group-id is unique for a
- group. The mem field is a comma separated list of login names that are
- special members of the group. If a system supports supplementary group
- id's then a user's set of supplementary group id's is set to all the
- groups they are a member of. If a system allows one to change groups
- then one can change to a group one is a member of without using the
- group's password.
- 1
- PASSWD(5) Minix Programmer's Manual PASSWD(5)
- The shadow password file has precisely the same form as the password
- file, except that only the name or passwd fields are used as yet. The
- other fields are zero or empty. A password in the password file may have
- the form ##user to indicate the entry user in the shadow password file.
- The password in this entry is then used for authentication of the user.
- The shadow file can only be read by the privileged utility pwdauth(8), so
- that the encrypted passwords in the shadow file are kept secret, and thus
- safe from a dictionary attack.
- Special password and group file entries
- There are several entries in the password and group files that are
- preallocated for current or future use. All id's less than 10 are
- reserved. The special password file entries are:
- root:##root:0:0:Big Brother:/usr/src:
- daemon:*:1:1:The Deuce:/etc:
- bin:##root:2:0:Binaries:/usr/src:
- uucp:*:5:5:UNIX to UNIX copy:/usr/spool/uucp:/usr/sbin/uucico
- news:*:6:6:Usenet news:/usr/spool/news:
- ftp:*:7:7:Anonymous FTP:/usr/ftp:
- nobody:*:9999:99::/tmp:
- ast:*:8:3:Andrew S. Tanenbaum:/usr/ast:
- The root id is of course the super user. The daemon id is used by some
- daemons. Some devices are protected so that only those daemons can
- access them. The bin id owns all sources and most binaries. The uucp,
- news and ftp id's are for serial line data transfer, usenet news, or ftp
- if so needed. The nobody id is used in those cases that a program may
- not have any privileges at all. The ast id is the honorary home
- directory for Andrew S. Tanenbaum, the creator of Minix. You can also
- find the initial contents for a new home directory there.
- The special group file entries are:
- operator:*:0:
- daemon:*:1:
- bin:*:2:
- other:*:3:
- tty:*:4:
- uucp:*:5:
- news:*:6:
- ftp:*:7:
- kmem:*:8:
- nogroup:*:99:
- Groups with the same name as special user id are used with those id's.
- The operator group is for the administrators of the system. Users in
- this group are granted special privileges. The other group is for
- ordinary users. The tty group is for terminal devices, and associated
- set-gid commands. Same thing with the kmem group and memory devices.
- 2
- PASSWD(5) Minix Programmer's Manual PASSWD(5)
- FILES
- /etc/passwd The user database.
- /etc/group The group database.
- /etc/shadow The shadow password file.
- SEE ALSO
- login(1), passwd(1), su(1), crypt(3), getpwent(3), getgrent(3),
- pwdauth(8).
- NOTES
- The nobody and nogroup id's are likely to be renumbered to the highest
- possible id's once it is figured out what they are.
- AUTHOR
- Kees J. Bot (kjb@cs.vu.nl)
- 3