7

Are formats of files /etc/shadow and /etc/passwd same on all unix and unix-like systems same or are there significant differences?

I mean syntax of files, not file location or name

Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
rkosegi
  • 603
  • 7
  • 15

2 Answers2

5

As far as I know, all unix variants have an /etc/passwd file with the traditional layout, for the sake of applications that read the file directly. Each line in the file contains colon-separated records which correspond to struct passwd fields:

  1. user name (login)
  2. encrypted password (if present)
  3. user id (number, in decimal)
  4. principal group id (number, in decimal)
  5. Gecos field. This field is not used by system programs except for display purposes. It is normally a comma-separated list of fields, the first three being full name, office number and telephone number.
  6. home directory
  7. login shell

One thing that varies between systems is how much liberty you can take with the syntax. For example, GNU libc (i.e. Linux) ignores lines that begin with #: they are comments. GNU libc also ignores whitespace at the beginning of a line, so they can be indented. An invalid line might cause programs to stop processing the file or to skip to the next line.

Most modern systems no longer store an encrypted password in the second field. The content of that field is not a reliable indication of whether the user has a password set (and even if you found that out, this is not a reliable indication of whether the user can log in, because there are many other authentication methods such as SSH keys, one-time passwords, biometrics, smartcards, …).

When passwords aren't in /etc/passwd, where they are is system-dependent. The Rosetta Stone for Unix mentions many unix variants.

  • Solaris uses /etc/shadow, and this has been copied by others including Linux. Linux and Solaris shadow files have the same format; I don't know if the other systems that have a file called /etc/shadow use the same format.
  • BSD systems have /etc/master.passwd, and additionally have database files for faster access, updated by pwd_mkdb.

Remember that /etc/passwd hasn't been guaranteed to contain the full list of users for a couple of decades: users can come from other databases such as NIS (YP) or LDAP. As a system administrator, avoid edit the /etc/passwd file directly; use vipw instead, if your system provides it (and if it doesn't, consult your manuals to see what method is recommended to modify the user database).

What I wrote above goes for groups, too. The fields in /etc/group are struct group members: group name, password (largely unused), numerical group id, and a comma-separated list of user names (the users who have this group as a secondary group). Linux has a /etc/gshadow file, but this is rarely used, as group authentication is not widely practiced.

Gilles 'SO- stop being evil'
  • 807,993
  • 194
  • 1,674
  • 2,175
  • but he's little wrong... BSD systems have 5th field dedicated to 'class'. - passwd(5) - http://www.openbsd.org/cgi-bin/man.cgi?query=passwd&apropos=0&sektion=5&manpath=OpenBSD+Current&arch=i386&format=html – jirib Jun 01 '12 at 08:45
  • The separation betwen /etc/passwd and /etc/shadow (or /etc/master.passwd) is logical. The former is world readable, the latter is readable for root. Thus it stops script kiddies to break hashed passwords. – jirib Jun 01 '12 at 08:50
  • @JiriXichtkniha The class field is in `master.passwd` (same as in other BSDs). The format of `/etc/passwd` on OpenBSD is the classical one. – Gilles 'SO- stop being evil' Jun 01 '12 at 10:38
2

First not all UNIX systems use /etc/shadow, so there are not equal :D BSD uses /etc/master.passwd, AIX uses /etc/security/passwd ...

jirib
  • 1,138
  • 1
  • 7
  • 13
  • 1
    second?... I guess second would be: since not all of them implement those files you can only say that those that do implement them follow the same format. BTW, Mac OS also has a /etc/passwd file but no /etc/shadow. – devius May 31 '12 at 09:31
  • You guess wrong of course. BSD uses 'class' in their passwd,master.passwd to use it by login.conf. – jirib May 31 '12 at 09:38
  • "BTW, Mac OS also has a /etc/passwd file but no /etc/shadow." - guess why? Mac OS is somehow built on FreeBSD' fork - Darwin. – jirib May 31 '12 at 09:40
  • You still presuppose "all unix and unix-like" systems use /etc/shadow. Your question is still wrong. See here - http://bhami.com/rosetta.html - for basic research. – jirib May 31 '12 at 09:50
  • The question is stupid: 1. not all unices uses /etc/shadow, 2. bingo, they are not syntactly equal not because variancy of location of /etc/shadows but because there is different content fitting specific OS needs! – jirib May 31 '12 at 10:23