2013-08-05

/etc/passwd file


Pranaam to all bhai ji _/\_
i am posting about /etc/passwd  file structure .This is sytem file which contain information related to user account on system.
when ever a user account creates , /etc/passwd maintain some information about that user like
1.user name
2.user id
3.user group id
4.user home directory
5.user login shell
etc etc ;)

lets have a look on /etc/passwd file


we have 7 fields for a user in /etc/passwd file
1.username
2.shadow file masking
3.user id(UID)
4.group id(GID)
5.gcose field
6.home directory
7.user login shell


lets start :)

Username:-
this is the first field in /etc/passwd file . when we create a user, we need to select a name which is termed as username of user.


to check username with which you have logged in , run command  whoami

Shadow file masking:-
second field is bydefault filled with value "x" which means when user will try to login , user's password will be checked from /etc/shadow(we will discuss about this file later) file.if we remove x from this field , user login will be done without asking password .


now lets see whether we can login to account indishell without password or not


hell yesh :D user logged in without password.

User ID:-
this is third field and represent user id on system .when we create new user on system , user gets his unique user id but we can change it to something else according to our requirement.
we have 3 type of users on system
1.admin user (user having user id 0 and these users have system admin power )
2.general user (those users whose user id comes under 500-60000 )
3.system/service account(these are users whose id comes under 2 to 499) . these are generally system services account like apache server , ssh ,FTP,Telnet server

Note:-if a user has user id 0 , system will treat him as root user 8-) . so if you want to make a user as root , simply change user id value to 0 and user will become root of system.



Group id:-
4th field is group id field , when we create new user on system, user has assigned a group id too.
group id represent , to which group user belongs .
group id has an advantage , we can add multiple users to a group and then we can use this group when we want to give access of a file/directory to specific user only. in that case , other then owner of the file only those users who belongs to group which has been assigned to that file/directory will be able to perform operation to that file/directory.


now i have added one user having name "ica" on my machine to group "root" in file /etc/group
after adding user "ica" to group  "root" , user "ica" will be able to perform operation on those files which belongs to group is "root".
lets have a look , i have created a file rr.txt with user "root" and its owner and group is "root"
only owner and group "root" has permission to perform any action on file rr.txt and rest of the user can even open that file . user "ica" is also a normal user but he belongs to group "root"
so user ica will be able to open, edit,delete or anything which can be done by user root.


lets try with another normal user having name 1046, check whether he can rename that file or not ;)


as expected , nooooo :) because user 1046 doesnt have root user power nor in group root , so he cant do :).

Gecose field:-
this is 5th field and just contains some general info about user nothing else
 

home directory:-
this is 6th filed in /etc/passwd file , which tells the system user's home directory. when user will be authenticated, he will be dropped to his home directory and home directory is defined in /etc/passwd file
for  root user (whose username is root not talking about user whose UID is 0 :)  ) , home directory is /root
and for normal users its /home/username_of_user/
lets have a look in /etc/passwd file for batter understanding :)


lets see what happen if i login to system wit account root , according to /etc/passwd file root must be dropped to directory /root after successful login



\m/ we are in /root directory
ok lets try for another user , i mean for normal user ;)
i am logging in as user ica and according to /etc/passwd i must be dropped to directory /home/ica (for non root user bydefault home directory is /home/user  if root admin dont want this , he can change it to something else by changing directory from /homr/username to something else in /etc/passwd file and then providing sufficient permission on that directory to the user for example i want to make directory /ica as home directory of user ica then i must provide read and write permission and ownership to user ica on directory /ica )


so , we can find out a user's home directory by looking into /etc/passwd file 6th field in the line where username of user exist :)
you can directly get user home directory by running this command

cat /etc/passwd | grep  user_name | cut -f 6 -d :

user login shell:-
this is the 7th and last field which defines the user shell access when user will successfully logged into system.
we have already discussed about shell and its working in this article http://mannulinux.blogspot.com/2013/07/linux-shell-terminal.html
 for a user a shell is necessary so that he can login to system.shell may be either bash,sh,korn or any other shell.because shell environment will provide an interface to user so that user can work on system and  perform command execution task.
generally we use "bash shell" because it is free as well as powerful shell
to know with which shell we have access on system, run command  echo $SHELL
for user ica,  bash shell is assigned in /etc/passwd file and  whose binary(executable file) is stored in /bin directory
lets have a look :)


for the list of available shell on your system, run command
cat /etc/shells
and you will get output like this
/bin/sh
/bin/bash
/sbin/nologin
sh and bash shell both are use to provide shell access to user but shell "nologin" which is stored in /sbin directory does not allow user to access shell on system.
/sbin/nologin shell is mainly used for  services which runs on system like apache,ssh,nfs server .
if you assign a user /sbin/nologin shell, he wont be able to access system using shell :D
i am going to change shell access for user ica .
list of available shells on system can be obtain by running command  "cat  /etc/shells"
and for changing shell , we need to run command  " chsh  username  "
so command in my case  chsh  ica
specify your shell name , i am changing shell access from /bin/bash to /bin/sh , thats why i specified my shell name as /bin/sh and i got message for successful shell changed :D


ok now just logout by typing exit and login again to system and check shell access gain :)


yes , we did it :D

it was all about /etc/passwd file :)
hope you people like it :)

Thank you
Grettz to :- Guru ji Zero, Whole Team Indishell and Hardeep bhai <3
Share this post

1 comments

  1. awesome explanation bhai ji .... really nice one.. :)

    ReplyDelete

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top