In Unix-like operating systems, the “password file” refers to a system file that stores user account information. The most common password file on Linux systems is /etc/passwd
. This file contains entries for each user account on the system and provides important information about each user, including their username, user ID (UID), group ID (GID), home directory, default shell, and more.
Each line in the /etc/passwd
file represents a user account and is structured as follows:
username:password:UID:GID:GECOS:home_directory:shell
Here is an explanation of each field:
- username: This is the name of the user account. It is used to identify the user when logging in.
- password: Historically, this field used to store the user’s encrypted password. However, modern systems typically store password hashes in a separate file like
/etc/shadow
for enhanced security. The password field in/etc/passwd
now typically contains a placeholder, such as “x” or “*”. - UID (User ID): This is a unique numerical identifier assigned to each user. The root user typically has a UID of 0.
- GID (Group ID): This field indicates the user’s primary group. It refers to the GID stored in the
/etc/group
file. - GECOS: This field traditionally contained additional information about the user, such as the user’s full name and contact information. However, it is not often used in modern systems.
- home_directory: This is the path to the user’s home directory, where their files and personal configurations are stored.
- shell: This field specifies the default shell or command-line interface assigned to the user. It defines the environment in which the user interacts with the system.
Example entry in /etc/passwd
:
john:x:1000:1000:John Doe:/home/john:/bin/bash
- Username: john
- Password: (hashed and stored in
/etc/shadow
) - UID: 1000
- GID: 1000
- GECOS: John Doe
- Home directory:
/home/john
- Default shell:
/bin/bash
It’s important to note that, for security reasons, the /etc/passwd
file is typically readable by all users, but only writable by the superuser (root). The actual password information is stored in /etc/shadow
, which is only readable by the superuser to protect sensitive information