source: trunk/minix/man/man5/passwd.5@ 20

Last change on this file since 20 was 9, checked in by Mattia Monga, 14 years ago

Minix 3.1.2a

File size: 4.9 KB
Line 
1.TH PASSWD 5
2.SH NAME
3passwd, group, shadow \- user and group databases, shadow passwords
4.SH SYNOPSIS
5.B /etc/passwd
6.br
7.B /etc/group
8.br
9.B /etc/shadow
10.SH DESCRIPTION
11.B /etc/passwd
12lists all the users of the system, and
13.B /etc/group
14lists all the groups the users may belong to. Both files also contain
15encrypted passwords, numeric ID's etc. Encrypted passwords may be hidden
16in the file
17.B /etc/shadow
18if extra protection is warranted.
19.PP
20Each file is an text file containing one line per user or group. The data
21fields on a line are separated by colons. Each line in the password file
22has the following form:
23.PP
24.RS
25.I name:passwd:uid:gid:gecos:dir:shell
26.RE
27.PP
28The
29.I name
30field is the login name of a user, it is up to 8 letters or numbers long
31starting with a letter. The login name must be unique.
32The
33.I password
34field is either empty (no password), a 13 character encrypted password as
35returned by
36.BR crypt (3),
37or a login name preceded by two number signs (#) to index the shadow
38password file. Anything else (usually \(**) is invalid.
39The
40.I uid
41and
42.I gid
43fields are two numbers indicating the users user-id and group-id. These
44id's do not have to be unique, there may be more than one name with the same
45id's.
46The
47.I gecos
48field can be set by the user. It is expected to be a comma separated list
49of personal data where the first item is the full name of the user.
50The
51.I dir
52field
53is the path name of the users home directory.
54Lastly the
55.I shell
56field is the path name of the users login shell, it may be empty to indicate
57.BR /bin/sh .
58A MINIX 3 specific extension allows the shell field to contain extra space
59separated arguments for the shell.
60.PP
61Lines in the group file consist of four fields:
62.PP
63.RS
64.I name:passwd:gid:mem
65.RE
66.PP
67The
68.I name
69field is the name of the group, same restrictions as a login name.
70The
71.I passwd
72field may be used to let users change groups.
73The
74.I gid
75field is a number telling the group-id. The group-id is unique for a group.
76The
77.I mem
78field is a comma separated list of login names that are special members of
79the group. If a system supports supplementary group id's then a user's set
80of supplementary group id's is set to all the groups they are a member of.
81If a system allows one to change groups then one can change to a group one
82is a member of without using the group's password.
83.PP
84The shadow password file has precisely the same form as the password file,
85except that only the
86.I name
87or
88.I passwd
89fields are used as yet. The other fields are zero or empty. A password in
90the password file may have the form
91.BI "##" user
92to indicate the entry
93.I user
94in the shadow password file. The password in this entry is then used for
95authentication of the user. The shadow file can only be read by the
96privileged utility
97.BR pwdauth (8),
98so that the encrypted passwords in the shadow file are kept secret, and thus
99safe from a dictionary attack.
100.SS "Special password and group file entries"
101There are several entries in the password and group files that are
102preallocated for current or future use. All id's less than 10 are reserved.
103The special password file entries are:
104.PP
105.RS
106.nf
107root:##root:0:0:Big Brother:/usr/src:
108daemon:*:1:1:The Deuce:/etc:
109bin:##root:2:0:Binaries:/usr/src:
110uucp:*:5:5:UNIX to UNIX copy:/usr/spool/uucp:/usr/sbin/uucico
111news:*:6:6:Usenet news:/usr/spool/news:
112ftp:*:7:7:Anonymous FTP:/usr/ftp:
113nobody:*:9999:99::/tmp:
114ast:*:8:3:Andrew S. Tanenbaum:/usr/ast:
115.fi
116.RE
117.PP
118The
119.B root
120id is of course the super user.
121The
122.B daemon
123id is used by some daemons. Some devices are protected so that only those
124daemons can access them.
125The
126.B bin
127id owns all sources and most binaries.
128The
129.BR uucp ,
130.BR news
131and
132.BR ftp
133id's are for serial line data transfer, usenet news, or ftp if so needed.
134The
135.B nobody
136id is used in those cases that a program may not have any privileges at all.
137The
138.B ast
139id is the honorary home directory for Andrew S. Tanenbaum, the creator of
140MINIX 3. You can also find the initial contents for a new home directory
141there.
142.PP
143The special group file entries are:
144.PP
145.RS
146.nf
147operator:*:0:
148daemon:*:1:
149bin:*:2:
150other:*:3:
151tty:*:4:
152uucp:*:5:
153news:*:6:
154ftp:*:7:
155kmem:*:8:
156nogroup:*:99:
157.fi
158.RE
159.PP
160Groups with the same name as special user id are used with those id's.
161The
162.B operator
163group is for the administrators of the system. Users in this group are
164granted special privileges.
165The
166.B other
167group is for ordinary users.
168The
169.B tty
170group is for terminal devices, and associated set-gid commands.
171Same thing with the
172.B kmem
173group and memory devices.
174.SH FILES
175.TP 15n
176.B /etc/passwd
177The user database.
178.TP
179.B /etc/group
180The group database.
181.TP
182.B /etc/shadow
183The shadow password file.
184.SH "SEE ALSO"
185.BR login (1),
186.BR passwd (1),
187.BR su (1),
188.BR crypt (3),
189.BR getpwent (3),
190.BR getgrent (3),
191.BR pwdauth (8).
192.SH NOTES
193The
194.B nobody
195and
196.B nogroup
197id's are likely to be renumbered to the highest possible id's once it is
198figured out what they are.
199.SH AUTHOR
200Kees J. Bot (kjb@cs.vu.nl)
Note: See TracBrowser for help on using the repository browser.