passwd (file)

In Unix-like operating systems the /etc/passwd file is a text-based database of information about users that may login to the system or other operating system user identities that own running processes.

In many operating systems this file is just one of many possible back-ends for the more general passwd name service.

The file's name originates from one of its initial functions as it contained the data used to verify passwords of user accounts. However, on modern Unix systems the security-sensitive password information is instead often stored in a different file using shadow passwords, or other database implementations.

The /etc/passwd file typically has file system permissions that allow it to be readable by all users of the system (world-readable), although it may only be modified by the superuser or by using a few special purpose privileged commands.

File format

The /etc/passwd file is a text file with one record per line, each describing a user account. Each record consists of seven fields separated by colons.^[1] The ordering of the records within the file is generally unimportant.

An example record may be:

jsmith:x:1001:1000:Joe Smith,Room 1007,(234)555-8910,(234)555-0044,email:/home/jsmith:/bin/sh

The fields, in order from left to right, are^[2]:

1. The first field is the user name, i.e. the string a user would type in when logging into the operating system: the logname. Each record in the file must have a unique user name field.
2. The second field stores information used to validate a user's password; however in most modern uses this field is usually set to "x" (or some other indicator) with the actual password information being stored in a separate shadow password file. Setting this field to an asterisk "*" is the typical way to deactivate an account to prevent it being used.
3. The third field is the user identifier, the number that the operating system uses for internal purposes. It does not have to be unique.
4. The fourth field is the group identifier. This number identifies the primary group of the user; all files that are created by this user may initially be accessible to this group.
5. The fifth field, called the Gecos field, is commentary that describes the person or account. Typically, this is a set of comma-separated values including the user's full name and contact details.
6. The sixth field is the path to the user's home directory.
7. The seventh field is the program that is started every time the user logs into the system. For an interactive user, this is usually one of the system's command line interpreters (shells).

See also

• crypt(3) - a library function implementing a password encryption algorithm
• getent - a library function to lookup passwd records
• passwd - a command that allows a user to change their password
• chfn - a command that allows a user to change their gecos information
• chsh - a command that allows a user to change their shell
• vipw - a command to safely edit the /etc/passwd file

References

1. ^ Introduction to Processes and the Unix Shell
2. ^ Understanding /etc/passwd File Format

External links

• Manual page from Unix First Edition describing /etc/passwd