Information Technology Reference
In-Depth Information
password of a user account and consists of nine colon-delimited fields. Table
3.6 lists the fields of an entry in the /etc/shadow file.
The /etc/shadow file should always be protected from unauthorized access
or copying because it contains all user passwords for the system. Although
the passwords are stored in encrypted form, it is still possible to find pass-
words using specialized software.
Table 3.6
/etc/shadow Fields
Field
Purpose
User account
Used to relate the /etc/shadow entry to a user account defined in
the /etc/passwd file.
password
A 13-character encrypted password for the associated user
account. If the field contains NP , this account is used only to own
processes or files ( setuid ) and cannot be used to log in to the sys-
tem. If the field contains *LK* , the account is locked and cannot be
used to access the system. If the field is empty, no password
exists, and the user is forced to enter a password the first time the
account is used.
last changed
The number of days between January 1, 1970, and the last date the
password was changed.
minimum
The minimum number of days required to pass before the user is
allowed to change the password again.
maximum
The maximum number of days the password is valid.
warning
The number of days the user is warned before the password
expires.
inactivity
The number of days account can be inactive before the password
must be changed.
expiration
The number of days between January 1, 1970, and the date on
which the account expires.
flag
Reserved for future use.
The following listing shows the guest entry from a Solaris 9 /etc/shadow file
that uses all the fields except flag :
guest:on7GbE18yYAek:10688:5:30:5:20:10844:
/etc/group
The /etc/group file is an ASCII file that is used to store information about
groups on the local system. Each line represents a group and consists of four
colon-delimited fields. Table 3.7 lists the fields of an entry in the /etc/group file.
Search WWH ::




Custom Search