New /etc/passwd.shadow

Similar Messages

• Login Process & Security of /etc/passwd and /etc/shadow

  Guys,
  I have few questions, Please help me out.
  1. What is the Solaris 8 and Solaris 9 environment's boot files ?
  2. While Logging into Solaris Operating Environment , which is file is responsible for Login Process ? Through which file/command the username and password is cross checked with /etc/passwd and /etc/shadow ?
  3. We all know that /etc/passwd come with -rw-r--r-- permission and /etc/shadow comes with -r--------. I did a chmod and assigned 000 to both the files. But Still I am able to change the password for the normal user. And as a root I am still able to cat the contents of both the files.
  Help me understand these concepts.
  Thank you.
  Arut

  Sounds like you're very new to Solaris:
  1. What is the Solaris 8 and Solaris 9 environment's boot files ?/kernel/genunix is the primary boot file. The directory structure in /kernel is also boot related. /usr/kernel is also boot related.
  2. While Logging into Solaris Operating Environment , which is file is responsible for Login Process ? Through which file/command the username and password is cross checked with /etc/passwd and /etc/shadow ?Generally three files are related: /etc/passwd, /etc/shadow, and the program /bin/login. Some applications will process /etc/passwd and /etc/shadow on their own and bypass /bin/login - but for you're purposes this is a good general answer.
  As a minor example (and if I remember correctly), say someone uses telnet to log into a system. Telnet prompts for the login ID. Once input, it passes forks off /bin/login with the login ID. /bin/login reads the user password information from /etc/shadow and takes the first two bytes from the password field (column 2 using : as field seperator) which is the crypt salt (see crypt man page). /bin/login prompts for the password which the user inputs. /bin/login takes the user input password and the salt value read from /etc/shadow for that user and pushes it through crypt. It then takes the resultant crypt output and compares it against what it read from /etc/shadow - if they matches the user has input the right password. If not, it prompts the user again with a password prompt.
  3. We all know that /etc/passwd come with -rw-r--r-- permission and /etc/shadow comes with -r--------. I did a chmod and assigned 000 to both the files. But Still I am able to change the password for the normal user. And as a root I am still able to cat the contents of both the files.To change your password you run the passwd command. That command is SUID root - so for a short period of time you become root within the context of that process. Root is basically god mode and doesn't care about file access priviledges generally. So that fact that /etc/passwd and /etc/shadow have 000 file access permissions doesn't matter - root can still read and write to them.

• How to recover /etc/passwd and /etc/shadow files

  hi
  Unfortunetly I have a big problem is that someone crash the /etc/passwd and /etc/shadow files from my running server, and my all users are not to able to login. so please can any one help me how to recover this files or any ideas for make these files...
  thanks
  Mohammed Tanvir

  Hello
  It is not working.Pla help me this bit critical
  Step followed
  01.Boot from the cdrom and mount root partision.
  02.Deleted the exsisting file /etc/passwd and /etc/shadow
  03.copy the opasswd and oshadow to the etc directory as passwd and shadow
  04.Umount the root partision
  05.Reeboot the system
  thanks
  Roshantha

• [SOLVED] /etc/passwd and /etc/shadow -- pwck shows missing groups

  I recently found out about the pwck and grpck commands to check for errors/inconsistencies in the passwd, group, shadow and gshadow files...  grpck returns no errors, but pwck returns this:
  user 'avahi': no group 84
  user 'postgres': no group 88
  user 'ntp': no group 87
  pwck: no changes
  These are the relevant lines from /etc/passwd:
  avahi:x:84:84:Avahi daemon:/:/bin/false
  postgres:x:88:88:PostgreSQL user:/var/lib/postgres:/bin/bash
  ntp:x:87:87:Network Time Protocol:/var/lib/ntp:/bin/false
  There are lines for those users in /etc/shadow... but...  I'm not sure what I need to do to fix the problem.
  I think I understand enough, now, to maintain the files in future, but would anyone know I can fix this?
  Last edited by esuhl (2012-10-08 20:22:05)

  2ManyDogs wrote:I don't know how to fix the errors, but I'm really curious about why you decided to run those commands. Were you having a problem you thought might be ralated to groups and/or passwords? What are groups 84, 97, and 88?
  Ha!  Well... when I started using Arch I really didn't know much about Linux and I an update providing some .pacnew files (/etc/group, gshadow, passwd, shadow) and... well...  I don't know what I did, but I think it was probably not what I should have done(!).  I used grpck in the past and got no errors and it suddenly occurred to me today that there should be an equivalent for checking /etc/passwd... so that's why I just ran the commands now.  Everything seems to be working, however...
  I don't have an entry for groups 84, 87 and 88 in my /etc/group file...  Hmmm...
  I tried running this command to find any files associated with that group, but only get the following:
  [root@i7pc tim]# find / -gid 88
  find: `/run/user/1000/gvfs': Permission denied
  find: `/proc/1806/task/1806/fd/5': No such file or directory
  find: `/proc/1806/task/1806/fdinfo/5': No such file or directory
  find: `/proc/1806/fd/5': No such file or directory
  find: `/proc/1806/fdinfo/5': No such file or directory
  I get similar output for the other groups, so... can I just delete them from /etc/passwd and /etc/shadow?
  I notice I have the avahi package installed, however, and group 84 relates to user 'avahi'... so...  surely I need the avahi user...?
  Last edited by esuhl (2012-10-07 23:09:30)

• [SOLVED] Today's update of /etc/group, /etc/passwd and /etc/gshadow

  Hello,
  During the regular updates I received an update of /etc/groups. I wonder what I should do here, as there are some differences between the old file and the pacnew one. I suppose that when I use the command to add my user to a group, it gets written into this file. So, just recklessly moving the pacnew file in the place of the old one, will mess up all my groups, won't it?
  Then what should I do? All the entries in the pacnew file are also present in the old one, so I guess I could just delete the pacnew one and keep the old one. Am I right?
  EDIT: The same goes to /etc/passwd and /etc/gshadow.
  Last edited by Unia (2012-10-06 09:51:23)

  teateawhy wrote:
  If you had the uuid user before like me the uuid line in your own files is different from the pacnew file. You have to delete the uuid line near the bottom in your old file. Then insert the new uuid entry including the new number in the place near the top suggested by the pacnew file. Keep the other lines untouched, then save your changes and delete the pacnew files.
  Edit: On a system that has actually been modified from a default install the new files will for sure be different to the old ones.
  Thanks, teateawhy!  I currently have this listed in /etc/passwd:
  uuidd:x:998:998::/:/sbin/nologin
  And this is in the .pacnew file:
  uuidd:x:68:68:uuidd:/:/sbin/nologin
  So, I can just copy the entry from the .pacnew file, overwriting the old entry, right?
  What I don't understand is how the two numbers 998 representing the UID and GID can suddenly change to 68.  Shouldn't they have to correspond with some other reference or list of users/groups...?
  I'm sure it's fine to just replace the entry as you suggested, but I wondered if there was a way to double-check which uid/gid should be used?  It's not that I don't trust you, but I don't fully understand how these group/passwd files work and I'm trying to get my head round it all.
  Cheers,
  esuhl

• Systemd entries in /etc/passwd and others...

  Hi! How do I find out what are correct entries for systemd in /etc/passwd, /etc/group, /etc/shadow and others in current system? What if I screw them up during system update and maybe lose some of them or will end up having those unneeded?...

  I don't understand what you want. A backup maybe? Do you have any pacnew files?

• /etc/passwd modified

  Being root on a Solaris2.8 station and editing the /etc/passwd file, I changed root name field as uppercase for the root line.
  Now I cannot become root again. When typing `su`, I'm getting: "su: Unknown Id: root". Of course, if I'm not root I cannot undo the /etc/passwd.
  I have a metadevice built with disksuite.
  What can be done?
  Sergio Gonzalez J.

  you oculd try "#su - ROOT" but I would reallry recommend you don't change the field and leave it alone. I don't think this is going to work though as you password is not in the password fiel, it is in the shadow file.
  Other way is to boot from cdrom in single user mode, mount the root disk and change root back to being the way it was before. If you was root to be secure then constantly change the password.

• [SOLVED] /etc/passwd deleted !!

  Hey every one
  i did a terrible mistake. I deleted my /etc/passwd fil in the process of changing the old file to the new one after the update. So i still have  the /etc/passwd.old as a backup but when ever i try to chang my  old file name to /etc/passwd i get sudo: unknown uid 1000:who are you?
  is there a way to get the passwd back......
  Micah
  Last edited by amishxxx (2012-11-02 19:18:48)

  Hey everyone
  thank you for all your suggestions
  sorry that it took me so long to respond ... i fixed my problem already a couple days ago.
  I used a Live CD...
  everything is working again
  Thanks

• Unshadowing /etc/passwd

  I want to create a copy of /etc/passwd (another file name) that has been unshadowed. (/etc/passwd combined with /etc/shadow, not that the password is displayed in plain text) I know there are "utilities" out there that will do that, but is there a more propper way to do it?
  I also assume I could write a script to do it, just looking for the way others do it.

  Don't know if it is exactly what you are looking for, but here is a noddy script I write some time ago, when I couldn't get to admintool on a particular site. The screen output is formatted, whilst the file output isn't
  hope it helps.
  #!/usr/bin/ksh
  # script: /usr/local/bin/pwstat
  # date: 3/5/1999
  # version: 1.0
  # purpose: To dump to screen or file user details
  # set initial ver.
  clear
  option=$1
  rm /tmp/pwstat.* > /dev/null 2>&1
  count=2
  passwd -as > /tmp/pwstat.$$
  # test switches
  if [[ $option = screen ]] || [[ $option = file ]] ; then
  continue
  else
  print "Valid Options are: screen or file, try again!"
  exit
  fi
  if [[ $option == screen ]] ; then
  tput smso
  print "USERID: PASSWORD: UID: GID: COMMENT: HOME DIR: SHELL: PW Exp."
  tput rmso
  fi
  if [[ $option == file ]] ; then
  print "Enter filename for output:\c"
  read filename
  print "Writing output to $filename...."
  rm $filename > /dev/null 2>&1
  fi
  # START OF SCRIPT LOGIC
  while read user "att"
  do
  if [[ -n $user ]] ; then
  uid=`grep ^$user: /etc/passwd | awk -F: '{print $3}'`
  gid=`grep ^$user: /etc/passwd | awk -F: '{print $4}'`
  com="`grep ^$user: /etc/passwd | awk -F: '{print $5}'`"
  comm=${com:-NoComment}
  hdi=`grep ^$user: /etc/passwd | awk -F: '{print $6}'`
  shl=`grep ^$user: /etc/passwd | awk -F: '{print $7}'`
  shell=${shl:-NoShell}
  psw=`grep ^$user: /etc/shadow | awk -F: '{print $2}'`
  if [[ $option == screen ]] ; then
  tput cup $count 0
  print $user
  tput cup $count 12
  print $psw
  tput cup $count 30
  print $uid
  tput cup $count 37
  print $gid
  tput cup $count 45
  print $comm
  tput cup $count 60
  print $hdi
  tput cup $count 85
  print $shell
  tput cup $count 105
  print $att
  ((count = count + 1))
  elif [[ $option == file ]] ; then
  print "$user\t $psw\t $uid\t $gid\t $comm\t $hdi\t $shell\t $att" >> $filename
  fi
  fi
  done < /tmp/pwstat.$$

• System.getProperty("user.name") not working without /etc/passwd, CentOS 4.3

  Dear all,
  I'm having trouble getting the system property user.name (which we need in our ant scripts) on our CentOS box. :(
  When running the program below thru
  java dumpproperties2
  it prints "user.name='?'" on our CentOS 4.3. On win32 it works. It turns out that if you add the account corresponding to the EUID to /etc/passwd it works correctly. However, we don't use passwd authentication but an enterprise wide LDAP-system. Our /etc/nsswitch.conf says:
  passwd: files ldap
  One work around is to replace the java executable with a script that does
  /path/to/jdk/bin/java -Duser.name=$USER -Duser.home=$HOME $@
  Used jdk is j2se 1.5.0_13 Linux 32-bit.
  Some questions for the experts:
  1) Is there any other way?
  2) Is it a known issue that Linux versions of the jdk just looks in /etc/passwd to map uid to user name (and home dir) instead of doing what the rest of the system, like whoami, does? I haven't found anything in either the readme or installation instructions, nor in the bug db.
  Br, Jesper Tr�g�rdh
  public class dumpproperties2 {
      public static void main(String[] args) {
       String s = System.getProperty("user.name");
       System.out.println("user.name='" + s + "'");
  }

  Does this work?
  //public final class System
  public static String getenv(String name)Then you can access the USER environment from inside Java.

• Smc and smuser both put wrong home directory in /etc/passwd

  Hello,
  I'm trying to use 'smuser add' as an alternative to 'useradd' in a setuid script, using -d to specify a home directory other than the default. Unfortunately, although the directory is created in the right place, the default is written into /etc/passwd.
  %smuser add -u sapadm -p ***** -- -d /appuser/inputs/tom -g sapusers -n tom -s /bin/sh
  Loading Tool: com.sun.admin.usermgr.cli.user.UserMgrCli from localhost
  Login to localhost as user sapadm was successful.
  Download of com.sun.admin.usermgr.cli.user.UserMgrCli from localhost was successful.
  % ls -al /appuser/inputs/tom
  total 14
  drwxr-x--- 2 tom sapusers 5 Mar 28 15:48 .
  drwxr-xr-x 3 sj staff 3 Mar 28 15:48 ..
  -rw-r--r-- 1 tom sapusers 136 Mar 28 15:48 .cshrc
  -rw-r--r-- 1 tom sapusers 157 Mar 28 15:48 .login
  -rw-r--r-- 1 tom sapusers 174 Mar 28 15:48 .profile
  % cat /etc/passwd
  tom:x:101:1002::/home/tom:/bin/sh
  % ls -al /home/tom
  /home/tom: No such file or directory
  % uname -a
  SunOS sun03 5.10 Generic_127112-07 i86pc i386 i86pc
  Exactly the same thing happens when I use the SMC2.1 GUI - even though it echoes back to me that the directory path qill /appuser/inputs before I hit 'finish', the directory is created correctly, but /home/tom goes into /etc/passwd.
  Is there any fix/workaround for this, or am I back to an old-fashioned useradd in a setuid script?
  Thanks
  -- Steve

  Father wrote:
  that way, they are chrooted into an empty directory and have no files they can tamper with
  isnt that a little dangerous??
  What files a user can change is determined by the files' permission settings, not by the user's homedir. The homedir only tells what the initial working directory when a user logs in is, nothing else, it doesn't implicit writing or even reading access. So no, it's not dangerous, not even a little.

• /etc/group and /etc/passwd corrupted

  My /etc/group and /etc/passwd (and possibly others) are corrupted (my silly error handling pacnew files). I tried restoring the backups (group- and similar) and also ran grpconv, pwdconv,, pwck without fixing things.  I've edited the files, using those in another machine as a template but no luck.
  Various commands (e.g. ssh) fail with the message:
                                   No user exists for uid 1000
  Before I give up and reinstall, is there any way I can restore things to how they should be?

  Thanks for replies. I can't recreate my user because it's already there. I can log in as ac without difficulty and do most things - just a few (mportant) fail.
  I don't understand why it keeps saying the user ac is uid 1000. After reading the wikis I think my /etc/group and /etc/passwd are correct. /etc/passwd has:
              ac:x:1000:100::/home/ac:/bin/bash
  and /etc/group has:
             users:x:100:ac
             ac:x:100:ac
  I'm not sure the last line should be there, but removing it doesn't help. The entries on a second machine are similar.
  I'll sleep on it to see if I think of something else to try in the morning, otherwise I'll have to reinstall tomorrow.

• How to handle home directory change in /etc/passwd.pacnew?

  Hey,
  the recent update of the filesystem package had a change in /etc/passwd that
  I am not sure how to handle:
  daemon:x:2:2:daemon:/sbin:/usr/bin/nologin
  was changed to
  daemon:x:2:2:daemon:/:/usr/bin/nologin
  As you can see, the home directory of daemon was changed from /sbin to /.
  Should I merge that change into my /etc/passwd?

  I have read that thread but I am not quite sure that it applies to
  this situation.
  Leonid.I basically says that
  [...] if your group/passwd files are functional before the update -- keep them as is
  (unless you wan to do cosmetic changes)
  Now, adding info to the GECOS field or substituting /sbin with /usr/bin
  doesn't really alter the behaviour of the system, but changing a user's
  home directory seems a little bit more fundamental to me.

• Why i can not find my login name in /etc/passwd?

  why i can not find my login name in /etc/passwd?
  Thank you~

  I want to ask the same question as steve359, where the multi-user accounts information stored?
  I saw mysql user in passwd, do you have any idea on what purpose of mac os ultilize mysql ?
  Thanks!

• Google home page. remove boxes from web, images, video, maps, news, etc

  I use Google as my home page.
  I would like to remove the boxes around web, images, video, maps, news, etc.
  I don't see these boxes in Internet Explorer.
  Thanks
  Frank C
  Win Vista ultimate SP2 FF 4.0

  Thanks to jscher and cor-el I now have the Google home page that I wanted.
  I was not blocking gstatic.com or ssl.gstatic.com
  I looked at:
  http://kb.mozillazine.org/Website_colors_are_wrong
  I think items 2 and 3 fixed my problem. item 2 is the stronger candidate.
  My attempt to improve the display for my old eyes - contrast and font size was not very successful.
  I Checked these four items carefully from "website colors are wong.
  1 (Firefox) View -> Page Style should not be set to "No Style"
  Page style was set to wiki
  2 "Tools -> Options -> Content -> Colors" check "Allow pages to use their own colors, instead of my selections above"
  This item was NOT checked. It is now checked.
  3 (Windows users) Start Menu -> Control Panel -> Accessibility -> Display -> uncheck "Use High Contrast", restart the application
  This item was checked. I un- checked it. I think this fixed the problem.
  4 (Windows users) Right-click the Firefox shortcut -> Properties -> Compatibility -> uncheck "Run in 256 colors", restart the application
  This item was not checked.