[NTLUG:Discuss] /etc/passwd and /etc/passwd- differences.
Rick Moncello
rmoncello at attbi.com
Fri May 31 21:20:42 CDT 2002
Actually /etc/passwd- and /etc/shadow- are backup copies made whenever a
change is made to the users on the system by a variety of utilities. As an
example, here is a trace from my system:
========================================================================
[root at linux etc]# ls -ltr passwd* shadow*
-rw-r--r-- 1 root root 1454 Nov 11 2001 passwd.OLD
-r-------- 1 root root 1318 Mar 15 08:44 shadow.bak
-r-------- 1 root root 1318 Mar 15 08:44 shadow-
-rw-r--r-- 1 root root 1796 Mar 15 08:44 passwd.bak
-rw------- 1 root root 1796 Mar 15 08:44 passwd-
-r-------- 1 root root 1354 May 10 13:05 shadow
-rw-r--r-- 1 root root 1888 May 10 13:05 passwd
[root at linux etc]# useradd test
[root at linux etc]# ls -ltr passwd* shadow*
-rw-r--r-- 1 root root 1454 Nov 11 2001 passwd.OLD
-r-------- 1 root root 1318 Mar 15 08:44 shadow.bak
-rw-r--r-- 1 root root 1796 Mar 15 08:44 passwd.bak
-r-------- 1 root root 1354 May 10 13:05 shadow-
-rw------- 1 root root 1888 May 10 13:05 passwd-
-r-------- 1 root root 1381 May 31 21:08 shadow
-rw-r--r-- 1 root root 1927 May 31 21:08 passwd
[root at linux etc]# finger test
Login: test Name: (null)
Directory: /home/test Shell: /bin/bash
Never logged in.
No mail.
No Plan.
[root at linux etc]#
========================================================================
The *format* of the passwd file does not actually change when enabling the
shadow password file. The only change in the passwd file is that the
encrypted password gets replaced by an 'x' to indicate that it's shadowed
and to prevent rogue programs from circumventing the shadowing mechanism.
In this example, /etc/passwd had an entry for the user 'test' which is not
in /etc/passwd-. Similarly, /etc/group has the new group 'test' which is
not in /etc/group-.
Although I didn't include it in the output above, the /etc/group and
/etc/gshadow files would behave in the same manor.
Rick.
-----Original Message-----
From: discuss-admin at ntlug.org [mailto:discuss-admin at ntlug.org]On Behalf
Of Kelledin
Sent: Friday, May 31, 2002 20:53 PM
To: discuss at ntlug.org
Subject: Re: [NTLUG:Discuss] /etc/passwd and /etc/passwd- differences.
On Wednesday 29 May 2002 11:37 pm, you wrote:
> To the best of my knowledge, /etc/passwd- is the shadow password file for
> /etc/passwd.
>
> What circumstances would cause the '/etc/passwd-' file to be missing
> entries that ARE in '/etc/passwd'?
>
> The system seems to be functioning fine.
>
> As always, Slackware is the distro being used here. (running version
> 8.0/Kernel 2.4.18) Webmin is also in use.
/etc/passwd- and /etc/group- (if they exist) are backup files made by shadow
utilities pwconv and grpconv. These shadow utilities are used to convert
the
/etc/passwd and /etc/group files from the obsolete, non-shadowed format
(with
3DES-encrypted password fields) to an equivalent set of shadow password
files
(/etc/shadow and /etc/gshadow).
When these utilities do their job, they back up the original /etc/passwd or
/etc/group files to '/etc/passwd-' or '/etc/group-'. This is where these
files come from; they may be missing some of the entries in the newer,
shadowed /etc/passwd or /etc/group files if you add users or groups *after*
converting the original files to shadowed equivalents. The only real reason
to keep these files around is in case you ever want to switch back to the
old-style, non-shadowed passwords (which you should generally never do).
--
Kelledin
"If a server crashes in a server farm and no one pings it, does it still
cost
four figures to fix?"
_______________________________________________
http://www.ntlug.org/mailman/listinfo/discuss
More information about the Discuss
mailing list