/etc/passwd file format

Linux stores most account features in the /etc/passwd file. It is a text-based file with with seven fields for each entry. Each entry begins with a username and continues with a set of fields separated by colons (:). Here is the syntax of an entry in the /etc/passwd file:

username:password:UID:GID:comment:home directory:default shell

Here is a description of each field:

  • username – the name of the user.
  • password – this field has traditionally been reserved for the password. Most Linux distributions, however, store passwords in /etc/shadow. This field is usually set to x, which means that shadow passwords are in use. If the field is set to asterisk (*) it means that the account has no password configured. If the field is set to the exclamation mark (!), the account is locked.
  • UID – user identifier. It is a unique number representing the user.
  • GID – the default (primary) login group ID. Users have only one primary group and that group is the group owner for all new files the user creates.
  • comment – this field contain information about the user. Usually holds the user’s full name.
  • home directory – the absolute path to the user’s home directory.
  • default shell – the user’s default shell.

For example, here is an entry for our user bob:

linux etc passwd file

In the picture above we can see the following information:

  • username – bob
  • password – stored in the /etc/shadow file
  • UID – 1001
  • GID – 1001
  • comment – full name of the user is Bob Jones
  • home directory – /home/bob
  • default shell – /bin/bash

 

Although the name implies it, the /etc/passwd file doesn’t hold password information. This would present a security risk since the file is readable by all users. Instead, passwords are stored in the /etc/shadow file, explained in the next lesson.
Geek University 2022