Users are accounts that can be used to login into a system. Each user is identified by a unique identification number or UID by the system. All the information of users in a system are stored in /etc/passwd file. The hashed passwords for users are stored in /etc/shadow file.

Users can be divided into two categories on the basis of the level of access:

1. Superuser/root/administrator : Access to all the files on the system.
2. Normal users : Limited access.

When a new user is created, by default system takes following actions:

• Assigns UID to the user.
• Creates a home directory /home/.
• Sets the default shell of the user to be /bin/sh.
• Creates a private user group, named after the username itself.
• Contents of /etc/skel are copied to the home directory of the new user.
• .bashrc, .bash_profile and .bash_logout are copied to the home directory of new user.These files provide environment variables for this user’s session.

Description of contents of /etc/passwd File

This file is readable by any user but only root as read and write permissions for it. This file consists of the following colon separated information about users in a system:

1. Username field
2. Password field
   • An `x` in this field denotes that the encrypted password is stored in the /etc/shadow file.
3. The user ID number (UID)
4. User’s group ID number (GID)
5. Additional information field such as the full name of the user or comment (GECOS)
6. Absolute path of user’s home directory
7. Login shell of the user

Syntax:

[username]:[password]:[UID]:[GID]:[GECOS]:[home_dir]:[shell_path]

Example:

Description of contents of the /etc/shadow File

This file is readable and writable by only by root user. This file consists of the following colon separated information about password of users in a system:

1. User name field
2. Password field
3. Contains an encrypted password.
   • A blank entry, {:: }, indicates that a password is not required to login into that user’s account.
   • An asterisk, {:*:}, indicates the account has been disabled.
4. Last Password Change
   • This field denotes the number of days since the date of last password change counted since UNIX time (1-Jan-1970).
5. The minimum number of days after which the user can change his password.
6. Password validity
   • Denotes the number of days after which the password will expire.
7. Warning period
   • Denotes the number of days before the password expiry date, from which the user will start receiving warning notification for password change.
8. Account validity
   • Denotes the number of days after which the account will be disabled, once the password is expired.
9. Account disability
   • This field denotes the number of days since which the account had been disabled counted from UNIX time (1-Jan-1970).

Syntax:

[username]:[enc_pwd]:[last_pwd_change]:[pwd_validity]:[warn_date]:[acc_validity]:[acc_disablity]

Example: