The /etc/passwd File

/etc/passwd is a text file that contains the attributes of (i.e., basic information about) each user or account on a computer running Linux or another Unix-like operating system.

The permissions for /etc/passwd are by default set so that it is world readable, that is, so that it can be read by any user on the system1. The file can be easily read using a text editor (such as gedit or vi) or with a command such as cat, which is commonly used to read files, i.e.,

cat /etc/passwd

Each line in /etc/passwd represents a single user. The first listed is the root (i.e., administrative) account, which has complete power over every aspect of the system. This is followed by system-defined groups and accounts that are required for proper installation and update of system software. The lines at the end represent real people who use the system.

Each line contains seven attributes or fields: name, password, user ID, group ID, gecos, home directory and shell. Each attribute is separated from the adjacent attributes by colons but with no spaces. Colons must not be used in the attributes themselves, in order to avoid confusing the system. If there is no data for an attribute, there is no space, but, rather, two consecutive colons.

Name is the user's login name, that is the name that a user types in when logging into the system. Each such name must be unique string (i.e., sequence of characters).

The password field originally contained an encrypted login password. However, for security reasons, the encrypted passwords are now contained on another file, /etc/shadow, that cannot be read by ordinary users2. This field now merely contains the letter x to indicate that a password has been assigned to the user and is required for authentication. If this field is empty, the user can log in without a password.

User ID is the user's unique numeric identification number, which is used by the system for access control. Zero is reserved for the root account, and one through 99 are reserved for other predefined accounts. 100 through 999 are available for ordinary users and groups.

Group ID specifies the user's principal group identification number. This is usually the same as the user ID.

Named for historical reasons3, gecos contains general information about the user that is not needed by the system, most commonly the user's real name. This field can be empty, in which case there is no space between the two delimiting colons. Alternatively, it can contain multiple entries, each separated by a comma.

Home directory is the full path (i.e., the location relative to the root directory) of the user's home directory. This is the directory that the user is first in when logging into the system and which contains programs and configuration files specific to that user.

Shell is the full path of the default shell for the user. A shell is a program that provides a text-only user interface and whose main purpose is to execute commands typed in by a user and display the results. The default shell on Linux is bash, whose absolute path is /bin/bash.

Although /etc/passwd can, by default, be read by any user, it can be changed only by the root user. The main, and safest, way that it is changed is through the use of commands such as adduser and userdel, which are employed by the root account to add users to and remove users from the system, respectively. It can also be changed by direct editing with a text editor; however, as is the case with other system configuration files, great care should be exercised, as slight errors can cause serious problems, and a backup copy should be made in advance.

1This is because it is necessary for some programs to be able to read /etc/passwd in order to function properly.

2This is because it is possible, and even relatively easy, for skilled intruders to decrypt encrypted passwords. However, in the early days of UNIX, there was relatively little problem with intruders and the hardware was too slow to crack well-chosen passwords.

3This term is an acronym for General Electric Comprehensive Operating System, a computer which was used in the context of this field in the original UNIX implementations at Bell Labs.

Created July 26, 2006.
Copyright © 2006 The Linux Information Project. All Rights Reserved.