LLMpediaThe first transparent, open encyclopedia generated by LLMs

/etc/passwd

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: XDM (display manager) Hop 4
Expansion Funnel Raw 102 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted102
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
/etc/passwd
/etc/passwd
Software: Shadow developers (https://github.com/shadow-maint/shadow/)Screenshot: · Public domain · source
Name/etc/passwd
TypeConfiguration file
OsUnix-like
Location/etc
FormatPlain text
UseAccount database

/etc/passwd

/etc/passwd is a plain-text account database file traditionally used by Unix-like systems to store user account information. It serves as a central record for login names, user identifiers, shell programs, and account metadata, and interacts with system services and libraries across distributions, desktop environments, and networked authentication frameworks. Administrators, developers, and operating system projects rely on its compatibility for interoperability among projects and institutions.

Overview

The file plays a core role in authentication stacks implemented by projects such as FreeBSD, NetBSD, OpenBSD, Linux, GNU, and distributions like Debian, Ubuntu, Red Hat Enterprise Linux, Fedora, SUSE, and Arch Linux. It interfaces with libraries and services including the PAM ecosystem, NSS, and networked systems like LDAP, Kerberos, NIS, and Active Directory. System utilities and shells from projects such as GNU coreutils, Bash, Zsh, Dash, and KornShell read or rely on entries for user environments, while init systems like systemd and legacy daemons such as sysvinit consult account metadata for service permissions. Major vendors including IBM, Oracle, Microsoft (via Windows Subsystem for Linux), and cloud providers such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure expect consistent behavior for interoperability.

File format and fields

Each line in the file is a record composed of colon-separated fields: username, password placeholder, UID, GID, GECOS/comment, home directory, and login shell. Tools from projects like coreutils, util-linux, and distributions such as Red Hat, Debian parse these fields for account management, while configuration management systems like Ansible, Puppet, Chef, and SaltStack automate updates. The UID and GID conventions align with standards used by POSIX, IEEE, and organizations such as the Linux Foundation, and interoperability with filesystems like ext4, XFS, ZFS, and Btrfs depends on consistent identifier semantics. Administrative utilities including useradd, usermod, userdel, adduser, and vipw validate syntactic constraints to avoid conflicts with services like cron, at, and systemd-logind.

Account types and entries

Entries commonly represent human users, system accounts, and service principals used by daemons and network services such as sshd, Apache, Nginx, MySQL, PostgreSQL, Docker, Kubernetes, and OpenSSH. System accounts for packages and facilities produced by projects like Debian, Ubuntu, Red Hat, SUSE, and Gentoo use reserved UID ranges mirrored in specifications from FHS and distributions maintained by organizations including the Debian Project, Red Hat, and Canonical. Accounts for networked identity systems integrate with Samba, Active Directory, and authentication realms created by MIT Kerberos and FreeIPA.

Security and privacy concerns

Historically, storing hashed password digests in the second field exposed systems to offline attacks and motivated migration to shadow password systems such as shadow, adopted across Linux, BSD, and enterprise distributions. Threat models involving actors like state-level APT groups referenced in reports by National Security Agency, GCHQ, and industry groups emphasize credential theft, lateral movement, and supply-chain vectors impacting accounts used by projects including OpenSSL, OpenSSH, LibreOffice, and Mozilla. Privacy considerations intersect with data protection regimes like the GDPR and practices from institutions such as NIST and ENISA that recommend minimizing exposure of personal identifiers found in GECOS fields. Tools for auditing and hardening—created by communities around OWASP, CIS, and vendors like Red Hat and SUSE—advise using shadowed hashes, PAM policies, two-factor systems from Duo Security or Yubico, and centralized identity solutions.

Administration and tools

Local and remote administration leverages utilities from GNU, Debian, Red Hat, and BSD projects: useradd, adduser, usermod, vipw, pw, and configuration management via Ansible, Puppet, and SaltStack. Identity synchronization tools integrate with sssd, winbind, realmd, and directory services like OpenLDAP and 389 Directory Server. Backup and auditing solutions by vendors including IBM, Oracle, Microsoft, and open projects such as Auditd and Tripwire monitor changes, while migration utilities support cloud providers like Amazon Web Services, Google Cloud Platform, and configuration platforms such as Terraform.

History and compatibility

The file's lineage traces to early Bell Labs research systems and historical Unix derivatives like Research Unix, BSD, and System V; portability concerns drove standards from POSIX and organizations such as IEEE and ISO. Evolutionary milestones include shadow password adoption and NSS/PAM integration driven by projects like GNU, Linux, and the BSD family, and compatibility layers such as Cygwin and Windows Subsystem for Linux that map Windows accounts to Unix semantics. Long-standing interoperability is reflected in expectations across distributions (for example, Debian, Ubuntu, Red Hat Enterprise Linux, SUSE), commercial UNIX vendors like Sun, HP-UX, and AIX, and community projects such as Arch Linux and Gentoo.

Category:Unix files