The password file1 /etc/passwd is a text-based database of information about users2 that may log into3 the system or other operating system user identities that own running processes. The name of the file originates from one of its initial functions as it contained the data used to verify passwords4 of user accounts. However, on modern Unix5 systems the security-sensitive password information is instead often stored in a different file using shadow passwords, or other database implementations. The /etc/passwd file typically has file system permissions6 that allow it to be readable by all users of the system (world-readable), although it may only be modified by the superuser7 or by using a few special purpose privileged commands.

The /etc/passwd file is a text file8 with one record per line9, each describing a user account10. Each record consists of seven fields separated by colons11 (:). An example record may be:

passwd
Sample record from the /etc/passwd file.

The information fields — in order from left to right — are:

  1. user name: the string a user would type in when logging into the operating system: the logname12; must be unique across users listed in the file

  2. password: information used to validate a user's password13; in most modern uses, this field is usually set to x (or * or some other indicator) with the actual password information being stored in a separate shadow password file14; on Linux15 systems, setting this field to an asterisk (*) is a common way to disable direct logins to an account while still preserving its name, while another possible value is *NP* which indicates to use an NIS16 server to obtain the password; without password shadowing in effect, this field would typically contain a cryptographic hash of the user's password (in combination with a salt17)

  3. user identifier18 (UID): each user must be assigned a user identifier (UID); it need not be unique; UID 0 (zero) is reserved for root; UIDs 199 are reserved for other predefined accounts; UIDs 100909are reserved by system for administrative and system accounts/groups

  4. group identifier19 (GID): identifies the primary group (as stored in the /etc/group file) of the user; all files that are created by this user may initially be accessible to this group

  5. GECOS field20: commentary that describes the person or account; typically, this is a set of comma-separated values including the user's full name and contact details; this field is used by finger command

  6. home directory: the absolute path to the directory the user will be in when he logs in; if this directory does not exists the user directory becomes the root directory (/)

  7. command/shell: the absolute path of the program that is started every time the user logs into the system; for an interactive user, this is usually one of the system's command line interpreters21 (shells22)

Assignment

The current directory contains a copy passwd23 of the password file /etc/passwd. Use the line-based text editor ed (or ex) to open this file.

$ ed passwd
$ ex passwd

If you now enter a regular expression that is preceded by a slash or that is enclosed between slashes and then press <ENTER>, ed searches forward in the file until it finds the next line that matches the regular expression and prints that line. As such the ed command

/stud1

will print the next line that contains the substring stud1. To print all lines containing the pattern stud1, the command must be prefixed with 1,$g (or g for short).

g/stud1

To close the text editor ed you must enter the q command (and press <ENTER>). Each time give an ed command that prints the following lines (one ed command per assignment):

Try to keep the regular expressions as short as possible and make no assumptions about the length of the fields in the password file.