topic Re: comment in passwd file in Operating System - Linux

comment in passwd file

Shivkumar — Wed, 02 May 2007 12:21:31 GMT

Hi,

If # has been put in the beginning of a line in /etc/passwd file and it is saved;
Will it corrupt the /etc/passwd file and system will not come up ?

If this is done by mistake then how to recover it ?

I am just curious to know and this has not been done.

Thanks,
Shiv

Re: comment in passwd file

James R. Ferguson — Wed, 02 May 2007 12:29:59 GMT

Hi Shiv:

Why would you want to do this? If you want to prevent an account from logging in on an untrusted system, replace the second field of the account with an "*". This is the same as running the safer:

# passwd -l login

If you have manually editted your '/etc/passwd' you would be advised to check its integrity with:

# pwck

If you *must* manually edit '/etc/passwd' the safe way is to use:

# vipw

Using 'vipw' will at least insure you can't mangle the root account. Attempts to do so will be rejected.

Of course, one always has a backup of key configuration files to restore...

Regards!

...JRF...

Re: comment in passwd file

Pete Randall — Wed, 02 May 2007 12:34:45 GMT

Well, the man page for the password file (man 4 passwd) certainly does not seem to mention any provisions for comments. I'm not really sure what effect it would have, nor why you would want to - why don't you try it out and let us know?

Pete

Re: comment in passwd file

Jeff_Traigle — Wed, 02 May 2007 12:45:14 GMT

Actually, I have tried this. Comments are not recognized in the password file. The authentication system will see the "commented" user as having the # character as part of the username. (I don't recall if I tried logging in with #'ed username though.)

Will this cause the system to not boot? While I never tried rebooting when I tested this, I would guess not... unless you're "commenting" the root user, of course.

Re: comment in passwd file

Shivkumar — Wed, 02 May 2007 12:53:03 GMT

It was tried by someone by mistake. It corrupted the /etc/passwd file. I believe system will not boot.

This is a forum of Unix Gurus so just wanted to know their veiwpoint.

Best Regards,
Shiv

Re: comment in passwd file

Marco A. — Wed, 02 May 2007 12:53:19 GMT

The passwd file cannot be modified that way, any other modification to that file could remove another parts of the file and cause more system issues, in this case a recommend you is copy that file to the same location, for example, to /etc/passwd.tmp with all your comments for the users, because is not a good idea modify the file.
Ex .: If you remove the last : of one of the users, all the data under that will be removed and you will lost your configuration.

In this case the better idea is hold a backup with the comments that you need before change the original file.

Hope this helps,

Marc0

Re: comment in passwd file

Robin T. Slotten — Thu, 03 May 2007 08:31:05 GMT

I have done this on a non-trusted system running NIS. I used this when I needed to test login problems and I didn't know (or want to know) the user's password. I copied the line and commented out the original. then I could change the passwd for my testing. It did survive a reboot without any problems. However, it you would comment out root and not replace it, I suspect you might have a problem.
Rob...

Re: comment in passwd file

Bill Hassell — Thu, 03 May 2007 09:37:26 GMT

There is no optional format for the passwd file. Every line must contain a valid user ID and the appropriate number of : parameters. If you put a blank line or a # character (or anything else), the passwd file is corrupted. If you put a garbage line prior to the root user line, *NO ONE* can ever login. Your system will reboot just fine and no one including root can login. NEVER put anything in the passwd or group files that is not a valid entry, and DO NOT sort the passwd file!!! Although it's fine to have root down at the bottom of the file, if anyone makes a mistake (ie, a badly trained sysadmin) before the root entry, root cannot login. By putting root at the top, at least root's entry is more likely to survive fat-fingers running vi. Always, always run pwck after you edit the passwd file. If you corrupt the the passwd file, you can only fix it in single user mode. If you remove it, you can get a new copy from /usr/newconfig/etc/passwd (but of course, no login users except root are in this file).

Re: comment in passwd file

Shivkumar — Thu, 03 May 2007 12:29:09 GMT

Thanks Bill!! It was heartening to see your excellent explanation.

Best Regards,
Shiv