- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: passwd change..
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 11:46 PM
тАО05-31-2009 11:46 PM
passwd change..
I have one basic question regarding passwd change of users.
How user can use 'passwd' command?.I mean how user are able to change their passwd?.They can't edit the /etc/passwd and /etc/shadow files..
Regards,
Sri.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 11:48 PM
тАО05-31-2009 11:48 PM
Re: passwd change..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 11:50 PM
тАО05-31-2009 11:50 PM
Re: passwd change..
no user can't edit that files only superuser
i mean root can do it
thanks and regard
Sajjad Sahir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 11:55 PM
тАО05-31-2009 11:55 PM
Re: passwd change..
Users r using 'passwd' cmd for changing the passwd.That means they r indirectly editing the shadow files right.
Regards,
Sri.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-31-2009 11:55 PM
тАО05-31-2009 11:55 PM
Re: passwd change..
basically
only root user able to change, however you can assign sudo access to modify /etc/passwd and /etc/shadow files to any non-root user. thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-01-2009 12:10 AM
тАО06-01-2009 12:10 AM
Re: passwd change..
Yes, but really root is editing those files.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-01-2009 12:46 AM
тАО06-01-2009 12:46 AM
Re: passwd change..
Ordinary users can only change passwords corresponding to their login name. If an old password has been established, it is requested from the user. If valid, a new password is obtained. Once the new password is entered, it is determined if the old password has "aged" sufficiently. If password aging is not sufficient, the new password is rejected and passwd terminates.
If password aging and construction requirements are met, the password is re-entered to ensure consistency. If the new copy differs, passwd repeats the new password prompting cycle, at most twice.
A superuser, whose effective user ID is zero, is allowed to change any password and is not forced to comply with password aging. Superusers are not prompted for old passwords, unless they are attempting to change a superuser's password in a trusted system. On untrusted systems, superusers are not forced to comply with password construction requirements. Null passwords can be created by entering a carriage return in response to the prompt for a new password.
For the files (local system) repository, if no /etc/shadow file exists, then the encrypted password is stored in the password field of /etc/passwd. If the /etc/shadow file exists, then the encrypted password is stored there, and an 'x' is added to the password field of /etc/passwd.
Please remember don't allow any non root users to play with /etc/shadow and /etc/passwd files.
thanks and regards
Sajjad Sahir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-01-2009 01:10 AM
тАО06-01-2009 01:10 AM
Re: passwd change..
I attended one interview in that they asked me this question.
We know that users canot edit /etc/passwd and /etc/shadow files.But by using 'passwd' cmd they can change their password.
is there any background process or deamon for doing this?.
I know that root user can change any user passwd.
Regards,
Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-01-2009 01:26 AM
тАО06-01-2009 01:26 AM
Re: passwd change..
As I said above, when you run any setuid root program, you become root and it can edit those files.
The only "demon" might be the NIS process on the NIS server. For "-r nis".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-01-2009 09:17 AM
тАО06-01-2009 09:17 AM
Re: passwd change..
More accurately stated: We know users cannot run vi or similar program to edit the /etc/passwd file. But as mentioned, the passwd program is a special program that has elevated permission to perform a very specific task: to modify the passwd file on behalf of the user. This is done through permissions given this program that allow it to be run by anyone but be given permission as if it was run by root -- set user-ID or SUID is the common terminology.
> is there any background process or deamon for doing this?.
No. The program does all the work. There are many programs that are configured this way. For instance, chsh allows you to change your shell in the passwd file -- the ll command will show programs that have set userID with the letter "s" in the permissions:
-r-sr-xr-x 5 root bin 53248 Apr 27 2007 chsh
This is standard Unix behavior to allow special privileges with certain commands. Some of the details are shown in the man page for ls.
Bill Hassell, sysadmin