Re: /etc/group & /etc/passwd queries

Amrit_1 · ‎01-27-2004

Hi,

I created a new user which was reflected in the /etc/group and passwd file. Later i completed deleted the group file and then login to the system, it allowed me...

I initially presumed that the system would first refer to the /etc/group and then validate the passwd with the passwd file but it does not seem so.

Also, in the /etc/passwd file what is the use of the userid. What would happen if the userid is tampered with i.e. the no. is changed to some other integer.

T G Manikandan · ‎01-27-2004

If the user id is changed nothing will happen to the user getting logged in.

One of the problems is that the file owned by the user will be left alone with the ownership pointing to that uid i.e.when you do a ls -l the old uid will be displayed in the owner's field as it does not have a corresponding entry to user in the /etc/passwd file.

Sanjay Kumar Suri · ‎01-27-2004

During the login process the system checks only the /etc/passwd file for a valid accound.

/etc/group is not checked.

Nothing should happen if userid is tampered with as long as it is unique in the file.

sks

A rigid mind is very sure, but often wrong. A flexible mind is generally unsure, but often right.

Amrit_1 · ‎01-27-2004

Since the file owned by the user will be left alone with the ownership pointing to the old uid, would there be any impact likes the owner not able to edit/delete/modify/ change the owner etc on that particular file.

T G Manikandan · ‎01-27-2004

Yes,you are right.Now the user has a new id and cannot do anything with that file.

Only a chown of the files will help restoring the same user as owner with the new uid.

Assume that a new user is created with that old uid.He becomes the owner for those files.

Sridhar Bhaskarla · ‎01-27-2004

Hi Amrit,

The group membership that is in /etc/passwd field is the primary group of the user even if he/she is not listed in /etc/group file. If the user is added to other groups in /etc/group file, then they will become his/her secondary groups.

It's not the user name but the uid that matters. So, if you changet the uid of a user, then that login will be treated as a different login than the original. The user will not be able to manage those files unless they are with full permissions to others.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Amrit_1 · ‎01-27-2004

From the above discussion I get that the gid is not unique id since multiple users can belong to the same group but the uid is a unique no for each "user name"

Sridhar Bhaskarla · ‎01-27-2004

Yes in a way depending on the context.

gid will be unique in terms of group file. You don't want to have the same gid associated with different group names.

uid will be unique for the logins. Similary you don't want to have different login names with the same uid.

Multiple uids can share a single gid. This means those user accounts belong to the group with that gid.

Creating different users with the same uid means, calling the same person with different names.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

Amrit_1 · ‎01-28-2004

I was doing some more testing and noticed the following:

the group file has the following attributes: groupname-passwd-gid-users.

Once I create a user a entry is created in the group and passwd file corresponding to my user name.

I now delete the gid-users corresponding to the username in the group file. Inspite of doing so I am able to perform all operations like rebooting the machine etc etc.

Is there any use of the gid-users apart from during initial creation.

A. Clay Stephenson · ‎01-28-2004

Actually, multiple users can have a single uid. It's not good practice but it is allowed. If users tom, dick, and harry share uid 500 then all uid to login lookups will only reference the first found so that all files owned by uid 500 will appear to be owned by tom even if harry actually created them. The system only uses uid so that even user "root" is nothing special only the uid 0.

The group file really comes into play when a user is a member of multiple groups. His primary group is the gid stored in the passwd file but he is allowed to become a member of any group for which he has an entry in the groups file. If /etc/logingroup is linked to /etc/group then the system will automatically check for group permissions among his groups without having to do a newgrp.

If it ain't broke, I can fix that.

doug mielke · ‎01-28-2004

Changing the user or group ID can have the following effects:

Existing files owned by that user will either be owned by the old UID, ( ls will show the number) or owned by another user, ie: a new user created with that number.

Existing files copied from another system, an NFS mount or a backup tape will retain the old uid number. If that number is not associated with a user, ls will list as a number.

If a GID doen't exist after a files is created with that group ownership, ls will show group ownership as a number.

all of these can affect access by a user or group to the file.

Amrit_1 · ‎01-28-2004

How do I create multiple users having the same uid?

One more observation that I made was that Adding a user using SAM didn't update the /etc/group file. If this is the case, then the script that I am using should also not modify the /etc/group but only the /etc/passwd file.

T G Manikandan · ‎01-28-2004

useradd - u -o -g -d -m -s username

-o options will do that for you

Duplicate uid

T G Manikandan · ‎01-28-2004

It is not like that using SAM you added/modified the user with only the parameters associated with the /etc/passwd file.

For example select

SAM-->users-->Modify secondary group

That will work on the /etc/group file.

The Normal 'ADD user' options works only on the password file as it has only primary group option there.

Anoop P_2 · ‎01-28-2004

Assuming that yours is not a converted system, for creating a user, with the same uid as another user, just edit /etc/passwd file, copy the line corresponding to the user you want to duplicate, to a new line and then modify the user name part, and other fields as applicable, except the uid and gid fields. Save the file and come out; the user is created.

SAM will not allow you to create a second user with the same user id as that of an existing user.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: /etc/group & /etc/passwd queries

/etc/group & /etc/passwd queries