[H-GEN] passwd and shadow files

Robert Brockway robert at timetraveller.org
Fri Dec 28 20:20:11 EST 2007


On Mon, 17 Dec 2007, Jason Parker-Burlingham wrote:

> [ Humbug *General* list - semi-serious discussions about Humbug and     ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> On Dec 16, 2007 9:24 PM, List Puppy <listpuppy at gmail.com> wrote:
>
>> Is there a configuration file somewhere that tells the system, at boot
>> time, to use a shadow file instead of the password file?  If so;
>> where, and, what is its name?
>
> It probably doesn't happen at boot time; my guess is that it's going
> to be in the pam configuration for the authentication module being
> used (probably "login").
>
> Looks like pam_unix.so is responsible for this, and one source I
> looked at says that it auto-detects the presence of /etc/shadow.

That's right.  These days PAM is responsible for knowing about /etc/shadow 
(aka, the "shadow password suite") on Linux and many other OSes.  Before 
PAM various utils had to know about shadow themselves.

It's worth noting that it is the "x" in the password field in /etc/passwd 
which tells the system to look in /etc/shadow for a password even if 
shadow is enabled in PAM.  It is possible[1] to copy a password from 
/etc/shadow back into /etc/password and have it work.

[1] Or at least it was the last time I tried this, which was some years 
ago.  I really expect this would still work.

Rob

-- 
"With sufficient thrust, pigs fly just fine..."
 	-- RFC 1925 "The Twelve Networking Truths"




More information about the General mailing list