[H-GEN] passwd and shadow files
Robert Brockway
robert at timetraveller.org
Fri Dec 28 20:20:11 EST 2007
On Mon, 17 Dec 2007, Jason Parker-Burlingham wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> On Dec 16, 2007 9:24 PM, List Puppy <listpuppy at gmail.com> wrote:
>
>> Is there a configuration file somewhere that tells the system, at boot
>> time, to use a shadow file instead of the password file? If so;
>> where, and, what is its name?
>
> It probably doesn't happen at boot time; my guess is that it's going
> to be in the pam configuration for the authentication module being
> used (probably "login").
>
> Looks like pam_unix.so is responsible for this, and one source I
> looked at says that it auto-detects the presence of /etc/shadow.
That's right. These days PAM is responsible for knowing about /etc/shadow
(aka, the "shadow password suite") on Linux and many other OSes. Before
PAM various utils had to know about shadow themselves.
It's worth noting that it is the "x" in the password field in /etc/passwd
which tells the system to look in /etc/shadow for a password even if
shadow is enabled in PAM. It is possible[1] to copy a password from
/etc/shadow back into /etc/password and have it work.
[1] Or at least it was the last time I tried this, which was some years
ago. I really expect this would still work.
Rob
--
"With sufficient thrust, pigs fly just fine..."
-- RFC 1925 "The Twelve Networking Truths"
More information about the General
mailing list