Where User Account and Group Information Is Stored
Depending on your site policy, user account and group information can be stored
in your local system's /etc files or in a name or directory service
as follows:
The NIS+ name service information is stored in tables.
The NIS name service information is stored in maps.
The LDAP directory service information is stored in indexed database files.
Note - To avoid confusion, the location of the user account and group information is
generically referred to as a file rather than as a database, table, or
map.
Most user account information is stored in the passwd file. Password information is
stored as follows:
In the passwd file when you are using NIS or NIS+
In the /etc/shadow file when you are using /etc files
In the people container when you are using LDAP
Password aging is available when you are using NIS+ or LDAP, but not
NIS.
Group information is stored in the group file for NIS, NIS+ and files.
For LDAP, group information is stored in the group container.
Fields in the passwd File
The fields in the passwd file are separated by colons and contain the following
information:
username:password:uid:gid:comment:home-directory:login-shell
For example:
kryten:x:101:100:Kryten Series 4000 Mechanoid:/export/home/kryten:/bin/csh
For a complete description of the fields in the passwd file, see the
passwd(1) man page.
Default passwd File
The default Solaris passwd file contains entries for standard daemons. Daemons are processes
that are usually started at boot time to perform some system-wide task, such
as printing, network administration, or port monitoring.
root:x:0:1:Super-User:/:/sbin/sh
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/usr/spool/lp:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
smmsp:x:25:25:SendMail Message Submission Program:/:
listen:x:37:4:Network Admin:/usr/net/nls:
gdm:x:50:50:GDM Reserved UID:/:
webservd:x:80:80:WebServer Reserved UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
Table 4-5 Default passwd File Entries
User Name |
User ID |
Description |
|---|
root |
0 |
Superuser account |
daemon |
1 |
Umbrella system daemon
associated with routine system tasks |
bin |
2 |
Administrative daemon associated with running system binaries to
perform some routine system task |
sys |
3 |
Administrative daemon associated with system logging or updating files in
temporary directories |
adm |
4 |
Administrative daemon associated with system logging |
lp |
71 |
Line printer daemon |
uucp |
5 |
Daemon associated with uucp
functions |
nuucp |
6 |
Another daemon associated with uucp functions |
smmsp |
25 |
Sendmail message submission program daemon |
webservd |
80 |
Account reserved for
WebServer access |
gdm |
50 |
GNOME Display Manager daemon |
listen |
37 |
Network listener daemon |
nobody |
60001 |
Account reserved for anonymous NFS access. |
noaccess |
60002 |
Assigned
to a user or a process that needs access to a system
through some application but without actually logging in. |
nobody4 |
65534 |
SunOS 4.0 or 4.1 version of
the nobody user account |
Fields in the shadow File
The fields in the shadow file are separated by colons and contain
the following information:
username:password:lastchg:min:max:warn:inactive:expire
For example:
rimmer:86Kg/MNT/dGu.:8882:0::5:20:8978
For a complete description of the fields in the shadow file, see the
shadow(4) and crypt(1) man pages.
Fields in the group File
The fields in the group file are separated by colons and contain the
following information:
group-name:group-password:gid:user-list
For example:
bin::2:root,bin,daemon
For a complete description of the fields in the group file, see the
group(4) man page.
Default group File
The default Solaris group file contains the following system groups that support some
system-wide task, such as printing, network administration, or electronic mail. Many of these
groups having corresponding entries in the passwd file.
root::0:
other::1:
bin::2:root,daemon
sys::3:root,bin,adm
adm::4:root,daemon
uucp::5:root
mail::6:root
tty::7:root,adm
lp::8:root,adm
nuucp::9:root
staff::10:
daemon::12:root
smmsp::25:
sysadmin::14:
gdm::50:
webservd::80:
nobody::60001:
noaccess::60002:
nogroup::65534:
Table 4-6 Default group File Entries
Group Name |
Group ID |
Description |
|---|
root |
0 |
Superuser group |
other |
1 |
Optional group |
bin |
2 |
Administrative group
associated with running system binaries |
sys |
3 |
Administrative group associated with system logging or temporary
directories |
adm |
4 |
Administrative group associated with system logging |
uucp |
5 |
Group associated with uucp functions |
mail |
6 |
Electronic mail group |
tty |
7 |
Group
associated with tty devices |
lp |
8 |
Line printer group |
nuucp |
9 |
Group associated with uucp functions |
staff |
10 |
General administrative group. |
daemon |
12 |
Group
associated with routine system tasks |
sysadmin |
14 |
Administrative group associated with legacy Admintool and Solstice
AdminSuite tools |
smmsp |
25 |
Daemon for Sendmail message submission program |
webservd |
80 |
Group reserved for WebServer access |
gdm |
50 |
Group reserved for
the GNOME Display Manager daemon |
nobody |
60001 |
Group assigned for anonymous NFS access |
noaccess |
60002 |
Group assigned to
a user or a process that needs access to a system through some
application but without actually logging in |
nogroup |
65534 |
Group assigned to a user who is
not a member of a known group |
