6.16.2006

comments in password file

In HP-UX, comments can be used in the password file, although I don't think anyone would recommend it. It may be in violation of SOX requirements as well; be careful. That having been said, I've found the following when using comments in the passwd file of HPUX (very well may apply to other *nix flavors):

3 requirements:
* 7 total fields - exactly 6 colons must be in every line
* uid must be numeric or valid
* gid must be numeric or valid

You should check your /etc/passwd file using the pwck command if you are in doubt of the integrity of the file.

Some symptoms to look out for if your password file is screwed up:
$ /bin/su - user123
su: Unknown id: user123

$ passwd
Invalid login name.

The password file is read from top to bottom, so if one account works, but others don't check the location of the comment/bad entries and where they relate in position to the account in question.

No comments: