Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris :regarding /etc/shadow file
Operating Systems Solaris Solaris :regarding /etc/shadow file Post 302560360 by plmachiavel on Thursday 29th of September 2011 02:04:10 PM
Old 09-29-2011
Interesting enough ... Here is my "guess".

I traduce low order four by “the least important bites” or “the ones on the right” as opposed to high order ones. Let's say I have the following:

01010001010010

The low order four would be 0010 (2).

I believe that the fields probably have a certain maximum length (integer?) and they decided to use only the last 4.

I tested and the counter stops at 15 so it really seems to be using only the last four bits, wathever data type it uses.

"flag" entry in /etc/shadow through history:

Solaris8 man:
Last change: 10 Dec 1991
Reserved for future use, set to zero. Currently not used.

Solaris 9 man:
Last change: 12 Sep 2002
Reserved for future use, set to zero. Currently not used.

Solaris 10 man:
Last change: 15 Sep 2005
Failed login count in low order four bits; remainder reserved for future use, set to zero.
This User Gave Thanks to plmachiavel For This Post:
shekhar_4_u
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

shadow file

Sirs, What is a shadow file,How it be usefull.For my project i have to keep the password in shawdow file also i am doing in php how can i do it. Thanks in advance, ArunKumar (3 Replies)
Discussion started by: arunkumar_mca
3 Replies

2. UNIX for Advanced & Expert Users

shadow file

what does 'x' in the encrypted password field in /etc/shaodw file represent? (3 Replies)
Discussion started by: jbashir
3 Replies

3. Solaris

*LK* in /etc/shadow file

my etc/shadow file showing *LK* for a particular user.. can u tell me under which circumstances a user is locked (5 Replies)
Discussion started by: vikashtulsiyan
5 Replies

4. UNIX for Advanced & Expert Users

/etc/shadow file....

Does anyone know what "!!" represents in the password field of the /etc/shadow file? :confused: (6 Replies)
Discussion started by: avcert1998
6 Replies

5. UNIX for Dummies Questions & Answers

Shadow File

I see conflicting definitions for the shadow file. For Solaris, what are the fields please? Thanks. (3 Replies)
Discussion started by: DavidS
3 Replies

6. Shell Programming and Scripting

appending LK to the shadow file

Hey guys.. i need to be able to append 'LK' to a password field in the shadow file I cannot use commands such as usermod chsh i need to directly be able to manupilate the files through a menu driven interface. So in other words write to the shadow file How could i do this? so far... (1 Reply)
Discussion started by: musicmancanora
1 Replies

7. UNIX for Dummies Questions & Answers

How Do I Regenerate the Shadow file

I guess the earlier problem I had with changing user passwords and creating new users is related to the shadow file. Anytime I change something to /etc/passwd or shadow I get locked out. HOW DO I REGENERATE THIS FILE. (1 Reply)
Discussion started by: Waitstejo
1 Replies

8. Shell Programming and Scripting

Shadow file

Hi, In shadow file smithj:Ep6mckrOLChF.:10063:0:99999:7::: 3rd Field 10063 indicates the number of days (since January 1, 1970) since the password was last changed. I want to get the result with script the date on which the password was last changed in YYYY-MM-DD format. can... (8 Replies)
Discussion started by: pinnacle
8 Replies

9. UNIX for Dummies Questions & Answers

Shadow file help

As a part of linux hardening In shadow file all Application accounts which are not locked must contain only an asterisk “*” in the Passwd field. But how would i do it by using command? Is there any way other than modifying shadow file to accomplish this task? (3 Replies)
Discussion started by: pinga123
3 Replies

10. Solaris

Root user not recognizing on Solaris-10 (shadow file corruption)

Hello, I got into a wired state on one of solaris 10 server. When I noticed that server is having some issue, I found that there were dumpadm.conf entries in /etc/shadow and real entries were wiped of. Probably somebody fat fingers. I was able to boot into failsafe, break SVM mirror, copied... (25 Replies)
Discussion started by: solaris_1977
25 Replies

LEARN ABOUT OPENSOLARIS

shadow

shadow(4)							   File Formats 							 shadow(4)

NAME

       shadow - shadow password file

DESCRIPTION

       /etc/shadow  is	an access-restricted ASCII system file that stores users' encrypted passwords and related information. The shadow file can
       be used in conjunction with other shadow sources, including the NIS maps passwd.byname and passwd.byuid and the NIS+ table passwd. Programs
       use the getspnam(3C) routines to access this information.

       The  fields  for  each  user entry are separated by colons. Each user is separated from the next by a newline. Unlike the /etc/passwd file,
       /etc/shadow does not have general read permission.

       Each entry in the shadow file has the form:

	 username:password:lastchg:min:max:warn:inactive:expire:flag

       The fields are defined as follows:

       username    The user's login name (UID).

       password    An encrypted password for the user generated by crypt(3C), a lock string to indicate that the login is not  accessible,  or	no
		   string, which shows that there is no password for the login.

		   The lock string is defined as *LK* in the first four characters of the password field.

       lastchg	   The	number	of  days between January 1, 1970, and the date that the password was last modified. The lastchg value is a decimal
		   number, as interpreted by strtol(3C).

       min	   The minimum number of days required between password changes. This field must be set to 0 or above to enable password aging.

       max	   The maximum number of days the password is valid.

       warn	   The number of days before password expires that the user is warned.

       inactive    The number of days of inactivity allowed for that user. This is counted on a per-machine basis; the information about the  last
		   login is taken from the machine's lastlog file.

       expire	   An  absolute date expressed as the number of days since the Unix Epoch (January 1, 1970). When this number is reached the login
		   can no longer be used. For example, an expire value of 13514 specifies a login expiration of January 1, 2007.

       flag	   Failed login count in low order four bits; remainder reserved for future use, set to zero.

       A value of -1 for min, max, or warn disables password aging.

       The encrypted password consists of at most CRYPT_MAXCIPHERTEXTLEN characters chosen from a 64-character alphabet (., /, 0-9, A-Z, a-z). Two
       additional  special  characters,  "$" and ",", can also be used and are defined in crypt(3C). To update this file, use the passwd(1), user-
       add(1M), usermod(1M), or userdel(1M) commands.

       In order to make system administration manageable, /etc/shadow entries should appear in exactly the same order as /etc/passwd entries; this
       includes ``+'' and ``-'' entries if the compat source is being used (see nsswitch.conf(4)).

       Values for the various time-related fields are interpreted as Greenwich Mean Time.

FILES

       /etc/shadow	     shadow password file

       /etc/passwd	     password file

       /etc/nsswitch.conf    name-service switch configuration file

       /var/adm/lastlog      time of last login

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Stable			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       login(1),  passwd(1),  useradd(1M),  userdel(1M),  usermod(1M),	strtol(3C), crypt(3C), crypt_gensalt(3C), getspnam(3C), putspent(3C), nss-
       witch.conf(4), passwd(4), attributes(5), pam_unix_account(5), pam_unix_auth(5)

NOTES

       If password aging is turned on in any name service the passwd: line in the /etc/nsswitch.conf file must have a format specified in the nss-
       witch.conf(4) man page.

       If  the	/etc/nsswitch.conf  passwd  policy  is	not  in one of the supported formats, logins will not be allowed upon password expiration,
       because the software does not know how to handle password updates under these conditions. See nsswitch.conf(4) for additional information.

SunOS 5.11							    15 Sep 2005 							 shadow(4)
All times are GMT -4. The time now is 02:29 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy