What's all those users in the /etc/passwd file?

27

1

The /etc/passwd is supposed to have a line for every user on the system. Amongst the common username and root there is a bunch of other users. Some examples:

timidity:x:114:127:TiMidity++ MIDI sequencer service:/etc/timidity:/bin/false
liquidsoap:x:115:128::/usr/share/liquidsoap:/bin/false
statd:x:116:65534::/var/lib/nfs:/bin/false
gdm:x:117:131:Gnome Display Manager:/var/lib/gdm:/bin/false
mysql:x:118:133:MySQL Server,,,:/nonexistent:/bin/false
  1. What's the purpose with all these users?
  2. How can I login as mysql or gdm? What will the password be?

Pithikos

Posted 2014-05-06T15:24:29.187

Reputation: 984

Answers

30

They're what you call "service accounts" and they're used for separation of privileges (so mysql can't read files it doesn't own, for example).

They can't be logged into interactively because of the /bin/false entry. Instead, they are just used for access to the appropriate files.

Nathan C

Posted 2014-05-06T15:24:29.187

Reputation: 2 522

Thats wrong. Password: An x character indicates that encrypted password is stored in /etc/shadow file. Please note that you need to use the passwd command to computes the hash of a password typed at the CLI or to store/update the hash of the password in /etc/shadow file. source: https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/

– trietend – 2018-09-25T10:25:47.380

I found out that some don't have the /bin/false entry but I still can't login into them. An example -> proxy:x:13:13:proxy:/bin:/bin/sh – Pithikos – 2014-05-06T19:38:00.790

1That has to do with a passwordless login - SSH rejects blank passwords (the :x: part of the line). You can su - proxy for example, but there's no need to. – Nathan C – 2014-05-06T23:34:14.040

2:x: isn't a blank password, it means there is no password that will work. That's the field for the password hash and nothing will hash to just the letter x, so no matter what you enter as a password it won't work. Actually, that was true before /etc/shadow; that field in /etc/passwd isn't used any more, but :x: may still indicate that it's not possible to log in. – Randy Orrison – 2014-05-12T19:36:04.157

16

These accounts are used to run services in the background. Your linux system will have a range of application doing a range of tasks in the background, as you correctly identified SQL is one such service. In order for these services to carry out activities it must have a user attached.

In order to preserve the security of your system these tasks cannot be carried out as root and instead are assigned accounts with do not have shell or login access as identified by /bin/false or /sbin/nologin. This also allows permissions to be assigned only to the files used by each application.

You cannot login as these users for this reason.

Source - linuxquestions.com

Matthew Williams

Posted 2014-05-06T15:24:29.187

Reputation: 4 149

6

These users are not interactive users in the traditional sense, but users that run services on your box. as such you cannot easily log in as those users, nor should you. The accounts are either password-less (login disabled) or have a randomly generated password. Passwordless accounts can be invoked by root (usually at boot) using su to run the actual service.

Frank Thomas

Posted 2014-05-06T15:24:29.187

Reputation: 29 039

Asked: 2014-05-06T15:24:29.187

Viewed: 3 896 times

Active: 2014-05-06T18:23:29.337