Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can anyone help me to know the background process/ daemon which creates user's home directory when we do a useradd <user_name> in RHEL.
what makes you think there is some background task or daemon involved? I'd rather assume that creating the new user's home dir is an integral part of the work the useradd utility does, as well as adding an entry to /etc/passwd and /etc/group for the new user.
Which reminds me of a question I've wanted to ask for a long time. Traditionally, there's the two files /etc/passwd and /etc/group that contain all information about users and groups. But I've seen occasionally that some distros seem to use /etc/shadow for apparently the same purpose as /etc/passwd - sometimes even both of them exist.
Apart from that, I can't help noticing that this not only depends on the distro, but can probably be configured, because I've seen some Debians using /etc/passwd, and I've seen some using /etc/shadow.
What's the difference, and what's the point in using something different?
Which reminds me of a question I've wanted to ask for a long time. Traditionally, there's the two files /etc/passwd and /etc/group that contain all information about users and groups. But I've seen occasionally that some distros seem to use /etc/shadow for apparently the same purpose as /etc/passwd - sometimes even both of them exist.
In a nutshell:
The shadow packages makes handling passwords in a secure way possible.
Both /etc/passwd and /etc/group are world readable, /etc/shadow is not (owner root)rw), group shadow(r)). Without shadow the (encrypted) password is stored in /etc/passwd and thus easily accessible by anybody (think: rainbow tables).
Both /etc/passwd and /etcgroup have to be present, using shadow will migrate some of the info to the more secure /etc/shadow file.
Both /etc/passwd and /etc/group are world readable, /etc/shadow is not (owner root)rw), group shadow(r)). Without shadow the (encrypted) password is stored in /etc/passwd and thus easily accessible by anybody (think: rainbow tables).
Both /etc/passwd and /etcgroup have to be present, using shadow will migrate some of the info to the more secure /etc/shadow file.
okay, I think I understood that so far, thank you. But that leaves a question that bothers me: What would I have to do to set up the system for NOT using a shadow file? I dimly remember that I was asked a question aiming into that direction when I installed Debian in a VM. But can the behavior be changed after installation? I'm sure it can, but how?
What would I have to do to set up the system for NOT using a shadow file?
I dimly remember that I was asked a question aiming into that direction when I installed Debian in a VM. But can the behavior be changed after installation? I'm sure it can, but how?
I'm not sure that can be easily done. On Debian, shadow is part of the passwd package so it isn't as simple as aptitude remove shadow. You might be able to use pwunconv and grpunconv but I'm not sure how deep shadow is integrated into Debian.
BTW: Not using shadow is seen as a severe security risk.
BTW2: We are hijacking GeorgeSKJ's thread, lets keep this on topic
BTW: Not using shadow is seen as a severe security risk.
using encryption and exaggerated access control on a PC on which I'm the only user is paranoia and a nuisance, especially on little embedded or special-purpose machines. Considering a real multi-user shared machine, or an exposed server on a public network, however, I'd agree.
Quote:
Originally Posted by druuna
BTW2: We are hijacking GeorgeSKJ's thread, lets keep this on topic
We're not hijacking, but rather enriching it, which is usually a positive aspect. ;-)
Btw, as to my knowledge, the original question has been answered already.
Or was my assumption wrong? Then may somebody please correct me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.