Hi,

Good evening..!!

Can anyone help me to know the background process/ daemon which creates user's home directory when we do a useradd <user_name> in RHEL.

Many Thanks,

George

Hi there,

what makes you think there is some background task or daemon involved? I'd rather assume that creating the new user's home dir is an integral part of the work the useradd utility does, as well as adding an entry to /etc/passwd and /etc/group for the new user.

Which reminds me of a question I've wanted to ask for a long time. Traditionally, there's the two files /etc/passwd and /etc/group that contain all information about users and groups. But I've seen occasionally that some distros seem to use /etc/shadow for apparently the same purpose as /etc/passwd - sometimes even both of them exist.
Apart from that, I can't help noticing that this not only depends on the distro, but can probably be configured, because I've seen some Debians using /etc/passwd, and I've seen some using /etc/shadow.

What's the difference, and what's the point in using something different?

[X] Doc CPU

In a nutshell:

The shadow packages makes handling passwords in a secure way possible.

Both /etc/passwd and /etc/group are world readable, /etc/shadow is not (owner root)rw), group shadow(r)). Without shadow the (encrypted) password is stored in /etc/passwd and thus easily accessible by anybody (think: rainbow tables).

Both /etc/passwd and /etcgroup have to be present, using shadow will migrate some of the info to the more secure /etc/shadow file.

Hi there,

okay, I think I understood that so far, thank you. But that leaves a question that bothers me: What would I have to do to set up the system for NOT using a shadow file? I dimly remember that I was asked a question aiming into that direction when I installed Debian in a VM. But can the behavior be changed after installation? I'm sure it can, but how?

[X] Doc CPU

I'm not sure that can be easily done. On Debian, shadow is part of the passwd package so it isn't as simple as aptitude remove shadow. You might be able to use pwunconv and grpunconv but I'm not sure how deep shadow is integrated into Debian.

BTW: Not using shadow is seen as a severe security risk.

BTW2: We are hijacking GeorgeSKJ's thread, lets keep this on topic

Hi there,

using encryption and exaggerated access control on a PC on which I'm the only user is paranoia and a nuisance, especially on little embedded or special-purpose machines. Considering a real multi-user shared machine, or an exposed server on a public network, however, I'd agree.

We're not hijacking, but rather enriching it, which is usually a positive aspect. ;-)
Btw, as to my knowledge, the original question has been answered already.
Or was my assumption wrong? Then may somebody please correct me.

[X] Doc CPU