Name
accdb_shadow - Internals of the Shadow back-end Description
Upon each successful call to q_open(), the module reads ./vetc/libaccdb/shadow (or /etc/libuudb/shadow if the former is not found) to pull its defaults from there. That configuration file uses key=value pairs to define something. Following keys are recognized (others will be ignored):
Sysctl interface
The int p_sysctl(unsigned int, ...) function of the Shadow back-end supports some more sysctls, mostly used for debugging. They are ACCDB_CHDB_PASSWD, ACCDB_CHDB_SHADOW, ACCDB_CHDB_GROUP, and ACCDB_CHDB_GSHADOW, which can be used to alter the names of the DB files at run-time. The database files currently open will not be changed, so the first time the new database files are used, is on the next call to q_open(). Database storage architecture
Within the Shadow user management, account data is spread over four files, /etc/passwd, /etc/shadow, /etc/group and /etc/gshadow. In the past (pre-1990), there were only the first two files, as confidental data found in today's /etc/shadow was stored in /etc/passwd and gshadow probably did not exist at all, not even in group. /etc/passwd is a textual file, comprising zero (very useless) or more users, separated by newline. In each line, fields are separated by a colon (:). The different fields are:
In a typical shadow system, the 2nd field is always replaced by an "x", which indicates to look into /etc/shadow for the password instead. Access to the shadow file is restricted to mode 0640(root,shadow). Any fields after the command interpreter are marked as reserved. The ACCDB Shadow back-end preserves them for your pleasure. The GECOS field itself can have multiple fields, separated by comma (,). You can freely assign any text to it, though it is normally used to store the name of the user there. Other details added there are Room Number, Work Phone, Home Phone and Other. An other document says that the initial values for nice, umask and ulimit can be set there, but usually no application will use these fields nowadays. SparkUI for example stores the XUID in the 2nd GECOS field. If the Command Interpreter field is empty, it is interpreted as /bin/sh, however the empty string is to be preserved. The /etc/shadow file is also composed of newlines and colons:
|