PWCK: Check the integrity of the passwd and shadow files [Quick Guide]

6:27 pm November 22, 20167183

I. introduction

order pwck (password check) relatively little is known of sysadmins Linux . Yet it is useful because it allows to check integrity, IE structure, validity, files/etc/passwd, / etc/group and / etc/shadow.

According to uses, creations and deletions of account, these files can become inconsistent and contain outdated or badly formatted.

These data can be, for example:

  • wrong number of fields in the file
  • a unique user name
  • a login shell valid
  • a home stated and not existing

you may have guessed, the command pwck allows to check this information and provide a “topo” for the integrity of these files. It is relatively easy to use.

II. use of PWCK

to begin with, let’s run PWCK read-only. You should know that for certain information, pwck offers to make the change. Example: deleting users with a number of incorrect field.

Note : files / etc/passwd and / etc/shadow have a very clear structure which must be respected. The structure is defined a certain number of fields that are separated by ‘: ‘.

Well, to use this command, it’s easy (don’t forget the option “ r ‘ for read-only!):

[email protected]:~# pwck r 

here is a possible output:

 user lp: the '/ var/spool/lpd' directory does not exist user news: directory '/ var/spool/news' there is no user uucp: the directory '/ var/spool/uucp' there is no user list: directory '/ var/list' there is no user irc] : directory '/ var/run/ircd' there is no user gnats: directory '/ var/lib/gnats' there is no user nobody: the '/nonexistent' directory does not exist user systemd-resolve: the directory '/ run/systemd/resolve' there is no user pulse: the directory "/ var/run/pulse" there is no user speech-dispatcher: directory '/ var/run/speech-dispatcher' there is no user saned: the directory "/ var/lib/saned" does not exist user usbmux : the directory '/ var/lib/usbmux' there is no user test01: the directory "/ home/test01" does not exist user test22: directory '/ home/test22' there is no user test222: the directory '/ home/test222' does not exist user test02: no group 1004 user test02: the directory "/ home/test02" does not exist user test03: no group 1005 invalid entry in the password file erase line "test04. ":x:1006:1007: / home/test04: / bin/sh"? No no matching entry in the file/etc/passwd passwords clear the line "test04:!:17056:0:99999:7:? No pwck: no change 

several alerts rebounded here:

  • of users defined with the/home which are not
  • a user with an incorrect number of field
  • a group associated with “test02” missing in the file/etc/group

the last point, to know that when a UNIX user is created a group is created with the value of the UID (User Identifier). This allows to have a group specific to each user.

We also note that pwck proposes the deletion of this user “test02” (automatic answering ‘no’ thanks to the read-only). If the option is not used “ r “. ” You will be able to answer ‘yes’ to remove the user in question.

I hope that this tutorial will be useful, feel free to share your opinions in the comments.