Back

What Is /etc/passwd?

The /etc/passwd file is a text-based database on Unix and Linux systems that stores information about user accounts. Each line represents one user and contains seven colon-separated fields. On modern systems, password hashes are stored in the separate /etc/shadow file, with an "x" in the password field for security, but the passwd file remains world-readable for username-to-UID mapping.

The format was inherited from early Unix systems at AT&T Bell Laboratories and has remained the standard on virtually all Unix-like systems for decades. Only the superuser (root) can modify the file, though any user can read it to look up information such as home directories or login shells.

Common Use Cases

  • Audit user accounts: Review all system users, their assigned UIDs and GIDs to detect orphaned or misconfigured accounts on Linux servers.
  • Look up home directory or shell: Quickly find a specific user's home directory or default login shell for troubleshooting.
  • Automate provisioning: Parse the passwd file during container or server setup scripts to verify correct user creation.
  • Distinguish human vs. system users: Identify which accounts belong to real users (UID >= 1000) and which are system or service accounts (UID < 1000).

/etc/passwd Format

Each line in /etc/passwd contains exactly seven colon-separated (:) fields:

username:password:UID:GID:comment:home:shell

For example, the line jdoe:x:1001:1000:John Doe,Room 1007:/home/jdoe:/bin/sh represents:

  • username (jdoe): Login name, unique across the system.
  • password (x): Placeholder indicating the real password is in /etc/shadow.
  • UID (1001): Numeric user identifier. UIDs < 1000 are typically system accounts.
  • GID (1000): Primary group identifier for the user.
  • comment (John Doe,Room 1007): GECOS field with full name and contact details.
  • home (/home/jdoe): Path to the user's home directory.
  • shell (/bin/sh): Command interpreter launched at login.