Tag Archives: how to edit /etc/passwd

Password file commands

Ever wondered which all special commands can be executed on /etc/passwd file? Learn here the list of special commands and their uses for the password file.

Here is the list of commands which can be used on /etc/passwd file.

vipw

This command is being used to edit /etc/passwd file manually. It is not recommended to edit /etc/passwd file manually. All changes on user accounts should be carried out using commands like usermod. But in some scenarios, if you want to edit the password file manually, then use this command. It opens the file in vi editors and locks it for other users. So any other admin from any other terminal won’t be able to open the file in the editor for manual editing. This ensures the integrity of the file.

Also read: Understanding /etc/passwd file.

pwck 

To check the integrity of /etc/passwd file this command can be used. Once executed it checks passwd files and its all fields. It reports any issues observed in the file e.g. if the user directory does not exist on the server, it will report it.

# /usr/sbin/pwck

[/etc/passwd] sfmdb:*:107:20::/home/sfmdb:/sbin/sh
        Login directory not found

[/etc/passwd] smmsp:*:109:20::/home/smmsp:/sbin/sh
        Login directory not found

pwconv

It generates /etc/shadow file which has user passwords in the encrypted format under the second field in each user entry. If /etc/shadow file already exists on the system then this command will update relevant fields if there were any changes in /etc/passwd file. If your system is trusted (see tsconvert command) then the user password database (Trusted Computing Database) is being maintained separately and /etc/shadow doesn’t exist on the system. In that case, this command will update the TCB accordingly.

# /usr/sbin/pwconv
Updating the tcb to match /etc/passwd, if needed.

pwunconv

It reverses the changes made by pwconv command.