Red Hat Enterprise Linux 5 Administration Unleashed

How It All Works 215If shadow passwords are used (the default), the encrypted passwords are stored in the/etc/shadow file, readable only by root for security reasons. This file can also storeoptional password expiration data.All user groups are stored in the /etc/group file, readable by everyone but only writableby root for the same reason /etc/passwd has these permissions—user utilities need to beable to map group IDs to group names. Each group is listed on a separate line in thefollowing format:groupname:password:gid:usersThe group name is the actual name of the user group, the password field contains the xcharacter if shadow passwords are used or the encrypted password if shadow passwordsare not used. The gid is the unique group ID for the group, and the users field is acomma-delimited list of users in the group.If shadow passwords are used for group passwords (the default), they are stored in/etc/gshadow, a file readable only by the root user.When a new user is added, files from the /etc/skel/ directory are copied to the user’shome directory unless the administrator chooses not to create one.NOTEBy default, a home directory is created when a user is added. If the user’s home directoryalready exists (for example, the /home/ directory was preserved during reinstallation),the files from /etc/skel/ are not copied to the existing home directory so thatthe existing files are not overwritten. This behavior has changed in recent versions ofuseradd, so use caution when performing this same operation on older versions ofRed Hat Enterprise Linux.The default values used when adding a user are stored in the /etc/default/useradd file.By default, it contains the values in Listing 9.2.LISTING 9.2Default Values When Adding a User# useradd defaults fileGROUP=100HOME=/homeINACTIVE=-1EXPIRE=SHELL=/bin/bashSKEL=/etc/skelCREATE_MAIL_SPOOL=no9These default values can be modified with the useradd -D command.Available options for modifying default values are in Table 9.5.