/etc/passwd is the traditional Unix file listing user accounts. Despite its name, it does not contain passwords—those moved to /etc/shadow decades ago for security reasons. Each line describes one user with seven colon-separated fields:
username:x:UID:GID:GECOS:home-directory:shell
alice:x:1000:1000:Alice Smith:/home/alice:/bin/bash
The fields are: username, password placeholder (x indicates the real hash is in /etc/shadow), numeric user ID, numeric primary group ID, a comment field (historically GECOS, often containing full name), home directory, and login shell.
/etc/passwd is world-readable, which is why lightweight lookups like getent passwd alice or id alice work for any user. Non-login system accounts have shells like /usr/sbin/nologin or /bin/false that refuse to start an interactive session. The file is managed by tools like useradd, usermod, and userdel, and should never be edited directly without vipw (the locking editor).
On networked systems, accounts can come from LDAP, Active Directory, or other directories via NSS; getent passwd walks all configured sources, while reading /etc/passwd directly only shows local entries.
Related terms: /etc/shadow, useradd, /etc/group
Discussed in:
- Chapter 9: Users, Groups, and Permissions — /etc/passwd and /etc/shadow
Also defined in: Textbook of Linux