Join Log in
Score:0
JerryWill321 avatar Ubuntu

What are the locations of the files that store the list of available users?

us flag
JerryWill321

I know that list of users is present in the /etc/passwd file, but are there any other files that have usernames stored in them?

Anonymization of the file system is the intended purpose.

112
0 + 0
br flag
UnKNOWn
did you check in `/var/lib/AccountsService/users/`
0
Reply
Score:1
Alexander Grytsenko avatar Ubuntu
in flag
Alexander Grytsenko

In addition to /etc/passwd and /var/lib/AccountsService/users/ you and @UnKNOWn already mentioned usernames are stored in the following (but not limited to) files:

/etc/shadow
/etc/gshadow
/etc/gshadow-
/etc/group
/etc/group-
/etc/subgid
0 + 0
user10489 avatar
in flag
user10489
gshadow- and group- have no effect on the system, they are just backup files.
0
Reply
Alexander Grytsenko avatar
in flag
Alexander Grytsenko
@user10489 - you are right. Depending on a goal, this file might be needed or not. If the goal is anonymization of the filesystem before transferring it to third party, then usernames should be wiped out from all files including backups.
0
Reply
user10489 avatar
in flag
user10489
That wasn't in the question.
0
Reply
user10489 avatar
in flag
user10489
If anonymization and removal of usernames is a goal, this list is not even close to complete and the OP should add that to the question.
0
Reply
NotTheDr01ds avatar
vn flag
NotTheDr01ds
@user10489 Thanks for pointing that out! The OP has now updated the question to confirm that anonymization is the goal.
0
Reply
Score:1
user10489 avatar Ubuntu
in flag
user10489

The list of services that can supply user credentials is in nsswitch.conf:

grep passwd /etc/nsswitch.conf

for example

passwd:         files systemd sss

These services correspond to:

  • files: /etc/passwd
  • sss: The sssd daemon which pulls credentials from Active Directory, LDAP, IPA, Kerberos, possibly others
  • systemd: Database driven credentials in /etc/userdb/ instead of traditional flat files

Other services may be possible.

For anonymization rather than credentials, you need to check the above for credentials, and then check the whole system for files owned by any user with a uid >=1000 (or 500 on older systems or 100 on really older systems). This should catch most user data directories, but especially check /home and things like /var/mail and /var/spool/cron but really all of /var/spool/ in general.

Also, you need to check /var for cached credentials.

You may want to carefully purge log files in /var/log which could contain user activity logs.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.