Home / ubuntu / Questions / 1510466
Accepted
Manuel Jordan
Asked: 2024-04-15 07:46:26 +0800 CST

Why the GECOS column at /etc/passwd represents 4 empty fields and not 5 according with the adduser command?

  • 772

Just being curious about the following situation

When the adduser command is executed as follows:

sudo adduser optimusprime
Adding user `optimusprime' ...
Adding new group `optimusprime' (1015) ...
Adding new user `optimusprime' (1013) with group `optimusprime' ...
Creating home directory `/home/optimusprime' ...
Copying files from `/etc/skel' ...
New password: 
Retype new password: 
passwd: password updated successfully
Changing the user information for optimusprime
Enter the new value, or press ENTER for the default
    Full Name []: 
    Room Number []: 
    Work Phone []: 
    Home Phone []: 
    Other []: 
Is the information correct? [Y/n]

Observe there are 5 optional fields available to write data. If they are left empty as default when the cat /etc/passwd command is executed, the record for that user appears as follows:

optimusprime:x:1013:1015:,,,:/home/optimusprime:/bin/bash

Observe the ,,, GECOS part. It represents 4 fields as A,B,C,D and not 5 as A,B,C,D,E. Why this difference or mismatch between them? To be honest I expected

optimusprime:x:1013:1015:,,,,:/home/optimusprime:/bin/bash

Which represents the 5 fields available through the adduser command too.

And if is used the usermod command as follows:

sudo usermod -c "A,B,C,D,E" optimusprime

The user appears as:

optimusprime:x:1013:1015:A,B,C,D,E:/home/optimusprime:/bin/bash

I know is possible even add more fields through the usermod command as follows:

sudo usermod -c "A,B,C,D,E,F" optimusprime
sudo usermod -c "A,B,C,D,E,F,G" optimusprime

Therefore these commands executions are reflected as follows respectively

optimusprime:x:1013:1015:A,B,C,D,E,F:/home/optimusprime:/bin/bash
optimusprime:x:1013:1015:A,B,C,D,E,F,G:/home/optimusprime:/bin/bash

At a first glance is not clear if GECOS as minimum is based on 4 or 5 fields.

users

1 Answers

  1. Best Answer

    The manual page for the /etc/passwd file, man 5 passwd, is particularly terse in this regard:

    The comment field is used by various system utilities, such as finger(1).

    POSIX isn't any help either - in fact, the POSIX standard for the password structure, pwd.h, doesn't mandate a GECOS or comment field at all:

    The <pwd.h> header shall define the struct passwd, structure, which shall include at least the following members:

    char    *pw_name   User's login name. 
uid_t    pw_uid    Numerical user ID. 
gid_t    pw_gid    Numerical group ID. 
char    *pw_dir    Initial working directory. 
char    *pw_shell  Program to use as shell.

    If we look at the glibc implementation i.e. /usr/include/pwd.h as provided by the libc-dev package, we see that its pw_gecos member is a simple C string (or pointer-to-char):

    /* A record in the user database.  */
struct passwd
{
  char *pw_name;                /* Username.  */
  char *pw_passwd;              /* Hashed passphrase, if shadow database
                                   not in use (see shadow.h).  */
  __uid_t pw_uid;               /* User ID.  */
  __gid_t pw_gid;               /* Group ID.  */
  char *pw_gecos;               /* Real name.  */
  char *pw_dir;                 /* Home directory.  */
  char *pw_shell;               /* Shell program.  */
};

    so any application that obtains password database information using the glibc getpwent family of functions will obtain the result as single string - it is essentially up to the application how it chooses to parse it. In particular, the BSD implementation of the finger command - which is what you get if you install finger from the Ubuntu universe repository - tokenizes the string using strsep but only assigns at most four comma-separated subfields:

    /*
 * fields[0] -> real name
 * fields[1] -> office
 * fields[2] -> officephone
 * fields[3] -> homephone
 */
nfields = 0;
while ((p = strsep(&bp, ","))) {
        if (nfields < 4) fields[nfields++] = *p ? p : NULL;
}
while (nfields<4) fields[nfields++] = NULL;

    In Ubuntu, /usr/sbin/adduser is a perl script that uses the system's chfn. If you look at the source for chfn (from the shadow passwd suite) it tokenizes the first four subfields similarly then assigns the rest as "slop":

        /*
     * Anything left over is "slop".
     */
    if ((NULL != cp) && !oflg) {
            if ('\0' != slop[0]) {
                    strcat (slop, ",");
            }

            strcat (slop, cp);
    }

    So I guess the conclusion is

    • there's no standard for the GECOS field

    • the first 4 subfields have conventional interpretations based on the historical finger command

    • anything after that is optional and subject to application-dependent interpretation.

    • 2