Usign shadow+passwd files versus @pwcache

spojler

• May 06, 2014 11:13

Using shadow+passwd files versus @pwcache Hello! Recently, I've been mocking about with some of the cPanel stuff, and it came to my attention that some of our servers have a @pwcache/ directory inside the user's etc/{domain}/ directory, while some don't (they have the standard shadow and passwd files. I'm aware these mechanisms are used for storing and verifying data about users email accounts. However, I noticed inconsistencies across various servers, and even various accounts on the same servers, which befuddled me. Sadly, I wasn't able to pursue this further; I was using in-production data to "investigate" this. So, I'm came to seek wisdom here! Anyway, I've noticed the following cases:

]
• content inside of @pwcache/ and shadow/passwd contain the same data (at least the password hash)
• shadow/passwd are empty, whilst @pwcache/ contains data
• some of it is contained within shadow/passwd, and some inside @pwcache/

To clarify the last case: user A's data was inside @pwcache/, while user B's data was inside of shadow/passwd I'm curious which of the above cases is the preferred case. Thanks!

• 

  spojler

  • May 06, 2014 19:13

  Re: Using shadow+passwd files versus @pwcache UPDATE So, apparently the @pwcache/ directory (and its files) is generated whenever someone logs in (only tested through the webmail). I'm still not sure what it's really used for. So far it appears to only exist for convenience, or to support future changes. The passwords inside the @pwcache/{user} appear to not be authoritative; the passwords inside shadow"however"do. For now I will ignore @pwcache/, but if someone knows more about the subject, please chime in! Cheers!

  0
• 

  cPanelMichael

  • May 09, 2014 14:24

  Re: Using shadow+passwd files versus @pwcache [quote="spojler, post: 1638602">I'm still not sure what it's really used for. So far it appears to only exist for convenience, or to support future changes.
  These files store additional cached data. Here is an example of the contents of one file: passwd: quota:262144000 homedir: strength:56 lastchanged:16104
  Thank you.

  0
• 

  spojler

  • May 09, 2014 15:11

  Re: Using shadow+passwd files versus @pwcache [quote="cPanelMichael, post: 1641112">These files store additional cached data. Here is an example of the contents of one file: passwd: quota:262144000 homedir: strength:56 lastchanged:16104
  Thank you.
  Hey, Micahel! Thanks for clarifying that! However, I was aware of the contents of the files, but all this can be obtained from shadow/quota/passwd ("sqp-triplet"). I suppose it's generated to save on I/O. However, the sqp-triplet is still the authoritative, at least when the password is being verified upon logging in. I was merely wondering if there's anything else that might rely upon the @pwcache directory's contents, and whether it's worth updating it when updating the others. So far I haven't been updating it, and I haven't encountered any problems. If any arise, I'll make sure to post here. Thanks!

  0

Please sign in to leave a comment.