Every now and then on my OS journey I find weird things. Today is one of those days. When implementing my login system, I was looking at the standard login files - /etc/group, /etc/passwd, and /etc/shadow. Those are all well known and normal, right? Well imagine my surprise when a file I’ve never heard of popped up: /etc/gshadow. For the uninitiated, on Linux you have a set of groups that your user is a member. You can see them with id: ...
Let’s go on an adventure. I’ve learnt a lot more Rust over the last year, and I want to get back into writing properly, so my plan is to write a Linux Operating System. While writing it, I’ll be taking notes in my repo - https://github.com/sinkingpoint/qos/tree/main/notes . And every now and then formalising them into more structured blog posts over here, once I’ve learnt enough to make something interesting. Recently, I went about implementing a login system for our operating system. I had a general idea of how to do this - users are stored in /etc/passwd, password hashes are stores in /etc/shadow, so we should read a username and password from the terminal, check the password against the password hash, and log the user in if it’s correct. Sounds simple enough, right? Well… there’s a surprising amount of complexity in that “check the password against the password hash” step, and to reveal it we’re going to have to talk about crypt(3). ...