The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Usign shadow+passwd files versus @pwcache

Discussion in 'Security' started by spojler, May 6, 2014.

  1. spojler

    spojler Registered
    PartnerNOC

    Joined:
    Jan 2, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Using shadow+passwd files versus @pwcache

    Hello!

    Recently, I've been mocking about with some of the cPanel stuff, and it came to my attention that some of our servers have a @pwcache/ directory inside the user's etc/{domain}/ directory, while some don't (they have the standard shadow and passwd files. I'm aware these mechanisms are used for storing and verifying data about users email accounts. However, I noticed inconsistencies across various servers, and even various accounts on the same servers, which befuddled me. Sadly, I wasn't able to pursue this further; I was using in-production data to "investigate" this. So, I'm came to seek wisdom here! Anyway, I've noticed the following cases:

    1. content inside of @pwcache/ and shadow/passwd contain the same data (at least the password hash)
    2. shadow/passwd are empty, whilst @pwcache/ contains data
    3. some of it is contained within shadow/passwd, and some inside @pwcache/

    To clarify the last case: user A's data was inside @pwcache/, while user B's data was inside of shadow/passwd

    I'm curious which of the above cases is the preferred case.

    Thanks!
     
    #1 spojler, May 6, 2014
    Last edited: May 6, 2014
  2. spojler

    spojler Registered
    PartnerNOC

    Joined:
    Jan 2, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Re: Using shadow+passwd files versus @pwcache

    UPDATE

    So, apparently the @pwcache/ directory (and its files) is generated whenever someone logs in (only tested through the webmail). I'm still not sure what it's really used for. So far it appears to only exist for convenience, or to support future changes. The passwords inside the @pwcache/{user} appear to not be authoritative; the passwords inside shadow—however—do.

    For now I will ignore @pwcache/, but if someone knows more about the subject, please chime in!

    Cheers!
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,762
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Re: Using shadow+passwd files versus @pwcache

    These files store additional cached data. Here is an example of the contents of one file:

    Code:
    passwd:
    quota:262144000
    homedir:
    strength:56
    lastchanged:16104
    Thank you.
     
  4. spojler

    spojler Registered
    PartnerNOC

    Joined:
    Jan 2, 2014
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    Re: Using shadow+passwd files versus @pwcache

    Hey, Micahel!

    Thanks for clarifying that! However, I was aware of the contents of the files, but all this can be obtained from shadow/quota/passwd ("sqp-triplet"). I suppose it's generated to save on I/O. However, the sqp-triplet is still the authoritative, at least when the password is being verified upon logging in.

    I was merely wondering if there's anything else that might rely upon the @pwcache directory's contents, and whether it's worth updating it when updating the others. So far I haven't been updating it, and I haven't encountered any problems. If any arise, I'll make sure to post here.

    Thanks!
     

Share This Page