Where are users and groups defined?

locke496 · February 12, 2026, 7:41am

Usually, a Linux system has an /etc/passwd and a /etc/group where all users are defined.

Here, in my case Aurora, both files contain only a couple of entries. Also /usr/etc/passwd and /usr/etc/group contain only a couple of entries.

For example id avahi gives
uid=70(avahi) gid=70(avahi) groups=70(avahi)

But where is this user (and all the other users) defined?

Danathar · February 12, 2026, 10:13am

Honestly, I don’t know why your /etc/passwd and /etc/group only have a couple of entries (your user ID and group are there, right)? Mine work fine and contain entries. /etc is writable in Aurora.

locke496 · February 12, 2026, 11:24am

wc -l /etc/passwd gives 7

wc -l /usr/etc/passwd gives 5

I didn’t say that things aren’t working fine but like to understand where all the other users are defined.

locke496 · February 13, 2026, 6:54pm

I found it. All the missing users are defined in /usr/lib/passwdand the missing groups in /usr/lib/group

Danathar · February 13, 2026, 6:56pm

I had no idea they were doing that (moved them). thanks!

inffy · February 13, 2026, 6:58pm

groups are in /usr/lib/groups.

This is how the dx-group recipe handles that

github.com/projectbluefin/common

system_files/bluefin/usr/share/ublue-os/just/system.just

d2e923260


      
              if gum confirm "Do you want to also install the default development flatpaks?" ; then
                  ADD_DEVMODE=1 ujust install-system-flatpaks 0 1
              fi
              if gum confirm "Do you want to install extra monospace fonts?" ; then
                  brew bundle install --file=/usr/share/ublue-os/homebrew/fonts.Brewfile
              fi
              echo "Use ujust dx-group to add your user to the correct groups and complete the installation after rebooting into the development image"
          
          # Configure docker,incus-admin,libvirt, container manager, serial permissions
          [group('System')]
          dx-group:
              #!/usr/bin/pkexec bash
              append_group() {
                  local group_name="$1"
                  if ! grep -q "^$group_name:" /etc/group; then
                      echo "Appending $group_name to /etc/group"
                      grep "^$group_name:" /usr/lib/group | sudo tee -a /etc/group > /dev/null
                  fi
              }
          
              GROUPS_ADD=("docker" "incus-admin" "libvirt" "dialout")

locke496 · February 13, 2026, 6:58pm

Me neither. But when one has only 7 entries in /etc/passwd one thinks twice. I am happy I found it.

locke496 · February 13, 2026, 7:21pm

Now I try to understand how, for instance, passwd gets information from both /etc/passwd and /usr/lib/passwd

nss comes into my mind and looking into /etc/authselect/nsswitch.conf I see

passwd: files altfiles systemd
…
shadow: files systemd
group: files [SUCCESS=merge] altfiles [SUCCESS=merge] systemd

This helps a bit. altfiles seems to be important. The next question is where altfiles is defined.

locke496 · February 13, 2026, 9:31pm

Not yet looked into details but it seems that things are managed by package authselect-libs

Topic		Replies	Views
/etc/passwd problem General	6	44	February 28, 2026
[fix/faq] 1Password Browser Extension and CLI don’t work in my custom image General	0	538	December 3, 2023
Tty UART access General	2	154	October 5, 2024
Ownership of /home/linuxbrew and several admin accounts Bluefin	6	562	January 7, 2025
How to add user to group - SOLVED Aurora	3	724	April 8, 2025

Where are users and groups defined?

Related topics