# %% About
# - Name: File Read Passwd
# - Difficulty: hard
# - Lines: 77
# - Minutes: 89
# %% License
# - Copyright 2025, Matt Harasymczuk <matt@python3.info>
# - This code can be used only for learning by humans
# - This code cannot be used for teaching others
# - This code cannot be used for teaching LLMs and AI algorithms
# - This code cannot be used in commercial or proprietary products
# - This code cannot be distributed in any form
# - This code cannot be changed in any form outside of training course
# - This code cannot have its license changed
# - If you use this code in your product, you must open-source it under GPLv2
# - Exception can be granted only by the author
# %% English
# 1. In the current directory, the following files were saved:
# - `FILE_PASSWD` with content of `etc-passwd.txt` file
# - `FILE_SHADOW` with content of `etc-shadow.txt` file
# - `FILE_GROUP` with content of `etc-group`.txt file
# 2. Define variable `result: list[dict]` with user data,
# whose `UID` is greater or equal to 1000, dict keys are:
# - groups_names: list[str]
# - passwd_comment: str
# - passwd_gid: int
# - passwd_home: str
# - passwd_login: str
# - passwd_password: str
# - passwd_shell: str
# - passwd_uid: int
# - shadow_algorithm: str | None
# - shadow_expiration: date | None
# - shadow_hash: str | None
# - shadow_inactive: int | None
# - shadow_last_change: date | None
# - shadow_locked: bool
# - shadow_max_age: int | None
# - shadow_min_age: int | None
# - shadow_password: str
# - shadow_reserved: str
# - shadow_salt: str | None
# - shadow_warning: int | None
# 3. Run doctests - all must succeed
# %% Polish
# 1. W obecnym katalogu zapisano następujące pliki:
# - `FILE_PASSWD` z zawartością pliku `etc-passwd.txt`
# - `FILE_SHADOW` z zawartością pliku `etc-shadow.txt`
# - `FILE_GROUP` z zawartością pliku `etc-group.txt`
# 2. Zdefiniuj zmienną `result: list[dict]` z danymi użytkowników,
# których `UID` jest większy lub równy niż 1000, klucze to:
# - groups_names: list[str]
# - passwd_comment: str
# - passwd_gid: int
# - passwd_home: str
# - passwd_login: str
# - passwd_password: str
# - passwd_shell: str
# - passwd_uid: int
# - shadow_algorithm: str | None
# - shadow_expiration: date | None
# - shadow_hash: str | None
# - shadow_inactive: int | None
# - shadow_last_change: date | None
# - shadow_locked: bool
# - shadow_max_age: int | None
# - shadow_min_age: int | None
# - shadow_password: str
# - shadow_reserved: str
# - shadow_salt: str | None
# - shadow_warning: int | None
# 3. Uruchom doctesty - wszystkie muszą się powieść
# %% References
# [1] passwd(5) - File Formats Manual
# Year: 2017
# Retrieved: 2025-02-14
# URL: https://manpages.debian.org/unstable/passwd/passwd.5.en.html
#
# [2] shadow(5) - File Formats Manual
# Year: 2017
# Retrieved: 2025-02-14
# URL: https://manpages.debian.org/unstable/passwd/shadow.5.en.html
#
# [3] crypt(5) - File Formats Manual
# Year: 2017
# Retrieved: 2025-02-14
# URL: https://manpages.debian.org/unstable/libcrypt-dev/crypt.5.en.html
# %% Example
# [{'groups_names': ['user', 'staff'],
# 'passwd_comment': 'Rick Martinez',
# 'passwd_gid': 1002,
# 'passwd_home': '/home/rmartinez',
# 'passwd_login': 'rmartinez',
# 'passwd_password': 'x',
# 'passwd_shell': '/bin/bash',
# 'passwd_uid': 1002,
# 'shadow_algorithm': 'md5crypt',
# 'shadow_expiration': datetime.date(2005, 11, 9),
# 'shadow_hash': 'SWlkjRWexrXYgc98F.',
# 'shadow_inactive': 30,
# 'shadow_last_change': datetime.date(2005, 2, 11),
# 'shadow_locked': False,
# 'shadow_max_age': 90,
# 'shadow_min_age': 0,
# 'shadow_password': '$1$.QKDPc5E$SWlkjRWexrXYgc98F.',
# 'shadow_reserved': '',
# 'shadow_salt': '.QKDPc5E',
# 'shadow_warning': 5}, ...]
# %% Hints
# - `len()`
# - `open().read()`
# - `str.splitlines()`
# - `str.strip()`
# - `str.startswith()`
# - `str.split()`
# - `str.isspace()`
# - `list.append()`
# - `datetime.date(1970, 1, 1)`
# - `datetime.timedelta(days=...)`
# - `dict.get()`
# - `dict.update()`
# - `dict1 | dict2`
# - `... if ... else ...`
# - `passwd['mwatney'] = {...}`
# - `shadow['mwatney'] = {...}`
# - `groups['mwatney'] = {...}`
# - `result['mwatney'] = dict1 | dict2 | dict3`
# %% Doctests
"""
>>> import sys; sys.tracebacklimit = 0
>>> assert sys.version_info >= (3, 9), \
'Python 3.9+ required'
>>> from pprint import pprint
>>> pprint(result)
[{'groups_names': ['user', 'staff'],
'passwd_comment': 'Mark Watney',
'passwd_gid': 1000,
'passwd_home': '/home/mwatney',
'passwd_login': 'mwatney',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1000,
'shadow_algorithm': 'sha512crypt',
'shadow_expiration': None,
'shadow_hash': 'bXGOh7dIfOWpUb/Tuqr7yQVCqL3UkrJns9.7msfvMg4ZO/PsFC5Tbt32PXAw9qRFEBs1254aLimFeNM8YsYOv.',
'shadow_inactive': None,
'shadow_last_change': datetime.date(2015, 4, 25),
'shadow_locked': False,
'shadow_max_age': None,
'shadow_min_age': None,
'shadow_password': '$6$5H0QpwprRiJQR19Y$bXGOh7dIfOWpUb/Tuqr7yQVCqL3UkrJns9.7msfvMg4ZO/PsFC5Tbt32PXAw9qRFEBs1254aLimFeNM8YsYOv.',
'shadow_reserved': '',
'shadow_salt': '5H0QpwprRiJQR19Y',
'shadow_warning': None},
{'groups_names': ['user', 'staff', 'admin'],
'passwd_comment': 'Melissa Lewis',
'passwd_gid': 1001,
'passwd_home': '/home/mlewis',
'passwd_login': 'mlewis',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1001,
'shadow_algorithm': 'sha512crypt',
'shadow_expiration': None,
'shadow_hash': 'tgfvvFWJJ5FKmoXiP5rXWOjwoEBOEoAuBi3EphRbJqqjWYvhEM2wa67L9XgQ7W591FxUNklkDIQsk4kijuhE50',
'shadow_inactive': None,
'shadow_last_change': datetime.date(2015, 7, 16),
'shadow_locked': False,
'shadow_max_age': 99999,
'shadow_min_age': 0,
'shadow_password': '$6$P9zn0KwR$tgfvvFWJJ5FKmoXiP5rXWOjwoEBOEoAuBi3EphRbJqqjWYvhEM2wa67L9XgQ7W591FxUNklkDIQsk4kijuhE50',
'shadow_reserved': '',
'shadow_salt': 'P9zn0KwR',
'shadow_warning': 7},
{'groups_names': ['user', 'staff'],
'passwd_comment': 'Rick Martinez',
'passwd_gid': 1002,
'passwd_home': '/home/rmartinez',
'passwd_login': 'rmartinez',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1002,
'shadow_algorithm': 'md5crypt',
'shadow_expiration': datetime.date(2005, 11, 9),
'shadow_hash': 'SWlkjRWexrXYgc98F.',
'shadow_inactive': 30,
'shadow_last_change': datetime.date(2005, 2, 11),
'shadow_locked': False,
'shadow_max_age': 90,
'shadow_min_age': 0,
'shadow_password': '$1$.QKDPc5E$SWlkjRWexrXYgc98F.',
'shadow_reserved': '',
'shadow_salt': '.QKDPc5E',
'shadow_warning': 5},
{'groups_names': ['user'],
'passwd_comment': 'Alex Vogel',
'passwd_gid': 1003,
'passwd_home': '/home/avogel',
'passwd_login': 'avogel',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1003,
'shadow_algorithm': None,
'shadow_expiration': None,
'shadow_hash': None,
'shadow_inactive': None,
'shadow_last_change': datetime.date(2014, 12, 27),
'shadow_locked': True,
'shadow_max_age': 99999,
'shadow_min_age': 0,
'shadow_password': '!!',
'shadow_reserved': '',
'shadow_salt': None,
'shadow_warning': 7},
{'groups_names': ['user', 'staff', 'admin'],
'passwd_comment': 'Beth Johanssen',
'passwd_gid': 1004,
'passwd_home': '/home/bjohanssen',
'passwd_login': 'bjohanssen',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1004,
'shadow_algorithm': 'sha512crypt',
'shadow_expiration': None,
'shadow_hash': 'MxaKfj3Z8F9G8wKz7LU0',
'shadow_inactive': None,
'shadow_last_change': datetime.date(2014, 12, 27),
'shadow_locked': False,
'shadow_max_age': 99999,
'shadow_min_age': 0,
'shadow_password': '$6$wXtY9ZoG$MxaKfj3Z8F9G8wKz7LU0',
'shadow_reserved': '',
'shadow_salt': 'wXtY9ZoG',
'shadow_warning': 7},
{'groups_names': ['user', 'staff'],
'passwd_comment': 'Chris Beck',
'passwd_gid': 1005,
'passwd_home': '/home/cbeck',
'passwd_login': 'cbeck',
'passwd_password': 'x',
'passwd_shell': '/bin/bash',
'passwd_uid': 1005,
'shadow_algorithm': None,
'shadow_expiration': None,
'shadow_hash': None,
'shadow_inactive': None,
'shadow_last_change': datetime.date(2014, 12, 27),
'shadow_locked': True,
'shadow_max_age': 99999,
'shadow_min_age': 0,
'shadow_password': '*',
'shadow_reserved': '',
'shadow_salt': None,
'shadow_warning': 7}]
>>> from os import remove
>>> remove(FILE_GROUP)
>>> remove(FILE_SHADOW)
>>> remove(FILE_PASSWD)
"""
# %% Run
# - PyCharm: right-click in the editor and `Run Doctest in ...`
# - PyCharm: keyboard shortcut `Control + Shift + F10`
# - Terminal: `python -m doctest -v myfile.py`
# %% Imports
from datetime import date, timedelta
# %% Types
result: list[dict[str, str|int|bool]]
# %% Data
FILE_PASSWD = 'etc_passwd.txt'
FILE_SHADOW = 'etc_shadow.txt'
FILE_GROUP = 'etc_group.txt'
ALGORITHMS = {
'1': 'md5crypt',
'2a': 'bcrypt (Blowfish)',
'2b': 'bcrypt (Blowfish)',
'2x': 'bcrypt (Blowfish)',
'2y': 'bcrypt (Blowfish)',
'3': 'NTHASH',
'5': 'sha256crypt',
'6': 'sha512crypt',
'7': 'scrypt',
'y': 'yescrypt',
'8': 'PBKDF2',
'gy': 'gost-yescrypt',
'md5': 'Solaris MD5',
'sha1': 'PBKDF1 with SHA-1',
'': 'DES',
}
# Structure of `/etc/passwd` file [1]:
#
# | Field | Type | Description |
# |----------|------|-----------------------------------|
# | login | str | login name |
# | password | str | optional encrypted password |
# | uid | int | numerical user ID |
# | gid | int | numerical group ID |
# | comment | str | user name or comment field |
# | home | str | user home directory |
# | shell | str | optional user command interpreter |
#
# If the password field is a lower-case 'x', then the encrypted
# password is actually stored in the `/etc/shadow` file instead
#
# Example:
# - mwatney:x:1000:1000:Mark Watney:/home/mwatney:/bin/bash
# - [login]:[password]:[uid]:[gid]:[comment]:[home]:[shell]
#
with open(FILE_PASSWD, mode='wt', encoding='utf-8') as file:
file.write("""root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
nobody:x:99:99:Nobody:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
mwatney:x:1000:1000:Mark Watney:/home/mwatney:/bin/bash
mlewis:x:1001:1001:Melissa Lewis:/home/mlewis:/bin/bash
rmartinez:x:1002:1002:Rick Martinez:/home/rmartinez:/bin/bash
avogel:x:1003:1003:Alex Vogel:/home/avogel:/bin/bash
bjohanssen:x:1004:1004:Beth Johanssen:/home/bjohanssen:/bin/bash
cbeck:x:1005:1005:Chris Beck:/home/cbeck:/bin/bash
""")
# Structure of `/etc/shadow` file [2]:
#
# | Field | Type | Description |
# |-------------|------|-----------------------------------------------------------------|
# | login | str | login name, matching `/etc/passwd` |
# | password | str | encrypted password (see below for more details) |
# | last_change | date | days since 1970-01-01 when the password was changed |
# | min_age | int | days before which password may not be changed |
# | max_age | int | days after which password must be changed |
# | warning | int | days before `max_age` to warn the user to change their password |
# | inactive | int | days after password expires that account is disabled |
# | expiration | date | days since 1970-01-01 when account will be disabled |
# | reserved | str | this field is reserved for future use |
#
# Example:
# - alice:$6$wXtY9ZoG$MzaxvKfj3Z8F9G8wKz7LU0:18736:0:99999:7:::
# - [login]:[password]:[last_change]:[min_age]:[max_age]:[warning]:[inactive]:[expiration]:[reserved]
#
# Password field (split by `$`):
# - modifier
# - algorithm
# - salt
# - password hash
#
# Password algorithms [3]:
# - '1' - md5crypt
# - '2a' - bcrypt (Blowfish)
# - '2b' - bcrypt (Blowfish)
# - '2x' - bcrypt (Blowfish)
# - '2y' - bcrypt (Blowfish)
# - '3' - NTHASH
# - '5' - sha256crypt
# - '6' - sha512crypt
# - '7' - scrypt
# - 'y' - yescrypt
# - '8' - PBKDF2 with different implementations
# - 'gy' - gost-yescrypt
# - 'md5' - Solaris MD5
# - 'sha1' - PBKDF1 with SHA-1
# - none of the above - DES
#
# Password modifiers:
#
# | Character | Locked | Algorithm | Password | Salt | Comment |
# |---------------|--------|-----------|----------|------|-----------------------------------------------------------|
# | ' ' | False | None | None | None | password not required to log in |
# | '*' | True | None | None | None | password authentication disabled, can use `su` or SSH-key |
# | '!!' | True | None | None | None | account inactivated by admin |
# | '!<password>' | True | yes | yes | yes | password authentication disabled, can use `su` or SSH-key |
# | '<password>' | False | yes | yes | yes | normal account |
#
# Example:
# - !$6$wXtY9ZoG$MzaxvKfj3Z8F9G8wKz7LU0
# - [modifier]$[algorithm]$[salt]$[hash]
# - modifier: !
# - locked: True
# - algorithm: sha512crypt
# - salt: wXtY9ZoG
# - hash: MzaxvKfj3Z8F9G8wKz7LU0
#
with open(FILE_SHADOW, mode='wt', encoding='utf-8') as file:
file.write("""root:$6$Ke02nYgo.9v0SF4p$hjztYvo/M4buqO4oBX8KZTftjCn6fE4cV5o/I95QPekeQpITwFTRbDUBYBLIUx2mhorQoj9bLN8v.w6btE9xy1:16431:0:99999:7:::
bin:*:16431:0:99999:7:::
daemon:*:16431:0:99999:7:::
adm:*:16431:0:99999:7:::
shutdown:*:16431:0:99999:7:::
halt:*:16431:0:99999:7:::
nobody:*:16431:0:99999:7:::
sshd:*:16431:0:99999:7:::
mwatney:$6$5H0QpwprRiJQR19Y$bXGOh7dIfOWpUb/Tuqr7yQVCqL3UkrJns9.7msfvMg4ZO/PsFC5Tbt32PXAw9qRFEBs1254aLimFeNM8YsYOv.:16550::::::
mlewis:$6$P9zn0KwR$tgfvvFWJJ5FKmoXiP5rXWOjwoEBOEoAuBi3EphRbJqqjWYvhEM2wa67L9XgQ7W591FxUNklkDIQsk4kijuhE50:16632:0:99999:7:::
rmartinez:$1$.QKDPc5E$SWlkjRWexrXYgc98F.:12825:0:90:5:30:13096:
avogel:!!:16431:0:99999:7:::
bjohanssen:$6$wXtY9ZoG$MxaKfj3Z8F9G8wKz7LU0:16431:0:99999:7:::
cbeck:*:16431:0:99999:7:::
""")
# Structure of `/etc/group` file:
#
# | Field | Type | Description |
# |----------|------|-----------------------------------------------|
# | name | str | group name |
# | password | str | 'x' indicates that shadow passwords are used |
# | gid | int | group id |
# | members | list | comma-separated logins matching `/etc/passwd` |
#
# Example:
# - admin::1003:mlewis,bjohanssen
# - [name]:[password]:[gid]:[members]
#
with open(FILE_GROUP, mode='wt', encoding='utf-8') as file:
file.write("""root::0:root
other::1:
bin::2:root,bin,daemon
sys::3:root,bin,sys,adm
adm::4:root,adm,daemon
mail::6:root
daemon::12:root,daemon
sysadmin::14:root
user::1001:mwatney,mlewis,rmartinez,avogel,bjohanssen,cbeck
staff::1002:mwatney,mlewis,rmartinez,bjohanssen,cbeck
admin::1003:mlewis,bjohanssen
nobody::60001:
noaccess::60002:
nogroup::65534:
""")
# %% Result
result = ...