 Hey everyone, welcome back to another Python programming tutorial and these couple of videos I'm going to be looking at Unix specific services in the Python library Obviously the Python modules that I've been looking at this time. We're going to be looking at specifically Unix and Linux stuff So this first thing that I want to check out is PWD, which is the password database you can see right here I've got the documentation open up online and this module provides access to the Unix user account and password database It's available on all Unix versions and I'm already Ubuntu right now So we should be okay to kind of play with this and toy with it So what you get returned from any of the functions in this module are entries that are reported as tuple or tuple like objects and their attributes obviously correspond to members of the past WD or password structure and you can see all of these things here below in the table that have different meanings like the attributes PW name refers to the login name or like the username of the account password or past WD is typically an optional encrypted password So you can kind of see the password or at least the encrypted password of the users on your system And that's kind of cool. So that's kind of the reason I wanted to show you this this module and start this new kind of series With the Unix specific stuff, but let's keep going. Obviously the user ID of the user and the group ID There are some other stuff. I don't honestly know what GEcoach of the comment field is and of course we have the user's home directory and their typical command line interpreter or shell So like it says here in the description the UID and the GID for user ID and group ID are integers All the other things are typically strings and if you try to Index something that isn't in the array or you don't have the attribute in the in the tuple. Sorry You'll sort of a key error. So that's that's what's raised if you can't find anything So there are a few functions that this has getpw user ID and this will search for the password Kind of database entry with the user ID of the user like it says here turn the password database entry for the given user ID You pass in just an integer there This next one getpwNAM or NAM returns the password database entry for the given user name You pass in a string there and getpw all returns a list of all the password database entries Pretty much a random order. This isn't taking arguments. So let's take a look at these this pw all is what I'll look at first I'll fire up my shell here. I'm just gonna work in idle the Python interpreter So let's import pwd and the function we're gonna want to work with first is getpw all So like it says here there are no arguments and we'll return this list of entries And it'll return a list of all the available password database entries in arbitrary order just like it says in our documentation So we check this out Bam we get a whole lot of stuff now. This is again for all of the users on your system You know like root of course up here Let's see. What else can I find? Trying to see others Games, I don't know how to know what this is. I know there should be things for like pulse audio and Other kind of like system users That GNATS System users that you don't normally see like syslog and message bus that obviously aren't your user accounts You can log in with like they say here the shells often are Let me see if I can find one no log in right user shell is no log in because you can't really actually Interact and use the computer as this user there is of course my user right down here struck password pw name is John and And You'll notice that in a lot of these the pw password spot is just an x. I kind of really wonder why that is But we'll get into it real real soon. Let's take a look at the other functions here. It's pwd Get pwd nam. Just like we're looking at earlier and again This takes in the user user name return the password database for a given user name So if I give it John like I told you my my user account name You'll notice that we get the same struct with the pw name John and user ID information and all this stuff right here so That's what we can use of course to use that same pwd get PW user ID This took time of course you'd pass in just an ID number I know John the that user account is 1,000 because we can see it right there So pass that is an integer and we should get the exact same result of course because it's the same John account Remember if I try and pass in something that like doesn't exist like two Okay, I guess we got bin which does exist whatever Bad example, let's say two thousand give it something that doesn't have awesome We get our key area a key error. Sorry user ID is not found in two thousand So like I was saying earlier though, I'm very interested in what this X is whenever we actually want to see the encrypted password of this user There we go. See PW password is an X now. Why is that? I want to be able to see the encrypted user password So let's take out the documentation one more time I skipped over this when I was just introducing the video But there was a note here in traditional Unix the field PW password or past WD Usually contains a password encrypted with a DES derived algorithm see the module crypt, which we'll get into real real soon However, most modern unices only use a so-called shadow password system So for those the unices the PW password field only contains an asterisk. That's right here Or the letter X where the encrypted password is stored in a file, etc. Shadow, which is not world readable However, the PW password field contains anything user useful that is system dependent if available the SPW password SPWD module Sorry, I should be used or access the encrypted password is required Okay, so that's a lot of really interesting information What things that I want to comment on are on the Unix systems where the PW password field only contains an asterisk I'm pretty sure the asterisk refers to the fact that the account is disabled I'm not a hundred percent certain on that don't trust me, but if you want to do a little bit of research I believe that's what that asterisk means the account is disabled Letter X like the one that we've been seeing released I'm seeing on my system is where the encrypted password is stored in the etc. Shadow file, which is not world readable Normally it's getting this all of these password database entries from the Password structure like we know is stored in our Unix system as etc password or past WD So let's take a look at that in a terminal. I'll actually a Check out cat the file etc past WD and This is actually readable right now surprisingly and you can see all these different users like we were looking at beforehand like I saw Nats and syslog and Pulse audio is probably way down at the bottom or something. Oh, yeah pulse And of course you saw John my account right there and the same thing here this field the first index It looks like the index says in the attributes actually correspond with where they are in the etc password file Separated by colon so you can see But this X still refers to you that the password is hidden in a different file That's in etc. Shadow So for experiment's sake, let's let's make something Interesting I want to add a user. Let's say that we can kind of play with their password and try and understand it So I want to run pseudo user ad to add a new user and remember you need the pseudo command to actually run this with Privileges and let's say the username can be foobar I'll answer my password here. You might need to do the same And now we should have a new user foobar actually I'm gonna delete that because I want to be able to set the password So I won't delete it, but I'll say pseudo pass WD Fubar to be able to change its its password and let's say the enter enter the new Unix password I'm just gonna say something really simple something pretty easy to crack like in a dictionary just like Apples is what I typed in type it again apples and now okay the password Updated successfully. I think we can log in as him with SU hyphen log in I think it's Okay, foobar, maybe not. I'll log in with my password apples Okay, cool. I must have typed it in accidentally So now if I say who am I? My user currently is foobar because we logged in as as foobar So that's the account that we just created and if I check it out in The etc password folder Pass WD that that file. Sorry, you'll see that foobar is way down here We just added him He's got the new 1001 user ID and his password is still x so his password must be stored in et cetera shadow Which is a different file like we saw here different from et cetera password or pass WD So normally you'd use this SPWD module to try and read those and actually get more information Rather than this PWD password database But you can still use this module to kind of get a little bit of information about the user And that's kind of wanted why I wanted to show you this module and Introduce this thing to you so you can know what is available to you for on Linux and like unique specific services in Python and we'll get a little bit more of an understanding as to where the passwords are stored and it's set in a password and How a python reads it what it's seeing where the indexes and attributes come from and that sort of thing So hopefully this has been useful for you This was kind of a really interesting and kind of fun program program and tutorial to think up and Get towards you So hopefully and the next one will look at SPWD that module and very soon after that We'll look at crypt the next module to play with the passwords. So Hope you enjoyed this and I'll see you in the next tutorial