In CentOS 7 and Ubuntu22.04, use the ls -l command to view the permissions of the shadow file, and you get (----------) for CentOS 7, and (-rw-r-----), but the root user has read and write permissions to the file, so why are the permissions seen by using ls -l to view the shadow file different?
The shadow file contains sensitive information such as encrypted passwords, and therefore the default permissions for this file are set to be very restrictive, even for the root user.
In CentOS 7, the shadow file has a permission of "----------", which means no one has any permission to read, write, or execute the file. This is because in CentOS 7, the shadow file is used in combination with the SELinux security module which implements mandatory access control (MAC) policies.
In Ubuntu 22.04, the shadow file has a permission of "-rw-r-----", which means that the owner of the file (root) has read and write permissions, but all other users have no permissions to read, write or execute the file. This is the default permission setting for the shadow file in Ubuntu.
Therefore, the two different operating systems have different default permission settings for the shadow file due to differences in their security modules and policies. However, the permissions can be modified using the chmod command if necessary.
To change the permission of the shadow file in CentOS 7 to "-rw-r-----", you would run:
To change the permission of the shadow file in Ubuntu to "----------", you would run: