[opensuse] Difference between Yast->Group Mgmt. and groupadd
Listmates, When adding a group with Yast, the group is added with an 'x' for the unset password: ochiltree:x:1002:david If the group is added with 'groupadd' an '!' is used for the password: dcr:!:1051:david Why? What is the difference? -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
* David C. Rankin
When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess". - -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFHmlQ5ClSjbQz1U5oRAsLEAJ9vOzi42j1IaBzOI+WYfn66Jp57ugCgreUa 1Y5ggLw7b4gFVMwJXJtmD8Y= =oYz6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
* David C. Rankin
[01-25-08 15:59]: When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
And, from where did you glean your guess old wise one??
groupadd(8)
NAME
groupadd - create a new group entry
SYNOPSIS
groupadd [-D binddn] [-P path] [-g gid [-o]] [-p password]
[-r] [--service service] [--help] [--usage] [-v] group
DESCRIPTION
groupadd creates a new group entry using the values specified
on the command line. Depending on the
command line options the new entry will be added to the system
files or LDAP database.
The group name must begin with an alphabetic character and the
rest of the string should be from the
POSIX portable character class ([A-Za-z_][A-Za-z0-9_-.]*).
OPTIONS
-g, --gid gid
Force the new group ID to be the given number. This
value must be positive and unique. The
default is to use the first free ID after the greatest
used one. The range from which the
group ID is choosen can be specified in /etc/login.defs.
-o, --non-unique
Allow duplicate (non-unique) group IDs.
-p, --password password
Encrypted password as returned by crypt(3) for the new
account. The default is to disable the
account.
-r, --system
Create a system group. A system group is an entry with an
GID between SYSTEM_GID_MIN and SYS-
TEM_GID_MAX as defined in /etc/login.defs, if no GID is
specified.
--service service
Add the group to a special directory. The default is
files, but ldap is also valid.
-D, --binddn binddn
Use the Distinguished Name binddn to bind to the LDAP
directory. The user will be prompted
for a password for simple authentication.
-P, --path path
The group file is located below the specified directory
path. groupadd will use this files,
not /etc/group.
--help Print a list of valid options with a short description.
--usage
Print a short list of valid options.
-v, --version
Print the version number and exit.
FILES
/etc/group - group account information
SEE ALSO
login.defs(5), group(5), groupdel(8), groupmod(8)
AUTHOR
Thorsten Kukuk
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2008-01-25 at 22:44 -0600, David C. Rankin wrote:
Patrick Shanahan wrote:
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
And, from where did you glean your guess old wise one??
:-) Perhaps:
-p, --password password Encrypted password as returned by crypt(3) for the new account. The default is to disable the account.
? passwd(5) has some more info, but dispersed: These days many people run some version of the shadow password suite, where /etc/passwd has asterisks (*) instead of encrypted passwords, and the encrypted passwords are in /etc/shadow which is readable by the superuser only. So, * is for encripted passwords in /etc/shadow The field descriptions are: ... password the encrypted user password, an asterisk (*), or the letter 'x'. (See pwconv(8) for an explanation of 'x'.) So, there is more in pwconv(8). [...] No, I don't find any reference to !,* etc. Only 'x': This value indicates that the password for the user is already in /etc/shadow and should not be modified. So, I "guess" that ... No, I can't guess what is the difference betweeen '*' and 'x', and no idea about '!'. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHmwpdtTMYHG2NR9URAkPQAJ941/bxBK2BVa9ndsl4wUrGnlQ7BQCdHT/M Ny8O2qtKnshNQTI3uIoOeIw= =Mj95 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
* David C. Rankin
And, from where did you glean your guess old wise one??
Praise is not necessary, cash will suffice. - -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFHm6LXClSjbQz1U5oRAq4vAJwKaVx8JNHOukxuihJ3fm5L5UCo1ACffgmy Vun5BvccvFm7LVG/00d2qss= =4qLe -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
* David C. Rankin
[01-25-08 15:59]: When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
! and x are both placeholders in the password field. Play with gpasswd to find out more. It appears that /etc/group is based on the old-style (no /etc/shadow) format of /etc/passwd. The field holds the encrypted password. Unlike the /etc/passwd file, there is now "shadow" to hold the actual (encrypted) password strings. Both x and ! are strings which no password (not even a 1-character password) can be encrypted into. Essentially, this locks the group (you can't chgrp into a group with a password, because nothing you type will, after encryption, match either the x or ! character). ther -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Aaron Kulkis
-
Carlos E. R.
-
David C. Rankin
-
Patrick Shanahan