Juergen Weigert
SUSE does not have group(1) command. We have groups(1) and newgrp(1) and group(5).
Sorry, I was talkng about newgrp(1).
If you are questioning the behaviour of newgrp, yes, I believe an empty password should mean entering the group without password is permitted.
I don't have any traditional references at hand. Solaris 5.9 man page appears to agrees with our man page, they say:
solaris$ man 1 newgrp A password is demanded if the group has a password and the user is not listed in /etc/group as being a member of that group.
linux$ man 1 newgrp A password is requested if the group has a password and the user is not listed in the group file as being a member of that group.
What is the rationale for disregarding the empty password?
A traditional group looks like this: root::0: other::1:root bin::2:root,daemon sys::3:root,bin,adm adm::4:root,daemon uucp::5:root mail::6:root and is distributed via naming services like NIS. For this reason empty passwd entries are usual. While an empty passwd field in the passwd file means no passwd and grant everybody, the same in the group file means: "Do not allow newgrp". And BTW: Solaris "man group" does not agree with the behavior of the newgrp utility ;-) This is from newgrp.c /* * newgrp [-l | -] [group] * * rules * if no arg, group id in password file is used * else if group id == id in password file * else if login name is in member list * else if password is present and user knows it * else too bad */ Jörg -- EMail:joerg@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin js@cs.tu-berlin.de (uni) joerg.schilling@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org