[opensuse] Difference between Yast->Group Mgmt. and groupadd
Listmates, When adding a group with Yast, the group is added with an 'x' for the unset password: ochiltree:x:1002:david If the group is added with 'groupadd' an '!' is used for the password: dcr:!:1051:david Why? What is the difference? -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 * David C. Rankin <drankinatty@suddenlinkmail.com> [01-25-08 15:59]:
When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess". - -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFHmlQ5ClSjbQz1U5oRAsLEAJ9vOzi42j1IaBzOI+WYfn66Jp57ugCgreUa 1Y5ggLw7b4gFVMwJXJtmD8Y= =oYz6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
* David C. Rankin <drankinatty@suddenlinkmail.com> [01-25-08 15:59]:
When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
And, from where did you glean your guess old wise one?? groupadd(8) NAME groupadd - create a new group entry SYNOPSIS groupadd [-D binddn] [-P path] [-g gid [-o]] [-p password] [-r] [--service service] [--help] [--usage] [-v] group DESCRIPTION groupadd creates a new group entry using the values specified on the command line. Depending on the command line options the new entry will be added to the system files or LDAP database. The group name must begin with an alphabetic character and the rest of the string should be from the POSIX portable character class ([A-Za-z_][A-Za-z0-9_-.]*). OPTIONS -g, --gid gid Force the new group ID to be the given number. This value must be positive and unique. The default is to use the first free ID after the greatest used one. The range from which the group ID is choosen can be specified in /etc/login.defs. -o, --non-unique Allow duplicate (non-unique) group IDs. -p, --password password Encrypted password as returned by crypt(3) for the new account. The default is to disable the account. -r, --system Create a system group. A system group is an entry with an GID between SYSTEM_GID_MIN and SYS- TEM_GID_MAX as defined in /etc/login.defs, if no GID is specified. --service service Add the group to a special directory. The default is files, but ldap is also valid. -D, --binddn binddn Use the Distinguished Name binddn to bind to the LDAP directory. The user will be prompted for a password for simple authentication. -P, --path path The group file is located below the specified directory path. groupadd will use this files, not /etc/group. --help Print a list of valid options with a short description. --usage Print a short list of valid options. -v, --version Print the version number and exit. FILES /etc/group - group account information SEE ALSO login.defs(5), group(5), groupdel(8), groupmod(8) AUTHOR Thorsten Kukuk <kukuk@suse.de> pwdutils December 2003 groupadd(8) GROUP(5) NAME group - user group file DESCRIPTION /etc/group is an ASCII file which defines the groups to which users belong. There is one entry per line, and each line has the format: group_name:passwd:GID:user_list The field descriptions are: group_name the name of the group. password the (encrypted) group password. If this field is empty, no password is needed. GID the numerical group ID. user_list all the group member's user names, separated by commas. FILES /etc/group BUGS As the 4.2BSD initgroups(3) man page says: No-one seems to keep /etc/group up-to-date. SEE ALSO login(1), newgrp(1), passwd(5) -- David C. Rankin, J.D., P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2008-01-25 at 22:44 -0600, David C. Rankin wrote:
Patrick Shanahan wrote:
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
And, from where did you glean your guess old wise one??
:-) Perhaps:
-p, --password password Encrypted password as returned by crypt(3) for the new account. The default is to disable the account.
? passwd(5) has some more info, but dispersed: These days many people run some version of the shadow password suite, where /etc/passwd has asterisks (*) instead of encrypted passwords, and the encrypted passwords are in /etc/shadow which is readable by the superuser only. So, * is for encripted passwords in /etc/shadow The field descriptions are: ... password the encrypted user password, an asterisk (*), or the letter 'x'. (See pwconv(8) for an explanation of 'x'.) So, there is more in pwconv(8). [...] No, I don't find any reference to !,* etc. Only 'x': This value indicates that the password for the user is already in /etc/shadow and should not be modified. So, I "guess" that ... No, I can't guess what is the difference betweeen '*' and 'x', and no idea about '!'. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHmwpdtTMYHG2NR9URAkPQAJ941/bxBK2BVa9ndsl4wUrGnlQ7BQCdHT/M Ny8O2qtKnshNQTI3uIoOeIw= =Mj95 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 * David C. Rankin <drankinatty@suddenlinkmail.com> [01-25-08 23:50]: ...
And, from where did you glean your guess old wise one??
Praise is not necessary, cash will suffice. - -- Patrick Shanahan Plainfield, Indiana, USA HOG # US1244711 http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://counter.li.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFHm6LXClSjbQz1U5oRAq4vAJwKaVx8JNHOukxuihJ3fm5L5UCo1ACffgmy Vun5BvccvFm7LVG/00d2qss= =4qLe -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Patrick Shanahan wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
* David C. Rankin <drankinatty@suddenlinkmail.com> [01-25-08 15:59]:
When adding a group with Yast, the group is added with an 'x' for the unset password:
ochiltree:x:1002:david
If the group is added with 'groupadd' an '!' is used for the password:
dcr:!:1051:david
Why? What is the difference?
a guess from scanning the man pages (which *are* available), groupadd defaults to disabling the account. I said "a guess".
! and x are both placeholders in the password field. Play with gpasswd to find out more. It appears that /etc/group is based on the old-style (no /etc/shadow) format of /etc/passwd. The field holds the encrypted password. Unlike the /etc/passwd file, there is now "shadow" to hold the actual (encrypted) password strings. Both x and ! are strings which no password (not even a 1-character password) can be encrypted into. Essentially, this locks the group (you can't chgrp into a group with a password, because nothing you type will, after encryption, match either the x or ! character). ther -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Aaron Kulkis -
Carlos E. R. -
David C. Rankin -
Patrick Shanahan