How To Set Password For Group In Linux
Linux gpasswd command
Updated: 08/16/2021 past Reckoner Hope
On Unix-like operating systems, the gpasswd command edits the passwords of groups.
Grouping passwords are stored in the files /etc/grouping and /etc/gshadow./etc/group contains group information, and /etc/gshadow contains encrypted versions of the group data.
Syntax
gpasswd [option] group
Options
(Except for the -A and -M options, the following options cannot exist combined.)
| -a, --add user | Add user to the named group. |
| -d, --delete user | Remove user from the named group. |
| -h, --help | Display assistance message and go out. |
| -Q, --root CHROOT_DIR | Apply changes in the CHROOT_DIR directory and utilize the configuration files from the CHROOT_DIR directory. |
| -r, --remove-countersign group | Remove the password from the named group. The grouping password volition be empty. But grouping members will be allowed to use newgrp to join the named group. |
| -R, --restrict group | Restrict the access to the named grouping. The grouping password is set to "!". Only group members with a password volition be allowed to use newgrp to bring together the named grouping. |
| -A, --administrators user,... | Set the listing of administrative users. |
| -One thousand, --members user,... | Set the list of group members. |
Configuration
The post-obit configuration variables in /etc/login.defs change the behavior of gpasswd:
| proper name | blazon | description |
|---|---|---|
| ENCRYPT_METHOD | string | This defines the system default encryption algorithm for encrypting passwords (if no algorithm is specified on the command line). It tin accept i of these values: DES (default), MD5, SHA256, SHA512. This parameter overrides the MD5_CRYPT_ENAB variable. Annotation: This simply affects the generation of grouping passwords. The generation of user passwords is done by PAM and subject area to the PAM configuration. It is recommended to prepare this variable consistently with the PAM configuration. |
| MAX_MEMBERS_PER_GROUP | number | Maximum members per grouping entry. When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name, same password, and same GID). The default value is 0, meaning that there are no limits in the number of members in a group. This characteristic (split up group) permits to limit the length of lines in the grouping file. This is useful to make certain that lines for NIS groups are not larger than 1024 characters. If you need to enforce such limit, you can use 25. Note: split groups may non be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless it'southward needed. |
| MD5_CRYPT_ENAB | boolean | Indicate if passwords must be encrypted using the MD5-based algorithm. If set to yes, new passwords volition be encrypted using the MD5-based algorithm compatible with the i used by recent releases of FreeBSD. It supports passwords of unlimited length and longer salt strings. Set to no if you demand to copy encrypted passwords to other systems which don't understand the new algorithm. Default value is no. This variable is superseded past the ENCRYPT_METHOD variable or past any command line option used to configure the encryption algorithm. This variable is deprecated. You should use ENCRYPT_METHOD instead. Note: This only affects the generation of group passwords. The generation of user passwords is washed by PAM and bailiwick to the PAM configuration. It is recommended to prepare this variable consistently with the PAM configuration. |
| SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS | number | When ENCRYPT_METHOD is fix to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line). With a lot of rounds, information technology is more difficult to fauna forcefulness the countersign. But note besides that more CPU resources is needed to authenticate users. If not specified, the libc chooses the default number of rounds (5000). The values must be within the grand—999,999,999 range. If simply one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is gear up, then this value is used. If SHA_CRYPT_MIN_ROUNDS is greater than SHA_CRYPT_MAX_ROUNDS, the highest value is used. Annotation: This only affects the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration. |
Examples
gpasswd -a mozart musicians
Adds the user mozart to the group musicians.
gpasswd -A george mathematicians
Give user george administrative rights to the grouping mathematicians.
gpasswd -d hope yankees
Remove user promise from the group yankees.
newgrp — Log into a new group.
groupadd — Add a group to the system.
groupdel — Remove a group from the system.
groupmod — Modify a grouping definition.
How To Set Password For Group In Linux,
Source: https://www.computerhope.com/unix/gpasswd.htm
Posted by: evansthimpubstur.blogspot.com
0 Response to "How To Set Password For Group In Linux"
Post a Comment