What is the group password in linux?

Designed for programming, automatic code writing robot, free to open. This article introduces the knowledge about what the group password refers to in linux. In the operation of actual cases, many people will encounter such difficulties. Next, let Xiaobian lead you to learn how to deal with these situations! I hope you can read carefully and learn something!

In linux, the group password is the password of the group administrator, and the encrypted group password is saved in the /etc/gshadow file by default. The group password can be set or removed by using the gpasswd command. Just execute the gpasswd group name command to enter the group password setting mode and enter the password twice. Executing gpasswd -r group name command can remove the password of the group, and executing gpasswd -R group name command can invalidate the password of the group.

Operating environment of this tutorial: linux7.3 system and Dell G3 computer.

In linux, the group password is the password of the group administrator.

The user sets the password to verify the user's identity, while the user group sets the password mainly to specify the group administrator.

Because there may be many accounts in the system, the root user may not have time to adjust the user's group. At this time, a group administrator can be assigned to the user group. If a user needs to join or quit a user group, the group administrator of the group can manage it instead of root. However, this function is rarely used at present, and we rarely set group passwords. If you need to give a user the right to adjust a user group, you can use the sudo command instead.

The encrypted group password is saved in the /etc/gshadow file by default.

/etc/gshadow file

Let's take a look at the contents of the /etc/gshadow file with the help of the Vim command:

[root@localhost ~]#vim /etc/gshadow root::: bin:::bin, daemon daemon:::bin, daemon ... omit part of the output ... lamp:! ::

In the file, each line represents the password information of a group of users. Each line of information is divided into four fields with ":"as the separator, and the meaning of each field is as follows:

Group Name: Encryption Password: Group Administrator: Group Additional User List

Group name

Corresponding to the group name in the /etc/group file.

Group password

For most users, the group password is usually not set, so this field is often empty, but sometimes it is "!" , which means that the group has no group password and no group administrator.

Group administrator

From the system administrator's point of view, the biggest function of this file is to create a group administrator. So, what is a group administrator?

Considering that there are too many accounts in Linux system and the super administrator root may be busy, when a user wants to join a group, root may not respond in time. In this case, if there is a group administrator, then he can add users to the groups he manages, which will save the trouble of root.

However, because there are tools such as sudo at present, this function of group administrator is rarely used.

Additional users in the group

This field shows which additional users are in this user group, which is the same as the additional groups in the /etc/group file.

Set or remove the group password --gpasswd command

In order to prevent the system administrator (root) from being too busy to manage the group in time, we can use gpasswd command to set a group administrator for the group to replace root to complete the operation of adding or removing users from the group.

The basic format of the gpasswd command is as follows:

[root@localhost ~]# gpasswd option group name

Table 1 details the options and functions provided by this command.

Table 1 When the options of gpasswd command and its function options are empty, it means that a password is set for the group, which is only available to root users. -A user1, ... gives control of the group to users such as user1, ... for management, that is to say, users such as user1, ... are set as administrators of the group, and only root users are available. -M user1, ... Add user1, ... to this group. Only root users are available. -r Removes the password from the group, which is only available to root users. -R invalidates the password of the group, and only the root user can use it. -a user adds the user user to the group. -d user removes the user user from the group. As can be seen from Table 1, in addition to root managing the group, multiple ordinary users can be set as administrators of the group, but only users can be added to and removed from the group.

[Example 1]

# Create a new group, group1, and give the group to lamp for management. [root@localhost ~]# groupadd group1