Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!decuac!macom1!michael From: michael@macom1.UUCP (Michael Mullins) Newsgroups: comp.unix.questions Subject: Re: Passwords in /etc/group Message-ID: <207@macom1.UUCP> Date: Thu, 25-Jun-87 08:48:50 EDT Article-I.D.: macom1.207 Posted: Thu Jun 25 08:48:50 1987 Date-Received: Sat, 27-Jun-87 01:08:30 EDT References: <5740010@hpfcdc.HP.COM> Organization: CENTEL Business Information Systems INC.,Rockville, MD. Lines: 45 in article <5740010@hpfcdc.HP.COM>, rml@hpfcdc.HP.COM (Bob Lenk) says: >>>Does any system software muck with the passwords in /etc/group? I'm new >>>to administering Unix, and I'd like to know what's up with groups. > >> In a word, no. There is provision for passwords in the group structure, but >>there is nothing provided to put the passwords in there. It is possible to put >>a password into /etc/group by copying a known password from /etc/passwd into >>the appropriate field, but this is an awful kludge. The simplest answer is: >>don't bother with passwords in /etc/group. >> My comments apply to all BSD4.n systems and right back to v6, and I think to >>system V and its derivatives as well. > > The above is correct with respect to System V et. al. as far as software > setting up passwords. However, System V, System III, V7, V6 (and quite > possibly pre-4.2 BSD systems) have newgrp(1) which uses the password if > it exists. This may be a little novice sounding to all the experts on the net, but .... I have found that the best way to assign a password to a group, short of writing a special utility to assign one, is to force a password change from 'root' on one of the system users like 'bin'. (Usualy the password field for this user is set: "**NO WAY**" or "NOLOGIN", neither of which could be processed properly by the login process.) Once the password is assigned, I "vi /etc/passwd" and yank the password field, then change the field back to "**NO WAY**, then ":e /etc/group" (edit new file) move to the password field of the group in question and use the put function of vi. At this point, the password you assigned earlier is now in affect for that group. I guess I left out two important steps, in the case of "/etc/passwd", make sure you write! the new file before calling "/etc/group", you don't want someone to even be capable to login as this user! Also, of course save the "/etc/group" file. As I said, this is the best way (for me) short of writing a special utility to change the group password. The above could be converted to a using the text processing utils, or "ed", it's really a matter of how often you plan to assign/change group passwords. john m mullins Disclaimer: ... Yah, yah, that's the ticket!