Group Password in Unix

Posted on 2006-05-17
Last Modified: 2010-04-21
1) Why Group password is hardly used in Unix?
2) In /etc/group all my groups do not have password i.e
<groupname>: :<users> -> the password's field is blank, in this case I believe that the password is not set, but why if users would like to change group i.e newgrp <group> they asked for a password? I checked on /etc/gshadow the following group does not have encrypted password in the file.
3) Suppose that I add a new group by runnning command like
groupadd <newgroup>, How to add a new group without having set a new password for them?
Question by:kecoak
    LVL 61

    Expert Comment

    1) Because it serves almost no purpose, and complexizes process management.
    2) Please post output of "uname -a" for more exlanation. Behavior is system-specific.
    3) read (2), and who are "them" ???
    LVL 6

    Accepted Solution

    to understand group password:

    Usually, you'll want to change into only these groups in which you're already a member; that is, groups that have your username mentioned on their line in the /etc/group file. However, the newgrp command also allows you to change into a group of which you're not normally a member. For this purpose, UNIX uses the group password field of the /etc/group file. If you try to change into a group of which you're not a member, the newgrp command will prompt you for that group's password. If the password you type agrees with the password for the group stored in the /etc/group file, the newgrp command temporarily puts you into the group by spawning a subshell with that group:

    $ newgrp fiction
    password: rates34
    You're now free to exercise all of the rights and privileges of the fiction group.

    LVL 61

    Expert Comment

    Depending on system type it may or may not work.

    Author Comment

    Slackware 10.2
    LVL 61

    Expert Comment

    as bira described then.
    LVL 51

    Expert Comment

    unix/linux do not have something like "group passwords", use ACLs for that

    Expert Comment

    1) It's a security risk!

    2) see above

    3) see above

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
    A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now