]> Rafal Maszkowski Creation, 1996 Thomas Kłoczko kloczek@pld.org.pl shadow-utils maintainer, 2000 - 2007 Nicolas François nicolas.francois@centraliens.net shadow-utils maintainer, 2007 - now gpasswd 1 User Commands shadow-utils &SHADOW_UTILS_VERSION; gpasswd administer /etc/group administer /etc/group and /etc/gshadow gpasswd option group The gpasswd command is used to administer /etc/group, and /etc/gshadow. Every group can have administrators, members and a password. System administrators can use the -A option to define group administrator(s) and the -M option to define members. They have all rights of group administrators and members. gpasswd called by a group administrator a system administrator with a group name only prompts for the new password of the group. If a password is set the members can still use newgrp1 without a password, and non-members must supply the password. Group passwords are an inherent security problem since more than one person is permitted to know the password. However, groups are a useful tool for permitting co-operation between different users. Except for the -A and -M options, the options cannot be combined. The options cannot be combined. The options which apply to the gpasswd command are: -a, --add user Add the user to the named group. -d, --delete user Remove the user from the named group. -h, --help Display help message and exit. -Q, --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory. Only absolute paths are supported. -r, --remove-password Remove the password from the named group. The group password will be empty. Only group members will be allowed to use newgrp to join the named group. -R, --restrict Restrict the access to the named group. The group password is set to "!". Only group members with a password will be allowed to use newgrp to join the named group. -A, --administrators user,... Set the list of administrative users. -M, --members user,... Set the list of group members. This tool only operates on the /etc/group and /etc/gshadow files. file. Thus you cannot change any NIS or LDAP group. This must be performed on the corresponding server. The following configuration variables in /etc/login.defs change the behavior of this tool: &ENCRYPT_METHOD; &MAX_MEMBERS_PER_GROUP; &MD5_CRYPT_ENAB; &SHA_CRYPT_MIN_ROUNDS; /etc/group Group account information. /etc/gshadow Secure group account information. newgrp1 , groupadd8 , groupdel8 , groupmod8 , grpck8 , group5 , gshadow5 .