Scroll to navigation

GSHADOW(5) 文件格式和转化 GSHADOW(5)

名称

gshadow - 影子化了的组文件

描述

/etc/gshadow contains the shadowed information for group accounts.

如果没有维护好密码安全,此文件绝对不能让普通用户可读。

此文件的每行包含逗号分隔的如下字段:

组名

必须是系统中已经存在的有效组。

加密了的密码

Refer to crypt(3) for details on how this string is interpreted.

If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password).

The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp(1)).

此字段可以为空,此时,只有组成员可以获取组权限。

A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked.

This password supersedes any password specified in /etc/group.

管理员

必须是一个逗号分隔的用户名列表。

管理员可以更改组密码和成员。

管理员也有成员一样的权限(请看下边)。

成员

必须是一个逗号分隔的用户名列表。

成员可以免密码访问组。

You should use the same list of users as in /etc/group.

文件

/etc/group

组账户信息。

/etc/gshadow

安全组账户信息。

参见

gpasswd(5), group(5), grpck(8), grpconv(8), newgrp(1).

2019-08-07 shadow-utils 4.6