Linux-for-Sys-Ads/C2/Group-Password-and-Login/English-timed
From Script | Spoken-Tutorial
| Time | Narration |
| 00:01 | Hello and welcome to the spoken tutorial on Group Password and Login. |
| 00:08 | In this tutorial we will learn about
newgrp command |
| 00:14 | Securing a group with password |
| 00:17 | Login to a group as group member |
| 00:20 | Login to a group as non-member |
| 00:24 | We will do this through some examples. |
| 00:28 | To record this tutorial, I am using Ubuntu Linux 16.04 OS |
| 00:35 | To practice this tutorial,
you should have gone through the Linux System Administration tutorials on this website and |
| 00:45 | you must have root access to your computer. |
| 00:49 | Earlier in the series, we had created two users, suraj and testmod. |
| 00:56 | Let us check the status of these users. |
| 01:00 | Open the Terminal by pressing Ctrl, Alt and T keys simultaneously on the keyboard. |
| 01:09 | First, login as superuser or root user. |
| 01:16 | Here onwards, please remember to press the Enter key after typing each command. |
| 01:23 | Now type id space suraj |
| 01:28 | The output indicates that Suraj belongs to primary group CSE. |
| 01:34 | He is not a member of any additional supplementary group. |
| 01:39 | Now type id space testmod |
| 01:44 | The output shows that user testmod belongs to primary group Electronics. |
| 01:51 | He is also a member of two supplementary groups - music_club and literature_club |
| 02:00 | For this demonstration, we will use the group music_club. |
| 02:06 | We will first check the details of the group music_club. |
| 02:11 | Type the command as shown |
| 02:15 | The output shows the details of the group music_club. |
| 02:20 | Here the value of the second field i.e. the password field is x. |
| 02:26 | So, for password details we have to refer to the /etc/gshadow file. |
| 02:34 | Type the command as shown. |
| 02:38 | Here, the value of the second field is an exclamation mark. |
| 02:43 | This means that the password is either invalid or not set. |
| 02:49 | Also, we can see that testmod is listed as a member of the group music_club. |
| 02:56 | It is clear that the group music_club does not have a valid password. |
| 03:03 | Now, let us check how a member like testmod and a non-member like suraj can login to this group. |
| 03:12 | For login to a group, we will use newgrp command. |
| 03:17 | The newgrp command is used to change the current group ID during a login session. |
| 03:24 | The syntax of newgrp command is- newgrp space hyphen space Newgroup |
| 03:33 | Here, hyphen and Newgroup are optional parameters |
| 03:39 | Newgroup is either a group ID number or a group name located in /etc/group. |
| 03:47 | Then newgrp refers to the file /etc/passwd for the particular entry of the user. |
| 03:57 | And changes the current group to the default group listed in the file /etc/passwd for the user. |
| 04:07 | Optional hyphen flag re-initializes the user's environment as though the user has just logged in. |
| 04:16 | Otherwise, the current environment remains unchanged. |
| 04:21 | For the demonstration in this tutorial, we will always use the hyphen flag. |
| 04:27 | Let me try to login to the group music_club as a member, say testmod. |
| 04:34 | For this we have to login to user account testmod |
| 04:39 | We will open a new terminal window for this. |
| 04:43 | Right click on the terminal. |
| 04:45 | From the pop-up select Open Terminal. |
| 04:50 | From this point onwards, we will use both these terminals. |
| 04:55 | We will switch from one terminal to another terminal for demonstration purpose. |
| 05:01 | In the new terminal we are logged in as user spoken. |
| 05:06 | Now, let me login as user testmod. |
| 05:12 | Then type id |
| 05:15 | music_club is listed as one of the supplementary groups. |
| 05:21 | In order to login to group music_club, type- newgrp space hyphen space music underscore club |
| 05:33 | The command has executed without any error. |
| 05:37 | Type id once again. |
| 05:40 | Notice now that our current group is music_club. |
| 05:45 | Earlier it was Electronics. |
| 05:49 | So, our current group has changed. |
| 05:51 | We are logged in to music_club. |
| 05:57 | This login session will continue until we execute the exit command. |
| 06:03 | So, let’s now type exit command |
| 06:07 | Recall the id command |
| 06:10 | Now, our current group is Electronics. |
| 06:14 | To exit from this user login session, type exit. |
| 06:19 | Notice that the terminal prompt has changed. |
| 06:22 | Currently, we are logged in as user spoken. |
| 06:27 | Now, let’s see how a non-member like suraj can login to the group music_club. |
| 06:35 | Let us try to use the same newgrp command for this purpose. |
| 06:40 | Let me login as user suraj |
| 06:46 | We are logged in as suraj. |
| 06:50 | Type id |
| 06:52 | Notice that our current group is CSE. |
| 06:56 | And there are no supplementary groups listed. |
| 07:00 | So, it's clear that suraj is not member of the group music_club. |
| 07:07 | Let me login to group music_club |
| 07:12 | It is asking the password. But we haven’t set any valid password for the group music_club. |
| 07:20 | We cannot login to the group music_club. |
| 07:24 | Press Control and D keys together to exit the group login process. |
| 07:31 | Now exit from the user login session |
| 07:36 | We are back to the user account spoken. |
| 07:40 | From this we understand that if a group does not have a valid password set, |
| 07:47 | then only a group member can use newgrp - group command to login to the group. |
| 07:55 | Non-members cannot login to the group. |
| 07:59 | So, let us secure the group access with a password. |
| 08:04 | Superuser or group administrator can use gpasswd space Newgroup to set or change the password of a group. |
| 08:15 | Newgroup is either a group ID or a group name that you have to write in the command. |
| 08:22 | We will discuss about the group administrator in a separate tutorial later. |
| 08:27 | Let us now try to set the password as superuser. |
| 08:32 | Switch to the terminal in which we have logged in as a root user. |
| 08:37 | To set the password for the group music_club, type gpasswd space the name of the group that is music underscore club |
| 08:49 | Type group password as pass underscore music
Press Enter |
| 08:56 | Retype the same password and press Enter. |
| 09:01 | Now we will repeat the login process to the group music_club as a member and also as a non-member. |
| 09:09 | Switch to the other terminal where we have logged in as user spoken |
| 09:15 | Let me login as user testmod. |
| 09:20 | Now login to the group music_club
The command has executed without any error. |
| 09:29 | Type id |
| 09:31 | Notice that our current group is now music_club. |
| 09:36 | So what do we understand from this? |
| 09:39 | Even though the group has a password, group members will not be prompted to provide the password while logging in. |
| 09:48 | Exit from the group login session, |
| 09:51 | Exit from the user testmod. |
| 09:55 | We are back to the user prompt spoken. |
| 09:59 | Now, suraj is a non-member for the group music_club. |
| 10:05 | Let’s see if suraj can use the same newgrp command to login to the group. |
| 10:11 | login as user suraj |
| 10:15 | Type the id command |
| 10:18 | As we know suraj is not a member of any supplementary group. |
| 10:23 | Now login to the group music_club, |
| 10:28 | It is asking for a password. |
| 10:30 | Type pass underscore music which we set just now. |
| 10:36 | The command has executed without any error. |
| 10:40 | Type id command |
| 10:43 | Notice, our current group is now music_club. |
| 10:48 | So what do we understand from this? If the group has a password set,
Non-members have to provide the correct password in order to login to the group. |
| 10:59 | To switch back to your original login group, type newgrp |
| 11:05 | Now, newgrp command is used without any argument. |
| 11:10 | It should change the current group to the default group for user suraj. |
| 11:16 | As we know the default or primary group for user suraj is CSE.
Let me check that. |
| 11:23 | Type the id command. |
| 11:26 | Notice, our current group is now CSE. |
| 11:30 | Exit from the group CSE login session |
| 11:34 | Exit from the group music_club login session |
| 11:39 | Now exit from the user login session. |
| 11:43 | We are back to the user session spoken |
| 11:47 | A note on group password: |
| 11:50 | If the user is root, he or she will not be prompted for a password. |
| 11:56 | If there is no group password set and the user is not listed as a member of the group. |
| 12:02 | Then the user will be denied access |
| 12:06 | Non-root users will be prompted for a group password |
| 12:10 | if the user is not listed as a group member and the group has a password. |
| 12:17 | Notice that more than one person is permitted to know the group password. |
| 12:23 | So, group password has an inherent security problem. |
| 12:29 | However, groups are a useful tool for permitting cooperation between different users. |
| 12:36 | Switch to the terminal, in which we have logged in as a root user. |
| 12:41 | Exit from the root user. |
| 12:44 | This brings us to the end of this tutorial.
Let us summarize. |
| 12:50 | In this tutorial we learnt about-
newgrp command |
| 12:55 | Securing a group with password |
| 12:58 | Login to a group as a group member |
| 13:01 | Login to a group as a non-member |
| 13:05 | As an assignment-
Create a new group accounts for the college database. |
| 13:12 | Give a suitable password for the group created. |
| 13:16 | Create two users: rekha and sheetal. |
| 13:21 | Check details of user rekha using the command id. |
| 13:26 | Add rekha as a member of the group. |
| 13:30 | Check how the user rekha can login to the group accounts. |
| 13:35 | Check how the user sheetal can login to the group accounts. |
| 13:40 | At every step, check the details of group accounts from /etc/gshadow file. |
| 13:48 | The video at the following link summarises the Spoken Tutorial project.
Please download and watch it. |
| 13:56 | The Spoken Tutorial Project team conducts workshops using spoken tutorials and gives certificates.
For more details, please write to us. |
| 14:08 | Pls post your timed queries in this Forum. |
| 14:12 | Spoken Tutorial Project is funded by NMEICT, MHRD, Government of India. |
| 14:18 | The script has been contributed by Antara. And this is Praveen from IIT Bombay signing off.
Thanks for joining. |
