Linux-for-Sys-Ads/C2/Group-Password-and-Login/English-timed

From Script | Spoken-Tutorial
Jump to: navigation, search
Time Narration
00:01 Hello and welcome to the spoken tutorial on Group Password and Login.
00:08 In this tutorial we will learn about

newgrp command

00:14 Securing a group with password
00:17 Login to a group as group member
00:20 Login to a group as non-member
00:24 We will do this through some examples.
00:28 To record this tutorial, I am using Ubuntu Linux 16.04 OS
00:35 To practice this tutorial,

you should have gone through the Linux System Administration tutorials on this website and

00:45 you must have root access to your computer.
00:49 Earlier in the series, we had created two users, suraj and testmod.
00:56 Let us check the status of these users.
01:00 Open the Terminal by pressing Ctrl, Alt and T keys simultaneously on the keyboard.
01:09 First, login as superuser or root user.
01:16 Here onwards, please remember to press the Enter key after typing each command.
01:23 Now type id space suraj
01:28 The output indicates that Suraj belongs to primary group CSE.
01:34 He is not a member of any additional supplementary group.
01:39 Now type id space testmod
01:44 The output shows that user testmod belongs to primary group Electronics.
01:51 He is also a member of two supplementary groups - music_club and literature_club
02:00 For this demonstration, we will use the group music_club.
02:06 We will first check the details of the group music_club.
02:11 Type the command as shown
02:15 The output shows the details of the group music_club.
02:20 Here the value of the second field i.e. the password field is x.
02:26 So, for password details we have to refer to the /etc/gshadow file.
02:34 Type the command as shown.
02:38 Here, the value of the second field is an exclamation mark.
02:43 This means that the password is either invalid or not set.
02:49 Also, we can see that testmod is listed as a member of the group music_club.
02:56 It is clear that the group music_club does not have a valid password.
03:03 Now, let us check how a member like testmod and a non-member like suraj can login to this group.
03:12 For login to a group, we will use newgrp command.
03:17 The newgrp command is used to change the current group ID during a login session.
03:24 The syntax of newgrp command is- newgrp space hyphen space Newgroup
03:33 Here, hyphen and Newgroup are optional parameters
03:39 Newgroup is either a group ID number or a group name located in /etc/group.
03:47 Then newgrp refers to the file /etc/passwd for the particular entry of the user.
03:57 And changes the current group to the default group listed in the file /etc/passwd for the user.
04:07 Optional hyphen flag re-initializes the user's environment as though the user has just logged in.
04:16 Otherwise, the current environment remains unchanged.
04:21 For the demonstration in this tutorial, we will always use the hyphen flag.
04:27 Let me try to login to the group music_club as a member, say testmod.
04:34 For this we have to login to user account testmod
04:39 We will open a new terminal window for this.
04:43 Right click on the terminal.
04:45 From the pop-up select Open Terminal.
04:50 From this point onwards, we will use both these terminals.
04:55 We will switch from one terminal to another terminal for demonstration purpose.
05:01 In the new terminal we are logged in as user spoken.
05:06 Now, let me login as user testmod.
05:12 Then type id
05:15 music_club is listed as one of the supplementary groups.
05:21 In order to login to group music_club, type- newgrp space hyphen space music underscore club
05:33 The command has executed without any error.
05:37 Type id once again.
05:40 Notice now that our current group is music_club.
05:45 Earlier it was Electronics.
05:49 So, our current group has changed.
05:51 We are logged in to music_club.
05:57 This login session will continue until we execute the exit command.
06:03 So, let’s now type exit command
06:07 Recall the id command
06:10 Now, our current group is Electronics.
06:14 To exit from this user login session, type exit.
06:19 Notice that the terminal prompt has changed.
06:22 Currently, we are logged in as user spoken.
06:27 Now, let’s see how a non-member like suraj can login to the group music_club.
06:35 Let us try to use the same newgrp command for this purpose.
06:40 Let me login as user suraj
06:46 We are logged in as suraj.
06:50 Type id
06:52 Notice that our current group is CSE.
06:56 And there are no supplementary groups listed.
07:00 So, it's clear that suraj is not member of the group music_club.
07:07 Let me login to group music_club
07:12 It is asking the password. But we haven’t set any valid password for the group music_club.
07:20 We cannot login to the group music_club.
07:24 Press Control and D keys together to exit the group login process.
07:31 Now exit from the user login session
07:36 We are back to the user account spoken.
07:40 From this we understand that if a group does not have a valid password set,
07:47 then only a group member can use newgrp - group command to login to the group.
07:55 Non-members cannot login to the group.
07:59 So, let us secure the group access with a password.
08:04 Superuser or group administrator can use gpasswd space Newgroup to set or change the password of a group.
08:15 Newgroup is either a group ID or a group name that you have to write in the command.
08:22 We will discuss about the group administrator in a separate tutorial later.
08:27 Let us now try to set the password as superuser.
08:32 Switch to the terminal in which we have logged in as a root user.
08:37 To set the password for the group music_club, type gpasswd space the name of the group that is music underscore club
08:49 Type group password as pass underscore music

Press Enter

08:56 Retype the same password and press Enter.
09:01 Now we will repeat the login process to the group music_club as a member and also as a non-member.
09:09 Switch to the other terminal where we have logged in as user spoken
09:15 Let me login as user testmod.
09:20 Now login to the group music_club

The command has executed without any error.

09:29 Type id
09:31 Notice that our current group is now music_club.
09:36 So what do we understand from this?
09:39 Even though the group has a password, group members will not be prompted to provide the password while logging in.
09:48 Exit from the group login session,
09:51 Exit from the user testmod.
09:55 We are back to the user prompt spoken.
09:59 Now, suraj is a non-member for the group music_club.
10:05 Let’s see if suraj can use the same newgrp command to login to the group.
10:11 login as user suraj
10:15 Type the id command
10:18 As we know suraj is not a member of any supplementary group.
10:23 Now login to the group music_club,
10:28 It is asking for a password.
10:30 Type pass underscore music which we set just now.
10:36 The command has executed without any error.
10:40 Type id command
10:43 Notice, our current group is now music_club.
10:48 So what do we understand from this? If the group has a password set,

Non-members have to provide the correct password in order to login to the group.

10:59 To switch back to your original login group, type newgrp
11:05 Now, newgrp command is used without any argument.
11:10 It should change the current group to the default group for user suraj.
11:16 As we know the default or primary group for user suraj is CSE.

Let me check that.

11:23 Type the id command.
11:26 Notice, our current group is now CSE.
11:30 Exit from the group CSE login session
11:34 Exit from the group music_club login session
11:39 Now exit from the user login session.
11:43 We are back to the user session spoken
11:47 A note on group password:
11:50 If the user is root, he or she will not be prompted for a password.
11:56 If there is no group password set and the user is not listed as a member of the group.
12:02 Then the user will be denied access
12:06 Non-root users will be prompted for a group password
12:10 if the user is not listed as a group member and the group has a password.
12:17 Notice that more than one person is permitted to know the group password.
12:23 So, group password has an inherent security problem.
12:29 However, groups are a useful tool for permitting cooperation between different users.
12:36 Switch to the terminal, in which we have logged in as a root user.
12:41 Exit from the root user.
12:44 This brings us to the end of this tutorial.

Let us summarize.

12:50 In this tutorial we learnt about-

newgrp command

12:55 Securing a group with password
12:58 Login to a group as a group member
13:01 Login to a group as a non-member
13:05 As an assignment-

Create a new group accounts for the college database.

13:12 Give a suitable password for the group created.
13:16 Create two users: rekha and sheetal.
13:21 Check details of user rekha using the command id.
13:26 Add rekha as a member of the group.
13:30 Check how the user rekha can login to the group accounts.
13:35 Check how the user sheetal can login to the group accounts.
13:40 At every step, check the details of group accounts from /etc/gshadow file.
13:48 The video at the following link summarises the Spoken Tutorial project.

Please download and watch it.

13:56 The Spoken Tutorial Project team conducts workshops using spoken tutorials and gives certificates.

For more details, please write to us.

14:08 Pls post your timed queries in this Forum.
14:12 Spoken Tutorial Project is funded by NMEICT, MHRD, Government of India.
14:18 The script has been contributed by Antara. And this is Praveen from IIT Bombay signing off.

Thanks for joining.

Contributors and Content Editors

PoojaMoolya