Red Hat Enterprise Linux 5 Administration Unleashed

214CHAPTER 9Managing Users and GroupsIt is also possible for the root user (not a group administrator) to modify the members of agroup with the gpasswd -M command, where is a commaseparatedlist of all the users in the group. Notice the word all. When this command isexecuted, the group members list changes to the users listed in this command. Any existingmembers not listed will be removed.To add or change the password for a group, the root user or a group administrator can usethe gpasswd command. When changing the password, the old password isnot needed. To remove the group password, use the gpasswd -r command.If a user is a member of a group, she can use the newgrp command to makethat group her default group for that login session. If the group has a password, the usermust enter the correct password before successfully switching groups. If the group has apassword, users who aren’t members of the group can also make the group their defaultgroup with the newgrp command. If the group doesn’t have a password configured, onlyusers who are members of the group can use the newgrp command to change groups forthat login session. To disable the use of the newgrp command for a group, use the gpasswd-R command.Deleting GroupsTo delete an existing group, use the groupdel command. The group isremoved, and the users in the group are no longer members of the group.How It All WorksA list of all local users is stored in the /etc/passwd file. This file is in plain text format andis readable by anyone logged in to the system because it is referenced by user-accessibleutilities such as ls and who to map user and group IDs to usernames and group names.Each user is listed on a separate line, with the following format:username:password:uid:gid:real_name:/home/directory:shellTable 9.4 describes these fields.TABLE 9.4 /etc/passwd FieldsFieldDescriptionusernameLogin name for the user. Can’t contain spaces or tabs.passwordThe x character that denotes the encrypted password is stored in/etc/shadow. If shadow passwords are not used, this field containsthe encrypted user password.uidUnique integer used as the user ID.gidUnique integer used as the group ID.real_name Full name of the user (not required)./home/directory Full path to the home directory of the user.shellLogin shell for the user. /bin/bash is the default.