From 2907e7974924e7e8f1a64874b5c3cb48ebd25d5d Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 13 Jul 2009 01:27:47 +0200
Subject: add comment about /etc/gshadow, no code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 loginutils/addgroup.c | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'loginutils/addgroup.c')

diff --git a/loginutils/addgroup.c b/loginutils/addgroup.c
index e49278efe..215e4a9e0 100644
--- a/loginutils/addgroup.c
+++ b/loginutils/addgroup.c
@@ -79,7 +79,22 @@ static void new_group(char *group, gid_t gid)
 	if (ENABLE_FEATURE_CLEAN_UP)
 		free(p);
 #if ENABLE_FEATURE_SHADOWPASSWDS
-	/* Ignore errors: if file is missing we suppose admin doesn't want it */
+	/* /etc/gshadow fields:
+	 * 1. Group name.
+	 * 2. Encrypted password.
+	 *    If set, non-members of the group can join the group
+	 *    by typing the password for that group using the newgrp command.
+	 *    If the value is of this field ! then no user is allowed
+	 *    to access the group using the newgrp command. A value of !!
+	 *    is treated the same as a value of ! only it indicates
+	 *    that a password has never been set before. If the value is null,
+	 *    only group members can log into the group.
+	 * 3. Group administrators (comma delimited list).
+	 *    Group members listed here can add or remove group members
+	 *    using the gpasswd command.
+	 * 4. Group members (comma delimited list).
+	 */
+	/* Ignore errors: if file is missing we assume admin doesn't want it */
 	update_passwd(bb_path_gshadow_file, group, "!::", NULL);
 #endif
 }
-- 
cgit v1.2.3