1NEWGRP(1P)                 POSIX Programmer's Manual                NEWGRP(1P)
2
3
4

PROLOG

6       This  manual  page is part of the POSIX Programmer's Manual.  The Linux
7       implementation of this interface may differ (consult the  corresponding
8       Linux  manual page for details of Linux behavior), or the interface may
9       not be implemented on Linux.
10

NAME

12       newgrp — change to a new group
13

SYNOPSIS

15       newgrp [-l] [group]
16

DESCRIPTION

18       The newgrp utility shall create a new shell execution environment  with
19       a new real and effective group identification. Of the attributes listed
20       in Section 2.12, Shell Execution Environment, the new  shell  execution
21       environment shall retain the working directory, file creation mask, and
22       exported variables from the previous environment (that is, open  files,
23       traps,  unexported  variables,  alias definitions, shell functions, and
24       set options may be lost). All other aspects of the process  environment
25       that  are preserved by the exec family of functions defined in the Sys‐
26       tem Interfaces volume of POSIX.1‐2017 shall also be preserved  by  new‐
27       grp; whether other aspects are preserved is unspecified.
28
29       A  failure  to  assign  the new group identifications (for example, for
30       security or password-related reasons) shall not prevent the  new  shell
31       execution environment from being created.
32
33       The newgrp utility shall affect the supplemental groups for the process
34       as follows:
35
36        *  On systems where the effective group ID is normally in the  supple‐
37           mentary group list (or whenever the old effective group ID actually
38           is in the supplementary group list):
39
40           --  If the new effective group ID  is  also  in  the  supplementary
41               group list, newgrp shall change the effective group ID.
42
43           --  If the new effective group ID is not in the supplementary group
44               list, newgrp shall add the new effective group ID to the  list,
45               if there is room to add it.
46
47        *  On systems where the effective group ID is not normally in the sup‐
48           plementary group list (or whenever the old effective  group  ID  is
49           not in the supplementary group list):
50
51           --  If  the  new  effective  group ID is in the supplementary group
52               list, newgrp shall delete it.
53
54           --  If the old effective group ID is not in the supplementary list,
55               newgrp shall add it if there is room.
56
57       Note:     The System Interfaces volume of POSIX.1‐2017 does not specify
58                 whether the effective group ID of a process  is  included  in
59                 its supplementary group list.
60
61       With  no  operands, newgrp shall change the effective group back to the
62       groups identified in the user's user entry, and shall set the  list  of
63       supplementary groups to that set in the user's group database entries.
64
65       If the first argument is '-', the results are unspecified.
66
67       If  a password is required for the specified group, and the user is not
68       listed as a member of that group in the group database, the user  shall
69       be  prompted  to enter the correct password for that group. If the user
70       is listed as a member of that group, no password  shall  be  requested.
71       If  no  password is required for the specified group, it is implementa‐
72       tion-defined whether users not listed as  members  of  that  group  can
73       change  to that group. Whether or not a password is required, implemen‐
74       tation-defined system accounting  or  security  mechanisms  may  impose
75       additional  authorization restrictions that may cause newgrp to write a
76       diagnostic message and suppress the changing of the  group  identifica‐
77       tion.
78

OPTIONS

80       The  newgrp  utility  shall  conform  to the Base Definitions volume of
81       POSIX.1‐2017, Section 12.2, Utility Syntax Guidelines, except  for  the
82       unspecified usage of '-'.
83
84       The following option shall be supported:
85
86       -l        (The  letter  ell.)  Change  the environment to what would be
87                 expected if the user actually logged in again.
88

OPERANDS

90       The following operand shall be supported:
91
92       group     A group name  from  the  group  database  or  a  non-negative
93                 numeric  group  ID.  Specifies the group ID to which the real
94                 and effective group IDs shall be set. If group is a non-nega‐
95                 tive  numeric  string  and  exists in the group database as a
96                 group name (see getgrnam()), the numeric group ID  associated
97                 with that group name shall be used as the group ID.
98

STDIN

100       Not used.
101

INPUT FILES

103       The file /dev/tty shall be used to read a single line of text for pass‐
104       word checking, when one is required.
105

ENVIRONMENT VARIABLES

107       The following environment variables shall affect the execution of  new‐
108       grp:
109
110       LANG      Provide  a  default  value for the internationalization vari‐
111                 ables that are unset or null. (See the Base Definitions  vol‐
112                 ume  of POSIX.1‐2017, Section 8.2, Internationalization Vari‐
113                 ables for the precedence  of  internationalization  variables
114                 used to determine the values of locale categories.)
115
116       LC_ALL    If  set  to  a non-empty string value, override the values of
117                 all the other internationalization variables.
118
119       LC_CTYPE  Determine the locale for the interpretation of  sequences  of
120                 bytes of text data as characters (for example, single-byte as
121                 opposed to multi-byte characters in arguments).
122
123       LC_MESSAGES
124                 Determine the locale that should be used to affect the format
125                 and  contents  of  diagnostic  messages  written  to standard
126                 error.
127
128       NLSPATH   Determine the location of message catalogs for the processing
129                 of LC_MESSAGES.
130

ASYNCHRONOUS EVENTS

132       Default.
133

STDOUT

135       Not used.
136

STDERR

138       The  standard  error shall be used for diagnostic messages and a prompt
139       string for a password, if one is required. Diagnostic messages  may  be
140       written  in  cases where the exit status is not available. See the EXIT
141       STATUS section.
142

OUTPUT FILES

144       None.
145

EXTENDED DESCRIPTION

147       None.
148

EXIT STATUS

150       If newgrp succeeds in  creating  a  new  shell  execution  environment,
151       whether  or  not the group identification was changed successfully, the
152       exit status shall be the exit status of the shell. Otherwise, the  fol‐
153       lowing exit value shall be returned:
154
155       >0    An error occurred.
156

CONSEQUENCES OF ERRORS

158       The invoking shell may terminate.
159
160       The following sections are informative.
161

APPLICATION USAGE

163       There is no convenient way to enter a password into the group database.
164       Use of group passwords is not encouraged, because by their very  nature
165       they  encourage  poor security practices. Group passwords may disappear
166       in the future.
167
168       A common implementation of newgrp is that the current shell  uses  exec
169       to overlay itself with newgrp, which in turn overlays itself with a new
170       shell after changing group.  On some implementations, however, this may
171       not occur and newgrp may be invoked as a subprocess.
172
173       The  newgrp command is intended only for use from an interactive termi‐
174       nal. It does not offer a useful interface for the support  of  applica‐
175       tions.
176
177       The  exit status of newgrp is generally inapplicable. If newgrp is used
178       in a script, in most cases it successfully invokes a new shell and  the
179       rest of the original shell script is bypassed when the new shell exits.
180       Used interactively, newgrp displays  diagnostic  messages  to  indicate
181       problems. But usage such as:
182
183
184           newgrp foo
185           echo $?
186
187       is not useful because the new shell might not have access to any status
188       newgrp may have generated (and most historical systems do  not  provide
189       this  status).  A zero status echoed here does not necessarily indicate
190       that the user has changed to the new group successfully. Following new‐
191       grp  with  the  id  command  provides  a  portable means of determining
192       whether the group change was successful or not.
193

EXAMPLES

195       None.
196

RATIONALE

198       Most historical implementations use one of the exec functions to imple‐
199       ment the behavior of newgrp.  Errors detected before the exec leave the
200       environment unchanged, while errors detected after the exec  leave  the
201       user  in a changed environment. While it would be useful to have newgrp
202       issue a diagnostic message  to  tell  the  user  that  the  environment
203       changed,  it would be inappropriate to require this change to some his‐
204       torical implementations.
205
206       The password mechanism is allowed in the group database, but  how  this
207       would be implemented is not specified.
208
209       The  newgrp  utility  was retained in this volume of POSIX.1‐2017, even
210       given the existence of the multiple group permissions  feature  in  the
211       System  Interfaces  volume of POSIX.1‐2017, for several reasons. First,
212       in some implementations, the group ownership of a newly created file is
213       determined  by the group of the directory in which the file is created,
214       as allowed by the System Interfaces volume of  POSIX.1‐2017;  on  other
215       implementations,  the group ownership of a newly created file is deter‐
216       mined by the effective group ID. On implementations of the latter type,
217       newgrp  allows  files  to  be  created with a specific group ownership.
218       Finally, many implementations use the real group ID in accounting,  and
219       on  such  systems, newgrp allows the accounting identity of the user to
220       be changed.
221

FUTURE DIRECTIONS

223       None.
224

SEE ALSO

226       Chapter 2, Shell Command Language, sh
227
228       The Base Definitions volume of  POSIX.1‐2017,  Chapter  8,  Environment
229       Variables, Section 12.2, Utility Syntax Guidelines
230
231       The System Interfaces volume of POSIX.1‐2017, exec, getgrnam()
232
234       Portions  of  this text are reprinted and reproduced in electronic form
235       from IEEE Std 1003.1-2017, Standard for Information Technology --  Por‐
236       table  Operating System Interface (POSIX), The Open Group Base Specifi‐
237       cations Issue 7, 2018 Edition, Copyright (C) 2018 by the  Institute  of
238       Electrical  and  Electronics Engineers, Inc and The Open Group.  In the
239       event of any discrepancy between this version and the original IEEE and
240       The  Open Group Standard, the original IEEE and The Open Group Standard
241       is the referee document. The original Standard can be  obtained  online
242       at http://www.opengroup.org/unix/online.html .
243
244       Any  typographical  or  formatting  errors that appear in this page are
245       most likely to have been introduced during the conversion of the source
246       files  to  man page format. To report such errors, see https://www.ker
247       nel.org/doc/man-pages/reporting_bugs.html .
248
249
250
251IEEE/The Open Group                  2017                           NEWGRP(1P)
Impressum