group(4) - osol9

1group(4)                         File Formats                         group(4)
2
3
4

NAME

6       group - group file
7

DESCRIPTION

9       The  group  file is a local source of group information. The group file
10       can be used in conjunction with other group sources, including the  NIS
11       maps  group.byname  and  group.bygid,  the  NIS+  table group, or group
12       information stored on an LDAP server.  Programs  use  the  getgrnam(3C)
13       routines to access this information.
14
15
16       The  group  file contains a one-line entry for each group recognized by
17       the system, of the form:
18
19
20       groupname:password: gid:user-list
21
22
23       where
24
25       groupname    The name of the group. A string consisting of  lower  case
26                    alphabetic  characters  and  numeric characters. Neither a
27                    colon (:) nor a NEWLINE can be part of  a  groupname.  The
28                    string  must be less than MAXGLEN-1, usually 8, characters
29                    long.
30
31
32       gid          The group's unique numerical ID (GID) within the system.
33
34
35       user-list    A comma-separated list of users allowed in the group.
36
37
38
39       The maximum value of the gid field is 2147483647. To maximize  interop‐
40       erability  and  compatibility, administrators are recommended to assign
41       groups using the range of GIDs below 60000 where possible.
42
43
44       If the password field is empty, no password is  demanded.  During  user
45       identification  and authentication, the supplementary group access list
46       is initialized sequentially from information in this file. If a user is
47       in  more  groups  than  the  system is configured for, {NGROUPS_MAX}, a
48       warning will be given  and  subsequent  group  specifications  will  be
49       ignored.
50
51
52       Malformed  entries cause routines that read this file to halt, in which
53       case group assignments specified further along are never made. To  pre‐
54       vent  this  from happening, use grpck(1B) to check the /etc/group data‐
55       base from time to time.
56
57
58       If the number of characters in an entry exceeds 2047, group maintenance
59       commands, such as groupdel(1M) and groupmod(1M), fail.
60
61
62       Previous  releases  used a group entry beginning with a `+' (plus sign)
63       or `−' (minus sign) to selectively incorporate entries  from  a  naming
64       service  source  (for  example, an NIS map or data from an LDAP server)
65       for  group.  If  still  required,  this  is  supported  by   specifying
66       group:compat  in  nsswitch.conf(4).  The  compat source may not be sup‐
67       ported in future releases. Possible sources are files followed by  ldap
68       or  nisplus.  This  has the effect of incorporating information from an
69       LDAP server or the entire contents of the NIS+ group  table  after  the
70       group file.
71

EXAMPLES

73       Example 1 Example group File.
74
75
76       The following is an example of a group file:
77
78
79         root::0:root
80         stooges:q.mJzTnu8icF.:10:larry,moe,curly
81
82
83
84
85       and the sample group entry from nsswitch.conf:
86
87
88         group: files ldap
89
90
91
92
93       With these entries, the group stooges will have members larry, moe, and
94       curly, and all groups listed on the LDAP server are effectively  incor‐
95       porated after the entry for stooges.
96
97
98
99       If the group file was:
100
101
102         root::0:root
103         stooges:q.mJzTnu8icF.:10:larry,moe,curly
104         +:
105
106
107
108
109       and the group entry from nsswitch.conf:
110
111
112         group: compat
113
114
115
116
117       all  the  groups  listed  in  the NIS group.bygid and group.byname maps
118       would be effectively incorporated after the entry for stooges.
119
120

NAME

DESCRIPTION

EXAMPLES

SEE ALSO