group(4) C2 Trusted DG/UX 5.4.2T group(4)
NAME
group - group file
SYNOPSIS
/etc/group
DESCRIPTION
Group is an ASCII file containing a one-line entry for each group
recognized by the system. The file format is as follows:
groupname:password:gid:user-list
where:
groupname The name of the group.
password An encrypted password.
gid The group's numerical ID within the system; it
must be unique.
user-list A comma-separated list of users allowed in the
group.
If the password field is empty, no password is demanded. Because of
the encrypted passwords, the group file can and does have general
read permission and can be used, for example, to map numerical group
IDs to names.
Malformed entries cause routines that read this file to halt, in
which case group assignments specified further along are never made.
grpck can be used to verify entries in the group file. See pwck(1M)
in the System Manager's Reference for the DG/UX System.
On a Trusted DG/UX system, the group file is automatically rewritten
whenever sysadm(1M) is used to add, delete, or modify a user or group
entry in the A&A database. Any changes intended to persist should be
made using sysadm(1M), not in the group file itself. (An exception
is made for a + as the last line of the group file -- see below.)
NOTE: On Standard and Trusted DG/UX systems, the users listed as
members of a specific group in etc/group are only those users
who have that group as a supplementary group. The group list
does not contain the users who have that group as their
primary group. This list is used by the system to initialize
the supplementary group list when a session is created for a
user. If the primary group members were kept in this list,
then, effectively, the number of supplementary groups that a
user could be a member of would be reduced by 1 to 15.
ONC/NFS Features
If you are using the DG/UX Open Network Computing/Network File System
(ONC/NFS), a group file can have a line beginning with a plus sign
(+), which means to incorporate an entry or entries from the Network
Information Service (NIS). There are two styles of + entries. By
itself, + means to insert the entire contents of the NIS group file
at that point; +groupname means to insert the entry (if any) for
groupname. If a + entry has a non-empty password or user-list field,
Licensed material--property of copyright holder(s) 1
group(4) C2 Trusted DG/UX 5.4.2T group(4)
the contents of that field override the corresponding field from the
NIS. The gid field cannot be overridden in this way.
An entry can also begin with a minus (-); -groupname means to
disallow groupname. All subsequent entries for the indicated
groupname, whether originating from the NIS or the local group file,
are ignored.
On a Trusted DG/UX system, only the + by itself is supported, and
only as the last line of the group file. If + is manually inserted
as the last line of the group file (using vi(1), say), that line will
be preserved through any sysadm(1M) activity.
EXAMPLE
primary::10:fred,mary
+
If these entries appear at the end of a group file, then the group
primary will have members fred and mary, and a group ID of 10. All
groups listed in the NIS are pulled in and placed after the entry for
primary.
FILES
/etc/group
SEE ALSO
setgroups(2), crypt(3C), crypt(3X), passwd(4), groups(1), newgrp(1),
passwd(1), su(1), pwck(1M).
Trusted Facility Manual for the B1 Trusted DG/UX System
NOTES
The passwd(1) command won't change group passwords.
Normally, group-ids less than 100 are reserved for system-level use
(DG/UX software).
Licensed material--property of copyright holder(s) 2