Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ group(5) — AIX/RT 2.2.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

passwd

newgrp

passwd

users

group

Purpose

     Identifies a group.

Description

     Users  can be  assigned to  one or  more groups,  each of
     which  share certain  protection privileges.   The person
     who sets  up the system  may want  to place users  in the
     same group  because they need  access to a common  set of
     files.   Similarly, a  certain  group of  users can  have
     access restricted to certain files.

     When users log in, they  are assigned to the group speci-
     fied  in  the  password  file.   In  addition,  they  are
     assigned  as a  member of  all groups  specified in  this
     file.  Users are allowed to  access to any files that the
     group to  which they  are assigned has  access.  However,
     any files created by the user can be accessed only by the
     members  of the  primary group  of which  that user  is a
     member.  A  user is allowed  to change his  primary group
     for the duration of the terminal session using the newgrp
     command.

     The group file defines to which groups a user has member-
     ship.  Each  line in this  file defines a group  and con-
     sists of  four fields  separated by colons.   It contains
     the following information for each group:

     group name        A character  string of up to  8 charac-
                       ters that references the group.

     password          This  field is  &c2del.  optional.   If
                       specified,  anyone attempting  to enter
                       the  group  must correctly  supply  the
                       password   to   the  system.    &c2off.
                       &c2ins.  not used.   (See "s_group" for
                       information on the group pasword file.)
                       &c2off.

     group ID          A number assigned to the group and used
                       in access decisions.

     user group list   A list  that specifies the  login names
                       of  all  users  allowed in  the  group.
                       User IDs  in the list are  separated by
                       commas.   The   user  group   list  may
                       contain up to 500 eight-character login
                       names.

     In newly  distributed systems,  there are  typically only
     two groups:  the  staff group and the  system group.  New
     users can be added to groups  and new groups can be added
     as necessary.

     If  several  users wish  to  share  the same  privileges,
     including the ability to terminate each other's processes
     as well as to access the files of others, the same numer-
     ical user ID can be  assigned to each.  This mechanism is
     sometimes used  to give the same  person several accounts
     on  the system,  each  with  potentially different  login
     directories and other characteristics, such as electronic
     mailboxes or  login programs.  For example,  the operator
     has the same user  ID, and therefore superuser authority.
     However,  this  operator   typically  uses  a  restricted
     version of  the shell that  does not give access  to com-
     mands that allow reading the files of others.

Example

     The following is an example of  a group file.  This is an
     ASCII file.  Each  group is separated from the  next by a
     new-line character.  The fields  are separated by colons.
     This file resides in /etc/group.  Because the password is
     encrypted, it can  be used to map numerical  group IDs to
     names without concern of compromise to user security.

          system::0:su,bill,jack,gary
          staff::1:
          bin::2:su,bin
          sys::3:su,bin.sys
          adm::4:su,bin,adm
          mail::6:su
          usr::100:guest

File

     /etc/group

Related Information

     In this book:  "passwd."

     The newgrp,  passwd, and users commands  in AIX Operating
     System Commands Reference.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026