Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sg(C) — OpenDesktop 3.0.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

login(M)

newgrp(C)

sh(C)


 sg(C)                           19 June 1992                           sg(C)


 Name

    sg - set groups

 Syntax

    sg [ -e ] [ -t ] [ -v ] [ -g group ] [ -a grouplist ] [ -r grouplist ]
    [ -s grouplist ] [ -c command ]

 Description

    The sg command allows users to run shells and commands with a different
    group ID and a modified supplemental group list.

    You are limited to working with the groups of which you are a member.

    You are a member of a group if any one of the following conditions is
    true:

    +  You are the super user.  (The super user is considered a member of all
       groups.)

    +  The group is your login group, listed in /etc/passwd.

    +  You are listed as a member of the group in /etc/group.

    +  The group is the current real (RGID) or effective group ID (EGID).

    +  The group is in the current effective supplemental group access list.

    +  The group has a password which you know.


 Options


    -e          Display the supplemental group access list of the current
                process.  This is the default.

    -t          Display the user's login group plus any groups the user is a
                member of in /etc/group.  The super user is considered to be
                a member of all groups listed in the group file.

    -v          Display the new supplemental group access list before each
                command or shell is run. With -a or -s, -v warns if a group
                to be added is already in the supplemental group access list
                or if a group cannot be added because the supplemental group
                access list is full. With the -r option, it warns if a group
                to be removed is not in the supplemental group access list.

    -g group    Set the real and effective group ID to group for subsequent
                commands to be executed by sg.  group can be a group name or
                a group ID, but must be a group of which the user is a
                member.

    -a grouplist
                Add groups to the supplemental group list. See below for the
                syntax of grouplist.

    -r grouplist
                Remove groups from the supplemental group list. See below for
                the syntax of grouplist.  (You do not need to be a member of
                the group being removed. Neither is there a requirement that
                the group being removed is actually in the supplemental group
                list.)

    -s grouplist
                Set the supplemental group list to grouplist.  See below for
                the syntax of grouplist.

    -c command  Pass command to the user's login shell for execution with the
                specifed supplemental group and/or group ID modifications.
                The shell must support the -c command syntax similar to
                sh(C).  Giving the empty string "" as the argument to -c
                causes the user's shell to be run. Exiting that shell will
                resume execution of sg.

    A grouplist is a comma- or whitespace- (tab or space) separated list of
    group names and group IDs. The user must be a member of any groups speci-
    fied in grouplist.

    If group or grouplist are an empty string "", or just contain separators,
    the -s option sets the supplemental group access list to empty, and -a,
    -r, and -s have no effect.

    sg reads its options from left to right and performs them as they are
    read. The -g, -a, -r and -s options are cumulative, but they only take
    effect when a command is executed by the -c option.

    If at least one of the -g, -a, -r or -s options has been specified since
    the previous -c option was performed, and the end of the argument list is
    reached, the user's shell is invoked with the specified group ID and sup-
    plemental group access list.

    When sg terminates, the user's original shell and supplemental group
    access list will be in effect.

 Examples

    Assuming the user is listed as a member of groups work and eng (with
    group IDs of 100 and 200), to execute a shell with both groups added to
    the current supplemental group access list:

       sg -a work,eng  -c ""


    This can also be achieved by:

       sg -a "100 200"


    To execute yourprog with a group ID of 100 and an empty supplemental
    group access list:

       sg -g work -s "" -c yourprog


 Files

    /etc/group      Group file
    /etc/passwd     Password file

 See also

    login(M), newgrp(C), sh(C)

 Diagnostics

    If sg detects an error, it displays an appropriate error message and
    exits with a status greater than zero. If no errors are encountered, sg
    exits with a status of zero.

 Notes

    Each process has a supplemental group access list (maintained by the ker-
    nel), which is used in determining file access permissions in addition to
    the effective group ID. The maximum number of group IDs which can be held
    in the supplemental group access list is defined by the tunable kernel
    parameter NGROUPS.

    sg can potentially output very long lines on systems with a large value
    of NGROUPS configured.  sg executes as setuid zero, resetting the effec-
    tive user ID to the real user ID before executing any commands.

 Authorization

    The execsuid kernel authorization is required to run sg.

 Value added

    sg is an extension of AT&T System V provided by The Santa Cruz Operation,
    Inc.


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026