hpux 10.20 - group (4)
NAME
group, logingroup - group file, grp.h
DESCRIPTION
group contains for each group the following information:
+ group name
+ encrypted password
+ numerical group ID
+ comma-separated list of all users allowed in the group
This is an ASCII file. Fields are separated by colons, and each group
is separated from the next by a new-line. No spaces should separate
the fields or parts of fields on any line. If the password field is
null, no password is associated with the group.
There are two files of this form in the system, /etc/group and
/etc/logingroup. The file /etc/group exists to supply names for each
group, and to support changing groups by means of the newgrp utility
(see newgrp(1)). /etc/logingroup provides a default group access list
for each user via login and initgroups() (see login(1) and
initgroups(3C)).
The real and effective group ID set up by login for each user is
defined in /etc/passwd (see passwd(4)). If /etc/logingroup is empty
or non-existent, the default group access list is empty. If
/etc/logingroup and /etc/group are links to the same file, the default
access list includes the entire set of groups associated with the
user. The group name and password fields in /etc/logingroup are never
used; they are included only to give the two files a uniform format,
allowing them to be linked together.
All group IDs used in /etc/logingroup or /etc/passwd should be defined
in /etc/group. No user should be associated with more than NGROUPS
(see setgroups(2)) groups in /etc/logingroup.
These files reside in directory /etc. Because of the encrypted
passwords, these files can and do have general read permission and can
be used, for example, to map numerical group IDs to names.
The group structure is defined in <grp.h> and includes the following
members:
char *gr_name; /* the name of the group */
char *gr_passwd; /* the encrypted group password */
gid_t gr_gid; /* the numerical group ID */
char **gr_mem; /* null-terminated array of pointers
to member names */
NETWORKING FEATURES
NIS
The /etc/group file can contain a line beginning with a plus (+),
which means to incorporate entries from Network Information Services
(NIS). There are two styles of + entries: + means to insert the
entire contents of NIS group file at that point, and +name means to
insert the entry (if any) for name from NIS at that point. If a +
entry has a non-null password or group member field, the contents of
that field overide what is contained in NIS. The numerical group ID
field cannot be overridden.
A group file can also have a line beginning with a minus (-), these
entries are used to disallow group entries. There is only one style
of - entry; an entry that consists of -name means to disallow any
subsequent entry (if any) for name. These entries are disallowed
regardless of whether the subsequent entry comes from the NIS or the
local group file.
WARNINGS
Group files must not contain any blank lines. Blank lines can cause
unpredictable behavior in system administration software that uses
these files.
Group ID (gid) 9 is reserved for the Pascal Language operating system
and the BASIC Language operating system. These are operating systems
for Series 300/400 computers that can co-exist with HP-UX on the same
disk. Using this gid for other purposes can inhibit file transfer and
sharing.
The length of each line in /etc/group is limited to LINE_MAX, as
defined in <limits.h>. The maximum number of users per group is
(LINE_MAX - 50)/9.
If /etc/group is linked to /etc/logingroup, group membership for a
user is managed by NIS, and no NIS server is able to respond, that
user cannot log in until a server does respond.
DEPENDENCIES
NIS
EXAMPLES
Here is a sample /etc/group file:
other:*:1:root,daemon,uucp,who,date,sync
-oldproj
bin:*:2:root,bin,daemon,lp
+myproject:::bill,steve
+:
Group other has a gid of 1 and members root, daemon, uucp,
who, date, and sync. The group oldproj is ignored since it
appears after the entry -oldproj. Also, the group myproject
has members bill and steve, and the password and group ID of
the NIS entry for the group myproject. All groups listed in
the NIS are pulled in and placed after the entry for
myproject.
WARNINGS
The plus (+) and minus (-) features are part of NIS.
Therefore if NIS is not installed, these features cannot
work.
FILES
/etc/group
/etc/logingroup
SEE ALSO
groups(1), newgrp(1), passwd(1), setgroups(2), crypt(3C),
getgrent(3C), initgroups(3C), passwd(4).
WARNINGS
There is no single tool available to completely ensure that
/etc/passwd, /etc/group, and /etc/logingroup are compatible. However,
pwck and grpck can be used to simplify the task (see pwck(1M) and
grpck(1M)).
There is no tool for setting group passwords in /etc/group.
STANDARDS CONFORMANCE
group: SVID2, SVID3, XPG2