Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

passwd(1)

su(1V)

getgroups(2V)

crypt(3)

initgroups(3)

group.adjunct(5)

passwd(5)

grpck(8V)

GROUP(5)  —  FILE FORMATS

NAME

group − group file

SYNOPSIS

/etc/group

DESCRIPTION

The group file contains a one-line entry for each group recognized by the system, of the form:

groupname:password: gid:user-list

where:

groupname is the name of the group. 

gid is the group’s numerical ID within the system; it must be unique. 

user-list is a comma-separated list of users allowed in the group. 

If the password field is empty, no password is demanded.  The group file is an ASCII file.  Because of the encrypted passwords, the group file can and does have general read permission, and can be used as a mapping of numerical group IDs to group names. 

A group entry beginning with a ‘+’ (plus sign), means to incorporate an entry or entries from the Network Information Service (NIS) A ‘+’ on a line by itself means to insert the entire contents of the NIS group file at that point in the file.  An entry of the form: ‘+groupname’ means to insert the entry (if any) for groupname.  If a ‘+’ entry has a non-empty password or user-list field, the contents of that field override the corresponding field from the NIS service.  The gid field cannot be overridden in this way. 

An entry of the form: −groupname indicates that the group is disallowed.  All subsequent entries for the indicated groupname, whether originating from the NIS service, or the local group file, are ignored. 

Malformed entries cause routines that read this file to halt, in which case group assignments specified further along are never made.  To prevent this from happening, use grpck(8) to check the /etc/group database from time to time. 

Sun386i systems uses the following group IDs as program privileges:

operator 5 Privilege to do backup as root.
accounts 11 Privilege to update user accounts.
networks 12 Privilege to change network configuration.
devices 13 Privilege to modify printer, terminal, or modem configurations.

On all Sun systems, SunOS uses group ID 0 as privilege to run su(1V). 

EXAMPLE

Here is a sample group file when the group.adjunct file does not exist:

primary:q.mJzTnu8icF.:10:fred,mary
+myproject:::bill,steve
+:

Here is a sample group file when the group.adjunct file does exist:

primary:#$primary:10:fred,mary
+myproject:::bill,steve
+:

If these entries appear at the end of a group file, then the group primary will have members fred and mary, and a group ID of 10.  The group myproject will have members bill and steve, and the password and group ID of the NIS entry for the group myproject.  All groups listed in the NIS service are pulled in and placed after the entry for myproject. 

FILES

/etc/group

SEE ALSO

passwd(1), su(1V), getgroups(2V), crypt(3), initgroups(3), group.adjunct(5), passwd(5), grpck(8V)

NOTES

SunOS releases prior to SunOS 4.0, permitted a user to belong to no more then eight groups at a time.  A user who belongs to more than eight groups may have trouble using the RPC service (and therefore NFS) to communicate with machines running older releases.  In such cases, RPC complains of an "Authentication Error". 

The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP).  The functionality of the two remains the same; only the name has changed. 

BUGS

The passwd(1) command will not change group passwords. 

Sun Release 4.1  —  Last change: 14 December 1987

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026