The group file contains a one-line entry for each group recognized by the system, of the form:
groupname:password:gid:user-list
where:
If the password field is empty, no password is demanded. The group file is an ASCII file. Because of the encrypted passwords, the group file can and does have general read permission, and can be used as a mapping of numerical group IDs to group names.
A group entry beginning with a `+' (plus sign), means to incorporate an entry or entries from the Network Information Service (NIS) A `+' on a line by itself means to insert the entire contents of the NIS group file at that point in the file. An entry of the form: `+groupname' means to insert the entry (if any) for groupname. If a `+' entry has a non-empty password or user-list field, the contents of that field override the corresponding field from the NIS service. The gid field cannot be overridden in this way.
An entry of the form: -groupname indicates that the group is disallowed. All subsequent entries for the indicated groupname, whether originating from the NIS service, or the local group file, are ignored.
Malformed entries cause routines that read this file to halt, in which case group assignments specified further along are never made. To prevent this from happening, use grpck.8 to check the /etc/group database from time to time.
Sun386i systems uses the following group IDs as program privileges:
operator 5 Privilege to do backup as root. accounts 11 Privilege to update user accounts. networks 12 Privilege to change network configuration. devices 13 Privilege to modify printer, terminal, or modem configurations.
On all Sun systems, SunOS uses group ID 0 as privilege to run su.1v
Here is a sample group file when the group.adjunct file does not exist:
primary:q.mJzTnu8icF.:10:fred,mary +myproject:::bill,steve +:
primary:#$primary:10:fred,mary +myproject:::bill,steve +:
SunOS releases prior to SunOS 4.0, permitted a user to belong to no more then eight groups at a time. A user who belongs to more than eight groups may have trouble using the RPC service (and therefore NFS) to communicate with machines running older releases. In such cases, RPC complains of an "Authentication Error".
The Network Information Service (NIS) was formerly known as Sun Yellow Pages (YP). The functionality of the two remains the same; only the name has changed.
The passwd.1 command will not change group passwords.
Created by unroff & hp-tools. © somebody (See intro for details). All Rights Reserved. Last modified 11/5/97