|
The group file is a local source of group information. The group file can be used in conjunction with other group sources, including the NIS maps group.byname and group.bygid and the NIS+ table group. Programs use the getgrnam(3C) routines to access this information.
The group file contains a one-line entry for each group recognized by the system, of the form:
groupname:password: gid:user-list
where
-
groupname
- The name of the group.
-
gid
- The group's unique numerical ID (GID) within the system.
-
user-list
- A comma-separated list of users allowed in the group.
The maximum value of the gid field is 2147483647. To maximize interoperability and compatibility, administrators are recommended to assign groups using the range of GIDs below 60000 where possible.
If the password field is empty, no password is demanded. During user identification and authentication, the supplementary group access list is initialized sequentially from information in this file. If a user is in more groups than the system is configured for, {NGROUPS_MAX}, a warning will be given
and subsequent group specifications will be ignored.
Malformed entries cause routines that read this file to halt, in which case group assignments specified further along are never made. To prevent this from happening, use grpck(1B) to check the /etc/group database from time to time.
Previous releases used a group entry beginning with a `+' (plus sign) or `-' (minus sign) to selectively incorporate entries from NIS maps for group. If still required, this is supported by specifying group:compat in nsswitch.conf(4). The ``compat'' source may not be supported in future releases. The preferred sources are, ``files'' followed by ``nisplus''. This has the effect of incorporating the entire contents of the NIS+ group table after the group file.
|
