Professional Documents
Culture Documents
Groups Onepager
Groups Onepager
###############################################################################
Each and every file and directory, in a unix system, has a user-owner, which matches
one of the user-accounts defined in the system's /etc/passwd file. This user-owner attribute
determines basic control-of and access-to any file or directory. Besides a user-owner, there
is also a group, which (a) is also attached to any file or directory and (b) contains zero or
more user-accounts as "members". Groups and their members are defined in the /etc/group file
and also contribute to the control-of and access-to any file or directory.
There are three categories of groups: primary, secondary, and active.
A user's primary group membership (only one) is defined in the 4th field of the
/etc/passwd file --e.g.,
george:x:1074:10:George Porjy:/export/home/george:/bin/ksh
A user's secondary group memberships (zero or more) are defined in the 4th field of
the /etc/group file --e.g.,
fish::377:george,sally,sam,mary
To confirm that his active group is now fish, he can now run "id" or "id -a":
# id
uid=1074(george) gid=377(fish)
# id -a
uid=1074(george) gid=377(fish) groups=10(staff),377(fish),378(mammal)
The significance of the group password ——second field in /etc/group, typically unused
—— is that, if you don't officially belong to a group but you want to switch to that group as
your active group, you can do so ——using the newgrp command—— if (a) a password has been
assigned to that group and (b) you know the password. For example, run "newgrp fish" and you
will be prompted for the password. After switching the active group, you have access to that
groups other files and directories also, for the time being ——this does not permanently add
you as a member of that group. To assign a password to a group, copy & paste a 13-character
encrypted-password from /etc/shadow into the second field of the appropriate /etc/group line.
(Adminsuite-2.0 in Solaris-2.6 and earlier has a GUI way to set the password.)
The groups command lists all of your groups, beginning with the primary. It does not
tell you which one is your active group.