Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Apropos / Subsearch:
optional field

 group(4)							    group(4)

      group, logingroup - group file, grp.h

      group contains for each group the following information:

	   +  group name

	   +  encrypted password

	   +  numerical group ID

	   +  comma-separated list of all users allowed in the group

      This is an ASCII file.  Fields are separated by colons, and each group
      is separated from the next by a new-line.	 No spaces should separate
      the fields or parts of fields on any line.  If the password field is
      null, no password is associated with the group.

      There are two files of this form in the system, /etc/group and
      /etc/logingroup.	The file /etc/group exists to supply names for each
      group, and to support changing groups by means of the newgrp utility
      (see newgrp(1)).	/etc/logingroup provides a default group access list
      for each user via login and initgroups() (see login(1) and

      The real and effective group ID set up by login for each user is
      defined in /etc/passwd (see passwd(4)).  If /etc/logingroup is empty
      or non-existent, the default group access list is empty.	If
      /etc/logingroup and /etc/group are links to the same file, the default
      access list includes the entire set of groups associated with the
      user.  The group name and password fields in /etc/logingroup are never
      used; they are included only to give the two files a uniform format,
      allowing them to be linked together.

      All group IDs used in /etc/logingroup or /etc/passwd should be defined
      in /etc/group.  No user should be associated with more than NGROUPS
      (see setgroups(2)) groups in /etc/logingroup.

      These files reside in directory /etc.  Because of the encrypted
      passwords, these files can and do have general read permission and can
      be used, for example, to map numerical group IDs to names.

      The group structure is defined in <grp.h> and includes the following

	   char	   *gr_name;   /* the name of the group */
	   char	   *gr_passwd; /* the encrypted group password */
	   gid_t   gr_gid;     /* the numerical group ID */
	   char	   **gr_mem;   /* null-terminated array of pointers
				  to member names */

 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000

 group(4)							    group(4)

      The /etc/group file can contain a line beginning with a plus (+),
      which means to incorporate entries from Network Information Services
      (NIS).  There are two styles of + entries: + means to insert the
      entire contents of NIS group file at that point, and +name means to
      insert the entry (if any) for name from NIS at that point.  If a +
      entry has a non-null password or group member field, the contents of
      that field overide what is contained in NIS.  The numerical group ID
      field cannot be overridden.

      A group file can also have a line beginning with a minus (-), these
      entries are used to disallow group entries.  There is only one style
      of - entry; an entry that consists of -name means to disallow any
      subsequent entry (if any) for name.  These entries are disallowed
      regardless of whether the subsequent entry comes from the NIS or the
      local group file.

      Group files must not contain any blank lines.  Blank lines can cause
      unpredictable behavior in system administration software that uses
      these files.

      Group ID (gid) 9 is reserved for the Pascal Language operating system
      and the BASIC Language operating system.	These are operating systems
      for Series 300/400 computers that can co-exist with HP-UX on the same
      disk.  Using this gid for other purposes can inhibit file transfer and

      The length of each line in /etc/group is limited to LINE_MAX, as
      defined in <limits.h>.  Because of this limit, users should not be
      listed in their primary group - only in their additional groups.

      If /etc/group is linked to /etc/logingroup, group membership for a
      user is managed by NIS, and no NIS server is able to respond, that
      user cannot log in until a server does respond.

      There is no single tool available to completely ensure that
      /etc/passwd, /etc/group, and /etc/logingroup are compatible.  However,
      pwck and grpck can be used to simplify the task (see pwck(1M)).

      There is no tool for setting group passwords in /etc/group.

      Here is a sample /etc/group file:


 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000

 group(4)							    group(4)


      Group other has a gid of 1 and members root, daemon, uucp, who, date,
      and sync.	 The group oldproj is ignored since it appears after the
      entry -oldproj.  Also, the group myproject has members bill and steve,
      and the password and group ID of the NIS entry for the group
      myproject.  All groups listed in the NIS are pulled in and placed
      after the entry for myproject.

      The plus (+) and minus (-) features are part of NIS.  Therefore if NIS
      is not installed, these features cannot work.


      groups(1), newgrp(1), passwd(1), setgroups(2), crypt(3C),
      getgrent(3C), initgroups(3C), passwd(4).

      group: SVID2, SVID3, XPG2

 Hewlett-Packard Company	    - 3 -   HP-UX Release 11i: November 2000