Path: utzoo!mnetor!uunet!husc6!bloom-beacon!gatech!hao!ames!ptsfa!ihnp4!occrsh!occrsh.ATT.COM!rjd
From: rjd@occrsh.ATT.COM
Newsgroups: comp.unix.wizards
Subject: Re: Setting up groups (LONG)
Message-ID: <142700020@occrsh.ATT.COM>
Date: 14 Dec 87 16:41:00 GMT
References: <228@hub.ucsb.edu>
Lines: 56
Nf-ID: #R:hub.ucsb.edu:-22800:occrsh.ATT.COM:142700020:000:2784
Nf-From: occrsh.ATT.COM!rjd    Dec 14 10:41:00 1987


> >	How do you assign a user to more than one group?
> >	[... stuff deleted ...]
> >	I know how to create groups -- add an entry for the group name,
> >password, group number, and a comma-delimited member list in /etc/group.
> 
> >	I know how to assign a given user to _one_ group -- put the group 
> >number in the 4th column of his/her/its entry in /etc/passwd.
> 
> I don't believe this is sufficient to add a user to a group.  I think you
> also have to add their login name to the group line in /etc/group.  I think
> this field is superseded by the /etc/group file.

   Wrong.  The original poster is correct: All that you need to have in place
in order to assign a user to ONE group is the number in the fourth field in
the /etc/passwd file.  It need not even be defined in the /etc/group file.
If you want an alphanumeric string associated with it (such as for ls -l
listings), you need to have it in the group file.  It is common at some sites
I have used that they use a user's department number as a group and not even
define it in /etc/group, since the number will appear on ls -l listings in the
absence of a defined alphanumeric string.

> >	But if I want to have users be in _two_ or more groups (so they can
> > read and write files in several different areas, I don't know how to do it.
> 
> I don't have root permission anymore, so I can't check out my answer, but
> I'm pretty sure it's correct.  If not, please feel free to flame me (and,
> of course, correct me).
> 
> To add a user to more than one group, you need only add the user name to 
> each group line in /etc/group that you want the user to be in.  Where I

  Correct, yet he need not be in his login group, unless, I think, he wants
to newgrp back to his login group??

> used to work, I was in the wheel group (group 0), in addition to about 5
> other groups.  To accomplish this, I simply edited /etc/group.  Note that
> you must log out and log back in after you edit /etc/group, because groups
> are initialized during login.

   I am not 100% sure but I don't think you need to log out.  Maybe we are
talking different flavors of unix here (I'm on AT&T System V), but the
/etc/group file is only looked at during a command that is looking up the
alphanumeric string (such as ls) or when you execute 'newgrp' to adopt the
permissions of a group other than you logged in as (in which case your login
in must appear in the fourth field of /etc/group).  At no other time that I
am aware of is the file even opened.

> Here at our site, root is in almost every group.  I'm sure it is similar
> at your site.

  No, root is in no groups here.  In fact, every group has its fourth field
completely empty, yet 'newgrps' called by root always succeed (yet others
always fail - I just checked both).

Randy