group, logingroup - group file, grp.h
contains for each group the following information:
· group name
· encrypted password
· numerical group ID
· comma-separated list of all users allowed in the group
The file is an ASCII file. Fields are separated by colons, and each
group is separated from the next by a new-line. No spaces should sepa‐
rate the fields or parts of fields on any line. If the password field
is null, no password is associated with the group.
There are two files of this form in the system, and The file exists to
supply names for each group, and to support changing groups by means of
the utility (see newgrp(1)). provides a default group access list for
each user via and (see login(1) and initgroups(3C)).
The real and effective group ID set up by for each user is defined in
(see passwd(4)). If is empty, the default group access list is empty.
If and are links to the same file, the default access list includes the
entire set of groups associated with the user. The group name and
password fields in are never used; they are included only to give the
two files a uniform format, allowing them to be linked together.
All group IDs used in or should be defined in
These files reside in directory Because of the encrypted passwords,
these files can and do have general read permission and can be used,
for example, to map numerical group IDs to names.
The group structure is defined in and includes the following members:
The file can contain a line beginning with a plus which means to incor‐
porate entries from Network Information Services (NIS). There are two
styles of entries: means to insert the entire contents of NIS group
file at that point, and means to insert the entry (if any) for name
from NIS at that point. If a entry has a non-null password or group
member field, the contents of that field overide what is contained in
NIS. The numerical group ID field cannot be overridden.
A group file can also have a line beginning with a minus these entries
are used to disallow group entries. There is only one style of entry;
an entry that consists of means to disallow any subsequent entry (if
any) for name. These entries are disallowed regardless of whether the
subsequent entry comes from the NIS or the local group file.
Group files must not contain any blank lines. Blank lines can cause
unpredictable behavior in system administration software that uses
Group ID (gid) 9 is reserved for the Pascal Language operating system
and the BASIC Language operating system. These are operating systems
for Series 300/400 computers that can co-exist with HP-UX on the same
disk. Using this gid for other purposes can inhibit file transfer and
The length of each line in is limited to as defined in Because of this
limit, users should not be listed in their primary group - only in
their additional groups.
If is linked to group membership for a user is managed by NIS, and no
NIS server is able to respond, that user cannot log in until a server
There is no single tool available to completely ensure that and are
compatible. However, and can be used to simplify the task (see
There is no tool for setting group passwords in
Here is a sample file:
Group has a gid of 1 and members and The group is ignored since it
appears after the entry Also, the group has members and and the pass‐
word and group ID of the NIS entry for the group All groups listed in
the NIS are pulled in and placed after the entry for The plus and minus
features are part of NIS. Therefore if NIS is not installed, these
features cannot work.
FILESSEE ALSOgroups(1), newgrp(1), passwd(1), setgroups(2), crypt(3C), getgrent(3C),