User Groups and the /etc/group file

Robert Locke rlocke at ralii.com
Tue Jun 15 01:25:57 UTC 2004


On Mon, 2004-06-14 at 21:15, Ow Mun Heng wrote:
> Hi,
> 
> 	I'm confused, Created a user using
> 
> useradd -c user_full_name -d /dev/null  -g GroupA -s /sbin/nologin bob_t
> 
> I see in the /etc/passwd file
> 
> bob_t:x:100:1000:user_name:/dev/null:/sbin/nologin
> 
> Where in /etc/group 
> 
> GroupA:x:1000
> 
> The question is, how come bob_t is not included into GroupA in the
> /etc/group file?
> 
> Is the /etc/group file only for supplemental groups which the user bob_t
> is also associated with? (and GroupA is the user's primary group and
> thus no need to be included?)
> 
> 
> using the command line parameter usermod -g somegroup username
> -- 
> 
You are correct.

In the Red Hat world and their intent of using UPG (User Private
Groups), the primary group relationship is defined in /etc/passwd, it is
apparently redundant at best to place the user's name on the group line
in /etc/group.  A user's name appearing in /etc/group is intended to
reflect auxiliary groups only.

Remember that, by default, when you create a user it would normally
create a group name with the same name as the user and assign the
primary relationship to that new "user private group", with the home
directory owned by that user and it's UPG.  Collaboration is intended to
be done with auxiliary groups and SetGID on the shared directories.

--Rob






More information about the fedora-list mailing list