User Groups and the /etc/group file
Ow Mun Heng
Ow.Mun.Heng at wdc.com
Tue Jun 15 15:59:35 UTC 2004
On Mon, 2004-06-14 at 18:25, Robert Locke wrote:
> On Mon, 2004-06-14 at 21:15, Ow Mun Heng wrote:
> > Hi,
> >
> > I'm confused, Created a user using
> >
> > useradd -c user_full_name -d /dev/null -g GroupA -s /sbin/nologin bob_t
> >
> > I see in the /etc/passwd file
> >
> > bob_t:x:100:1000:user_name:/dev/null:/sbin/nologin
> >
> > Where in /etc/group
> >
> > GroupA:x:1000
> >
> > The question is, how come bob_t is not included into GroupA in the
> > /etc/group file?
> >
> > Is the /etc/group file only for supplemental groups which the user bob_t
> > is also associated with? (and GroupA is the user's primary group and
> > thus no need to be included?)
> >
> >
> > using the command line parameter usermod -g somegroup username
> > --
> >
> You are correct.
>
> In the Red Hat world and their intent of using UPG (User Private
> Groups), the primary group relationship is defined in /etc/passwd, it is
> apparently redundant at best to place the user's name on the group line
> in /etc/group. A user's name appearing in /etc/group is intended to
> reflect auxiliary groups only.
>
> Remember that, by default, when you create a user it would normally
> create a group name with the same name as the user and assign the
> primary relationship to that new "user private group", with the home
> directory owned by that user and it's UPG. Collaboration is intended to
> be done with auxiliary groups and SetGID on the shared directories.
Now that clears things up.
So shared Directories in which say.. GroupA ppl can access R & W is set
to be chmod 2775 /path/to/directory
And everything inside of it will be marked as writable by GroupA ppl.
I think I got it. Thanks.
More information about the fedora-list
mailing list