usermod
Alexey Fadyushin
fab at s-tunnel.com
Wed Mar 30 15:46:36 UTC 2005
I think that there is no difference between
steve:x:590:
and
steve:x:590:steve
as far as the kernel access control mechanisms are concerned. Every user
in Linux/Unix is always a member of its primary group (as defined in
/etc/passwd) even if the list of users in that group in /etc/group is
empty. Therefore, it is not important what to use: 'usermod -G "" steve'
or 'usermod -G steve steve' - the records in /etc/group will be
different, but their effect on the access control checks will be the same.
Alexey Fadyushin
Brainbench MVP for Linux.
http://www.brainbench.com
Steve Buehler wrote:
> At 08:50 AM 3/30/2005, McDougall, Marshall (FSH) wrote:
>
>>> >>I know you can use "usermod" on RedHat Linux to add a user to another
>>> group
>>> >>by typing:
>>> >>usermod -G sam,frank steve
>>> >>This would effectively add steve to the "frank" and "sam" group.
>>> How do
>>> >>you remove them from those groups without editing the /etc/group file
>>> >>manually? I can do:
>>> >>usermod -G steve steve
>>> >>That will remove him from "sam" and "frank" groups but would add
>>> steve to
>>> >>his own group so the /etc/group file would look like:
>>> >>steve:x:590:steve
>>> >>instead of just:
>>> >>steve:x:590:
>>> >>For the life of me, I can't figure this one out. Does anybody know?
>>>
>>> >If you "usermod -G sam,frank steve" and realize that you shouldn't
>>> have put
>>> >steve in the frank group, just "usermod -G sam steve" and by
>>> omission, will
>>> >remove the user from the group. HTH
>>>
>>> Yes, but what if I want to remove him from both groups. You can't type
>>> "usermod -G steve". Basically, I am wanting to remove him from ALL
>>> groups
>>> except for his initial group. And "usermod -g steve steve" will not
>>> do it
>>> either. The "-G" must have atleast one group as an
>>> option..................................I just tried something that
>>> seems
>>> to work, but not sure if it is suppose to work this way. I typed:
>>> usermod -G "" steve
>>> and that removed steve from all extra groups. So either my problem is
>>> solved, or there is another "proper" way of doing it.
>>
>>
>> "usermod -Gsteve steve" should remove him from all groups except
>> steve. If
>> the group is in the list, then the user is added to the group. If the
>> group
>> is not in the list, then the user is removed from any groups not in the
>> list. This is the way I go about it. We all know that with *nix,
>> there is
>> always more than 1 way to accomplish it.
>
>
> I know it shouldn't hurt to do that, but if you do, it actually adds
> steve to his own group again. So instead of the line in the /etc/group
> file looking like the following which is how it should look if they are
> not in any other group:
> steve:x:590:
> it would then look like the following if you run "usermod -Gsteve steve":
> steve:x:590:steve
>
> Thanks
> Steve
>
>
>
More information about the redhat-list
mailing list