svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
group(5)
group(5) File Formats group(5)
NAME
group - group file
SYNOPSIS
/etc/group
DESCRIPTION
The group file is a local source of group information. The group file
can be used in conjunction with other group sources, including the NIS
maps, group.byname and group.bygid, or group information stored on an
LDAP server. Programs use the getgrnam(3C) routines to access this
information. Shell scripts use the getent(8) command to access this
information.
The group file is an ASCII text file that resides in the /etc direc‐
tory. /etc/group has general read permission on all systems so it can
be used by routines that map between numerical user IDs and group
names.
The group file contains a one-line entry for each group recognized by
the system, of the form:
groupname:password:gid:user-list
where
groupname The name of the group. A string consisting of lowercase
alphabetic characters and numeric characters. The group
name should be restricted to the Portable Filename Charac‐
ters: A-Z, a-z, 0-9, underscore (_), hyphen (-), and
period (.). Neither a colon (:) nor a NEWLINE can be part
of a groupname. The string cannot exceed, MAXGLEN-1, which
is currently defined as thirty two characters.
gid The group's unique numerical ID (GID) within the system.
user-list A comma-separated list of users allowed in the group.
The maximum value of the gid field is 2147483647. To maximize interop‐
erability and compatibility, administrators are recommended to assign
groups using the range of GIDs below 60000 where possible.
A password can be demanded by newgrp(1) if the group password field is
not empty. Group passwords are antiquated and not often used, and
should not be considered secure as their hashes are visible to all
users in the /etc/group file. To create a password for a group use the
pwhash(1) command, then cut and paste the output into /etc/group.
During user identification and authentication, the supplementary group
access list is initialized sequentially from information in this file.
If a user is in more groups than the system is configured for,
{NGROUPS_MAX}, a warning is given and subsequent group specifications
are ignored.
Malformed entries cause routines that read this file to halt, in which
case group assignments specified further along are never made. To pre‐
vent this from happening, use grpck(8) to check the /etc/group database
from time to time.
If the number of characters in an entry exceeds 2047, group maintenance
commands, such as groupdel(8) and groupmod(8), fail.
To update this file, use the groupadd(8), groupmod(8), or groupdel(8)
commands. Entries for groups may also be managed by group actions in a
pkg(7) package.
Directly editing the group file is not recommended. Appropriate precau‐
tions must be taken to lock the /etc/group file against simultaneous
changes if it is to be edited with a text editor, such as by using the
pfedit(8) command.
EXAMPLES
Example 1 An Example group File
The following is an example of a group file:
root::0:root
stooges:q.mJzTnu8icF.:1934:larry,moe,curly
and the sample group entry from nsswitch.conf:
group: files ldap
With these entries, the group stooges has members larry, moe, and
curly, and all groups listed on the LDAP server are effectively incor‐
porated after the entry for stooges.
SEE ALSO
groups(1), newgrp(1), getgroups(2), getgrnam(3C), initgroups(3C),
unistd.h(3HEAD), grpck(8), nsswitch.conf(5), groupadd(8), groupdel(8),
groupmod(8)
NOTES
Entries in the group file that begin with a '+' (plus sign) or '-'
(minus sign) are ignored.
An administrator must have solaris.group.manage authorization to add a
new group. An administrator can add a user to any group or modify any
group for which it has a matching authorization of the form
solaris.group.assign/groupname. An administrator must have both
solaris.group.manage and either solaris.group.assign or an authoriza‐
tion of the form solaris.group.assign/groupname to delete a group.
Oracle Solaris 11.4 11 May 2021 group(5)