Clean up a bit.
[dragonfly.git] / share / man / man5 / group.5
CommitLineData
984263bc
MD
1.\" Copyright (c) 1980, 1991, 1993
2.\" The Regents of the University of California. All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\" notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\" notice, this list of conditions and the following disclaimer in the
11.\" documentation and/or other materials provided with the distribution.
12.\" 3. All advertising materials mentioning features or use of this software
13.\" must display the following acknowledgement:
14.\" This product includes software developed by the University of
15.\" California, Berkeley and its contributors.
16.\" 4. Neither the name of the University nor the names of its contributors
17.\" may be used to endorse or promote products derived from this software
18.\" without specific prior written permission.
19.\"
20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30.\" SUCH DAMAGE.
31.\"
32.\" From: @(#)group.5 8.3 (Berkeley) 4/19/94
33.\" $FreeBSD: src/share/man/man5/group.5,v 1.15.2.4 2002/02/01 15:51:18 ru Exp $
7ba324e6 34.\" $DragonFly: src/share/man/man5/group.5,v 1.6 2007/04/07 19:29:52 swildner Exp $
984263bc
MD
35.\"
36.Dd September 29, 1994
37.Dt GROUP 5
38.Os
39.Sh NAME
40.Nm group
41.Nd format of the group permissions file
42.Sh DESCRIPTION
43The file
44.Aq Pa /etc/group
45consists of newline separated
46.Tn ASCII
47records, one per group, containing four colon
48.Ql \&:
49separated fields.
50These fields are as follows:
51.Bl -tag -width password -offset indent -compact
52.It group
53Name of the group.
54.It passwd
55Group's
56.Em encrypted
57password.
58.It gid
59The group's decimal ID.
60.It member
61Group members.
62.El
63.Pp
64Lines whose first non-whitespace character is a pound-sign (#)
65are comments, and are ignored.
66Blank lines that consist
67only of spaces, tabs or newlines are also ignored.
68.Pp
69The
70.Ar group
71field is the group name used for granting file access to users
72who are members of the group.
73The
74.Ar gid
75field is the number associated with the group name.
76They should both be unique across the system (and often
77across a group of systems) since they control file access.
78The
79.Ar passwd
80field
81is an optional
82.Em encrypted
83password.
84This field is rarely used
85and an asterisk is normally placed in it rather than leaving it blank.
86The
87.Ar member
88field contains the names of users granted the privileges of
89.Ar group .
90The member names are separated by commas without spaces or newlines.
91A user is automatically in a group if that group was specified
92in their
93.Pa /etc/passwd
94entry and does not need to be added to that group in the
7ba324e6
SW
95.Pa /etc/group
96file.
984263bc
MD
97.\" .Pp
98.\" When the system reads the file
99.\" .Pa /etc/group
100.\" the fields are read into the structure
101.\" .Fa group
102.\" declared in
44cb301e 103.\" .In grp.h :
984263bc
MD
104.\" .Bd -literal -offset indent
105.\" struct group {
106.\" char *gr_name; /* group name */
107.\" char *gr_passwd; /* group password */
108.\" int gr_gid; /* group id */
109.\" char **gr_mem; /* group members */
110.\" };
111.\" .Ed
112.Sh YP/NIS INTERACTION
113The
114.Pa /etc/group
115file can be configured to enable the YP/NIS group database.
116An entry whose
117.Ar name
118field consists of a plus sign (`+') followed by a group name, will be
119replaced internally to the C library with the YP/NIS group entry for the
120named group. An entry whose
121.Ar name
122field consists of a single plus sign with no group name following,
123will be replaced with the entire YP/NIS
124.Dq Li group.byname
125map.
126.Pp
127If the YP/NIS group database is enabled for any reason, all reverse
128lookups (i.e.,
129.Fn getgrgid )
130will use the entire database, even if only a few groups are enabled.
131Thus, the group name returned by
132.Fn getgrgid
133is not guaranteed to have a valid forward mapping.
134.Sh LIMITS
135There are various limitations which are explained in
136the function where they occur; see section
137.Sx SEE ALSO .
138.Pp
139In older implementations,
140a group cannot have more than 200 members.
141The maximum line length of
142.Pa /etc/group
143is 1024 characters.
144Longer lines will be skipped.
145This limitation disappeared in
146.Fx 3.0 .
147Older binaries that are statically linked, depend on old
148shared libraries, or
9bb2a92d 149.No non- Ns Dx
984263bc
MD
150binaries in compatibility mode
151may still have this limits.
152.Sh FILES
153.Bl -tag -width /etc/group -compact
154.It Pa /etc/group
155.El
156.Sh SEE ALSO
157.Xr passwd 1 ,
158.Xr setgroups 2 ,
159.Xr crypt 3 ,
160.Xr getgrent 3 ,
161.Xr initgroups 3 ,
162.Xr passwd 5 ,
163.Xr yp 8
984263bc
MD
164.Sh HISTORY
165A
166.Nm
167file format appeared in
168.At v6 .
169The YP/NIS functionality is modeled after
170.Tn SunOS
171and first appeared in
172.Fx 1.1 .
173Support for comments first appeared in
174.Fx 3.0 .
ac561d34
SW
175.Sh BUGS
176The
177.Xr passwd 1
178command does not change the
179.Nm
180passwords.