Return to BSD News archive
Xref: sserve comp.unix.bsd:15756 comp.unix.admin:25551 comp.sys.sun.admin:41219 Path: sserve!newshost.anu.edu.au!munnari.oz.au!constellation!bubba.ucc.okstate.edu!newsfeed.ksu.ksu.edu!moe.ksu.ksu.edu!vixen.cso.uiuc.edu!howland.reston.ans.net!gatech!swrinde!pipex!uunet!psinntp!barilvm!vms.huji.ac.il!itex!usenet Newsgroups: comp.unix.bsd,comp.unix.admin,comp.sys.sun.managers,comp.sys.sun.admin,comp.os.unix Subject: /etc/group: long lines Message-ID: <D1FAK1.MoJ@itex.jct.ac.il> From: roman@shekel.jct.ac.il (haim [howard] roman) Date: Mon, 26 Dec 1994 14:50:25 GMT Sender: usenet@itex.jct.ac.il (USENET News System) Organization: Jerusalem College of Technology Keywords: group Summary: what to do if a line in /etc/group is too long? To: unixstaff, shlomo@cs.technion.ac.il, yael@cs.technion.ac.il, rww@shell.com X-Newsreader: TIN [version 1.2 PL2] Lines: 83 Here is my original question: > Our systems are SunOS 4.1.1 & SunOS 4.1.3 > > One of the entries in our /etc/group file is getting too > long. It is already over 1024 characters. Users near the > end of this line are NOT listed as part of this group. > > Is there some way to define sets of users & enter these sets > instead of individual users? Two ideas are: > > use NIS netgroups instead of users > > define groups in terms of other groups > > Unfortunately, as far as I know, none of these are possible. Below I summarize the solutions people sent me, and whether they worked on my systems. Note that the situation might be different on other flavors of UNIX. But the lesson is: try it, even if the documentation does not mention it. (1) Define 2 groups with different names but with the same GID. This worked for me. The people who suggested this are: (David Rukshin) rukshin@madeira.rutgers.edu (Anthony J. Stuckey) stuckey@mrcnext.cso.uiuc.edu (Bill Goins) Billgoins@aol.com (James Sainsbury) jimsa@ozspace.brisnet.org.au (John Mayr) jmayr@fdic.gov (2) seperate lines with same group name & GID. This also worked for me. The people who suggested this are: (Rainer Kirsch) kirsch@ss1.iaee.tuwien.ac.at (L. Adrian Griffis) adrian@ada1.elan.af.mil WORKS!! (3) defining groups in terms of other groups. In this case, the "subgroups" all have different GIDs. Here is an example: foo:*:100:foo1,foo2 foo1:*:101:abraham,isaac,jacob foo2:*:102:sara,rebecca,leah,rachel This did NOT work on my system. For example, "rachel" would be a member of group "foo2", but not of group "foo". One user who reported that it worked for him had the SAME GID for foo, foo1, and foo2. But that is simply suggestion (1) (Josh Rivel) jrivel@fir.fbc.com (J.C. Webber III) jcw@mti.sgi.com (4) set gid field of passwd. I did not try it, because, of course it works. However, I believe that this means that files created by that user will have that GID (unless the user explicitly changes it). The user might not want that. Still, the user could always set his umask so that files created by him/her will be accessible ONLY to him/her by default. Still, other times, this is a good solution. (Anthony J. Stuckey) stuckey@mrcnext.cso.uiuc.edu (5) define a group in terms of netgroups. I cannot test this because we are not currently running NIS. (Christos Zoulas) Christos-Zoulas@deshaw.com Now for a question: since (1) & (2) are undocumented on my systems, my boss is afraid that one day these features will disappear (especially 2). Does anyone know anything about the likelihood of this (particularly for SunOS 4.1.x)? I really want to thank everyone who responded, whether or not the idea worked on my particular system. -------------------------------------------------------------- Haim (Howard) Roman | E-mail: roman@brachot.jct.ac.il Computer Center | Phone: +972-2-751 160 (work) Jerusalem College of Technology | +972-2-963 502 (home) P.O. Box 16031 | FAX: +972-2-422 075 Jerusalem, ISRAEL |