ggrroouupp -- System Administration

Define groups of users

The group file /eettcc/ggrroouupp describes  the user groups that have been defined
on  your COHERENT  system.  This  allows users to  control the  access that
members  of their  group have  to certain  files.  /eettcc/ggrroouupp  contains the
information  to map  any ASCII  group name  to the  corresponding numerical
group identifier, and vice versa.  It also contains, in ASCII, the names of
the members of each group.  This  information is used by, among others, the
command nneewwggrrpp.

Each group  has an entry in  the file /eettcc/ggrroouupp one  line per entry.  Each
line consists of four colon-separated ASCII fields, as follows:

_g_r_o_u_p__n_a_m_e : _p_a_s_s_w_o_r_d : _g_r_o_u_p__n_u_m_b_e_r : _m_e_m_b_e_r[,_m_e_m_b_e_r...]

Passwords  are  encrypted  with  ccrryypptt,  so  the group  file  is  generally
readable.

The COHERENT  system has five  system calls that  manipulate /eettcc/ggrroouupp, as
follows:

eennddggrreenntt
        Close /eettcc/ggrroouupp.

ggeettggrreenntt
        Return the next entry from /eettcc/ggrroouupp.

ggeettggrrnnaamm
        Return the first entry with a given group name.

ggeettggrrggiidd
        Return the first entry with a given group identifier.

sseettggrreenntt
        Rewind /eettcc/ggrroouupp,  so  that  searches  can  begin again  from  the
        beginning of the file.

The  calls  ggeettggrreenntt,  ggeettggrriidd,  and  ggeettggrrnnaamm  each return  a  pointer  to
structure ggrroouupp, which is defined in the header file ggrrpp.hh as follows:

struct group {
     char *gr_name; /* Group name */
     char *gr_passwd;/* Group password */
     int  gr_gid;   /* Numeric group id */
     char **gr_mem; /* Group members */
};

A user can belong to more  than one group.  His ``main'' group, however, is
the one that is named is  in his entry in the file /eettcc/ppaasssswwdd. When a user
creates a file, that file by default is ``owned'' by the user's main group.

For example, consider user jjooee, who has the following entry in /eettcc/ppaasssswwdd:

    joe:*:10:5:Joe Smith:/usr/joe:/usr/bin/ksh

The fourth field,  which in this example has the  value 55, gives the number
of the user's main group.  (For  details on what the other fields mean, see
the Lexicon entry for ppaasssswwdd.)  Looking in /eettcc/ggrroouupp, we see the following
entry for group 5:

    user::5:

Thus, whenever jjooee creates a file, by default it will be ``owned'' by group
uusseerr.  Any member  of group  uusseerr will be  granted that  file's group-level
permissions on that file.

A user can  use the command cchhmmoodd to change  the group-level permissions on
any file he owns.  The superuser  rroooott can use the command cchhggrrpp to changes
the  group  ownership for  any  file.   For details  on  how  to use  these
commands, see their entries in the Lexicon.

_F_i_l_e_s
/eettcc/ggrroouupp

_S_e_e _A_l_s_o
AAddmmiinniisstteerriinngg  CCOOHHEERREENNTT,  cchhggrrpp(),  cchhmmoodd, cchhoowwnn,  eennddggrreenntt(),  ggeettggrreenntt(),
ggeettggrrggiidd(), ggeettggrrnnaamm(), ggrrpp.hh, nneewwggrrpp, ppaasssswwdd, sseettggrreenndd()

_N_o_t_e_s
At  present the  group password  field cannot be  set directly  (no command
similar  to ppaasssswwdd  exists  for groups).   One  alternative is  to set  the
password in  the /eettcc/ppaasssswwdd file for  a user with the  ppaasssswwdd command, and
then transcribe the password into the group file manually.
