A group is a list of users. A group is identified by its group name and GID. In FreeBSD, the kernel uses the UID of a process, and the list of groups it belongs to, to determine what the process is allowed to do. Most of the time, the GID of a user or process usually means the first group in the list.
The group name to GID mapping is listed
in /etc/group
. This is a plain text file
with four colon-delimited fields. The first field is the group
name, the second is the encrypted password, the third the
GID, and the fourth the comma-delimited list
of members. For a more complete description of the syntax,
refer to group(5).
The superuser can modify /etc/group
using a text editor. Alternatively, pw(8) can be used to
add and edit groups. For example, to add a group called
teamtwo
and then confirm that it
exists:
#
pw groupadd teamtwo
#
pw groupshow teamtwo
teamtwo:*:1100:In this example, 1100
is the
GID of teamtwo
. Right
now, teamtwo
has no members. This
command will add jru
as a member of
teamtwo
.
#
pw groupmod teamtwo -M jru
#
pw groupshow teamtwo
teamtwo:*:1100:jruThe argument to -M
is a comma-delimited
list of users to be added to a new (empty) group or to replace
the members of an existing group. To the user, this group
membership is different from (and in addition to) the user's
primary group listed in the password file. This means that
the user will not show up as a member when using
groupshow
with pw(8), but will show up
when the information is queried via id(1) or a similar
tool. When pw(8) is used to add a user to a group, it only
manipulates /etc/group
and does not attempt
to read additional data from
/etc/passwd
.
#
pw groupmod teamtwo -m db
#
pw groupshow teamtwo
teamtwo:*:1100:jru,dbIn this example, the argument to -m
is a
comma-delimited list of users who are to be added to the group.
Unlike the previous example, these users are appended to the
group list and do not replace the list of existing users in the
group.
%
id jru
uid=1001(jru) gid=1001(jru) groups=1001(jru), 1100(teamtwo)In this example, jru
is a member of the
groups jru
and
teamtwo
.
For more information about this command and the format of
/etc/group
, refer to pw(8) and
group(5).
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.