1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" From: @(#)group.5 8.3 (Berkeley) 4/19/94 33.\" $Id$ 34.\" 35.Dd September 29, 1994 36.Dt GROUP 5 37.Os 38.Sh NAME 39.Nm group 40.Nd format of the group permissions file 41.Sh DESCRIPTION 42The file 43.Aq Pa /etc/group 44consists of newline separated 45.Tn ASCII 46records, one per group, containing four colon 47.Ql \&: 48separated fields. These fields are as follows: 49.Bl -tag -width password -offset indent -compact 50.It group 51Name of the group. 52.It passwd 53Group's 54.Em encrypted 55password. 56.It gid 57The group's decimal ID. 58.It member 59Group members. 60.El 61.Pp 62The 63.Ar group 64field is the group name used for granting file access to users 65who are members of the group. 66The 67.Ar gid 68field is the number associated with the group name. 69They should both be unique across the system (and often 70across a group of systems) since they control file access. 71The 72.Ar passwd 73field 74is an optional 75.Em encrypted 76password. 77This field is rarely used 78and an asterisk is normally placed in it rather than leaving it blank. 79The 80.Ar member 81field contains the names of users granted the privileges of 82.Ar group . 83The member names are separated by commas without spaces or newlines. 84A user is automatically in a group if that group was specified 85in their 86.Pa /etc/passwd 87entry and does not need to be added to that group in the 88.Pa /etc/group file. 89.\" .Pp 90.\" When the system reads the file 91.\" .Pa /etc/group 92.\" the fields are read into the structure 93.\" .Fa group 94.\" declared in 95.\" .Aq Pa grp.h : 96.\" .Bd -literal -offset indent 97.\" struct group { 98.\" char *gr_name; /* group name */ 99.\" char *gr_passwd; /* group password */ 100.\" int gr_gid; /* group id */ 101.\" char **gr_mem; /* group members */ 102.\" }; 103.\" .Ed 104.Sh YP/NIS INTERACTION 105The 106.Pa /etc/group 107file can be configured to enable the YP/NIS group database. 108An entry whose 109.Ar name 110field consists of a plus sign (`+') followed by a group name, will be 111replaced internally to the C library with the YP/NIS group entry for the 112named group. An entry whose 113.Ar name 114field consists of a single plus sign with no group name following, 115will be replaced with the entire YP/NIS 116.Dq Li group.byname 117map. 118.Pp 119If the YP/NIS group database is enabled for any reason, all reverse 120lookups (i.e., 121.Fn getgrgid ) 122will use the entire database, even if only a few groups are enabled. 123Thus, the group name returned by 124.Fn getgrgid 125is not guaranteed to have a valid forward mapping. 126.Sh FILES 127.Bl -tag -width /etc/group -compact 128.It Pa /etc/group 129.El 130.Sh SEE ALSO 131.Xr crypt 3 , 132.Xr getgrent 3 , 133.Xr initgroups 3 , 134.Xr passwd 1 , 135.Xr passwd 5 , 136.Xr setgroups 2 , 137.Xr yp 4 138.Sh BUGS 139The 140.Xr passwd 1 141command does not change the 142.Nm group 143passwords. 144.Sh HISTORY 145A 146.Nm 147file format appeared in 148.At v6 . 149The YP/NIS functionality is modeled after 150.Tn SunOS 151and first appeared in 152.Tn FreeBSD 1531.1. 154