1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" From: @(#)group.5 8.3 (Berkeley) 4/19/94 33.\" $FreeBSD$ 34.\" 35.Dd September 29, 1994 36.Dt GROUP 5 37.Os 38.Sh NAME 39.Nm group 40.Nd format of the group permissions file 41.Sh DESCRIPTION 42The file 43.Aq Pa /etc/group 44consists of newline separated 45.Tn ASCII 46records, one per group, containing four colon 47.Ql \&: 48separated fields. These fields are as follows: 49.Bl -tag -width password -offset indent -compact 50.It group 51Name of the group. 52.It passwd 53Group's 54.Em encrypted 55password. 56.It gid 57The group's decimal ID. 58.It member 59Group members. 60.El 61.Pp 62Lines whose first non-whitespace character is a pound-sign (#) 63are comments, and are ignored. Blank lines that consist 64only of spaces, tabs or newlines are also ignored. 65.Pp 66The 67.Ar group 68field is the group name used for granting file access to users 69who are members of the group. 70The 71.Ar gid 72field is the number associated with the group name. 73They should both be unique across the system (and often 74across a group of systems) since they control file access. 75The 76.Ar passwd 77field 78is an optional 79.Em encrypted 80password. 81This field is rarely used 82and an asterisk is normally placed in it rather than leaving it blank. 83The 84.Ar member 85field contains the names of users granted the privileges of 86.Ar group . 87The member names are separated by commas without spaces or newlines. 88A user is automatically in a group if that group was specified 89in their 90.Pa /etc/passwd 91entry and does not need to be added to that group in the 92.Pa /etc/group file. 93.\" .Pp 94.\" When the system reads the file 95.\" .Pa /etc/group 96.\" the fields are read into the structure 97.\" .Fa group 98.\" declared in 99.\" .Aq Pa grp.h : 100.\" .Bd -literal -offset indent 101.\" struct group { 102.\" char *gr_name; /* group name */ 103.\" char *gr_passwd; /* group password */ 104.\" int gr_gid; /* group id */ 105.\" char **gr_mem; /* group members */ 106.\" }; 107.\" .Ed 108.Sh YP/NIS INTERACTION 109The 110.Pa /etc/group 111file can be configured to enable the YP/NIS group database. 112An entry whose 113.Ar name 114field consists of a plus sign (`+') followed by a group name, will be 115replaced internally to the C library with the YP/NIS group entry for the 116named group. An entry whose 117.Ar name 118field consists of a single plus sign with no group name following, 119will be replaced with the entire YP/NIS 120.Dq Li group.byname 121map. 122.Pp 123If the YP/NIS group database is enabled for any reason, all reverse 124lookups (i.e., 125.Fn getgrgid ) 126will use the entire database, even if only a few groups are enabled. 127Thus, the group name returned by 128.Fn getgrgid 129is not guaranteed to have a valid forward mapping. 130.Sh LIMITS 131There are various limitations which are explained in 132the function where they occur; see section 133.Sx SEE ALSO . 134 135In older implementations, 136a group cannot have more than 200 members. The maximum line length of 137.Pa /etc/group 138is 1024 characters. Longer lines will be skipped. 139This limitation disappeared in 140.Fx 3.0 . 141Older binaries that are statically linked, depend on old 142shared libraries, or non-FreeBSD binaries in compatibility mode 143may still have this limits. 144.Sh FILES 145.Bl -tag -width /etc/group -compact 146.It Pa /etc/group 147.El 148.Sh SEE ALSO 149.Xr passwd 1 , 150.Xr setgroups 2 , 151.Xr crypt 3 , 152.Xr getgrent 3 , 153.Xr initgroups 3 , 154.Xr yp 4 , 155.Xr passwd 5 156.Sh BUGS 157The 158.Xr passwd 1 159command does not change the 160.Nm group 161passwords. 162.Sh HISTORY 163A 164.Nm 165file format appeared in 166.At v6 . 167The YP/NIS functionality is modeled after 168.Tn SunOS 169and first appeared in 170.Tn FreeBSD 1711.1. 172Support for comments first appeared in 173.Fx 3.0 . 174