HPE Community
Operating System - HP-UX
1833772 Members
2376 Online
110063 Solutions
New Discussion

Re: Groups of Groups

 
SOLVED
Go to solution
IRI Unix Support Tm 3
Occasional Contributor

‎07-08-2004 07:06 AM

‎07-08-2004 07:06 AM

Groups of Groups

Is it possible to add groups to a another group using /etc/group or netgroups?

I'm trying to set up a management group which needs the rights of several different groups.
0 Kudos
Reply
10 REPLIES 10
Sundar_7
Honored Contributor

‎07-08-2004 07:09 AM

‎07-08-2004 07:09 AM

Solution

Re: Groups of Groups

Nope that is not possible. /etc/group only recognizes the username as the last field.

So you will have to manually add the user names to the each individual group names.
Learn What to do ,How to do and more importantly When to do ?
Reply
IRI Unix Support Tm 3
Occasional Contributor

‎07-08-2004 07:13 AM

‎07-08-2004 07:13 AM

Re: Groups of Groups

That's about what I figured...

Thanks
0 Kudos
Reply
KapilRaj
Honored Contributor

‎07-08-2004 07:30 AM

‎07-08-2004 07:30 AM

Re: Groups of Groups

I never tried this but "what if I choose same gid for two groups ?"

Kaps
Nothing is impossible
Reply
RAC_1
Honored Contributor

‎07-08-2004 07:36 AM

‎07-08-2004 07:36 AM

Re: Groups of Groups

Kapil,

No problems. In fact if there too many users in a group, you can put them in different groups and same gid for them. All system cares about it gid.

So following /etc/group file is OK

test1::23:x1,x2
test2::23:y1,y2

Anil
There is no substitute to HARDWORK
Reply
IRI Unix Support Tm 3
Occasional Contributor

‎07-08-2004 07:38 AM

‎07-08-2004 07:38 AM

Re: Groups of Groups

That was going to be my next option...we do that here already so I know it works.

I was just looking for a quicker way


Thanks everyone
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎07-08-2004 12:06 PM

‎07-08-2004 12:06 PM

Re: Groups of Groups

Hi,

Just remember that the limiter is total group membership - 20 for any one user.
Spelled out in /usr/include/limits.h.

Later,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
support_5
Super Advisor

‎07-08-2004 01:24 PM

‎07-08-2004 01:24 PM

Re: Groups of Groups

Is there a way to increase the number of groups a user can be a member of (ie greater than 20)?

- Andrew
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎07-08-2004 01:28 PM

‎07-08-2004 01:28 PM

Re: Groups of Groups

Sorry - No.
This is one of things that requires a rewrite of the kernel internels itself.
It can be done - but I wouldn't do it...

My $0.02,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Gary L. Paveza, Jr.
Trusted Contributor

‎07-08-2004 11:32 PM

‎07-08-2004 11:32 PM

Re: Groups of Groups

I currently have a enhancement request in with HP regarding this (JAGaf08926). Basically, I've asked that they create a concept similiar to newgrp which allows changing the primary group membership to one of the secondary groups, etc. Since HP is unwilling to increase the number of groups a user can belong to (which was my first request), then make it so that users can belong to multiple groups of groups. For example, one set might be grp1 (primary), grp2, and grp2 which might be good enough for normal activity. However, suppose that user also does stuff with another application on the box and needs access to grpA, grpB, and grpC. The new functionality would allow the user to switch from grp1, grp2, grp3 to grpA, grpB, and grpC. Our problem is that we have 4 applications on our system, each has 6 levels of function (development, test, model office, production, etc). Support people need to be able to perform activities in all of these, but the applications must be separate from each other (rules out "other" permissions - which must be 0 here).
0 Kudos
Reply
support_5
Super Advisor

‎07-11-2004 09:53 AM

‎07-11-2004 09:53 AM

Re: Groups of Groups

Interesting. I do think this idea has merit, and I think it should be included in HP-UX, but I don't think it's a good solution to the problem of a limited number of groups a user can belong to. I think the notion has merits of its own besides this which make it useful, I still think HP should increase the number of group, or make it dynamically changeable, perhaps with a kernel parameter or something.

- Andrew Gray
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.