HPE Community
Operating System - HP-UX
1833514 Members
2779 Online
110061 Solutions
New Discussion

Re: No entry for user in /etc/group

 
RAC_1
Honored Contributor

‎02-15-2003 11:38 PM

‎02-15-2003 11:38 PM

No entry for user in /etc/group

Added the user as follows.
useradd -g root -s /usr/bin/ksh -m -k /etc/skel user_name.

ie. primary group of user is root. but I do not see entry under /etc/group.

group root does not list entry for user.
it is as follows.
root::0:root

this user does not belog to groups more than 8. pwck and grpck ware OK. system in trusted mode.
This is HP-UX 11.11.
There is no substitute to HARDWORK
0 Kudos
Reply
5 REPLIES 5
Sridhar Bhaskarla
Honored Contributor

‎02-15-2003 11:48 PM

‎02-15-2003 11:48 PM

Re: No entry for user in /etc/group

Hi Anil,

-g specifies the primary group. IT does not need to be listed in /etc/group. However, if you add the user in multiple groups, then you would add -G flag and that will put the login under the corresponding groups. For ex., if you modify the above like
useradd -g root -G users -s /usr/bin/ksh -m -k /etc/skel user

then you will find user under users group in /etc/groups.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
RAC_1
Honored Contributor

‎02-15-2003 11:52 PM

‎02-15-2003 11:52 PM

Re: No entry for user in /etc/group

Is this the standard way?

if user belogs to just one group(no secondary groups at all), then it will have no entry in /etc/group?

the group for this user is root. I want to put this in /etc/default/security for restrictions on su so that only this user can do su - root
Thanks anyway.

There is no substitute to HARDWORK
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎02-16-2003 12:02 AM

‎02-16-2003 12:02 AM

Re: No entry for user in /etc/group

Is this a standard?. As I mentioned before, the primary user does not need to be in /etc/group. So useradd with -g will not add it to avoid unnecessary entries. Not only that, useradd -g will also ensure that the primary group is taken out from /etc/group if the user was listed in it.

For ex., before adding the user, edit /etc/group and add "user" to root's group. Then execute useradd -g command. It will take out user from the group file.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Ralph Grothe
Honored Contributor

‎02-16-2003 03:29 AM

‎02-16-2003 03:29 AM

Re: No entry for user in /etc/group

There's no need for redundant entries since -g specifies the account's GID which is always listed as an entry in the 4th field of /etc/passwd anyway.

I don't know anything about Unix standards but I think that the useradd command (together with the other user* group* commands) was only introduced by SysV Unices.
Even today the *BSDs have a simple script called adduser (nowadays usually a Perl script) that executes all the necesarry steps during the creation of a new account (like updating the files passwd, group, shadow in etc, creating the $HOME dir, copying files from /etc/skel, setting ownership and permission bits).
So if you have access to a *BSD it is quite instructive to have a look at this script.
Madness, thy name is system administration
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎02-16-2003 10:18 PM

‎02-16-2003 10:18 PM

Re: No entry for user in /etc/group

In the old days, /etc/group had every user listed for every group including the default group which is already listed in /etc/passwd. This led to massively long /etc/group lines (thousands of characters) then kludges to list the default usergroup multiple times to shorten the lines. HP-UX has not needed the default (login) group to be listed in the /etc/group files for many years.

As far as the SUROOT group, you might want to make the user part of the standard usergroup and add a secondary group of root (or maybe suroot) which you would have to list in /etc/group (-G suroot). That way, a user's association with SUROOT privileges can be easily removed by editing /etc/group and removing the user's membership to suroot. By making suroot the default, you would have to run vipw or otherwise edit the passwd file to change the default group. From s system administration point of view, a user should start life (login) as a standard user and then be given additional privileges. It's mostly cosmetic but it makes it easier for other sysadmins.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.