HPE Community
Operating System - HP-UX
1834150 Members
2091 Online
110064 Solutions
New Discussion

primary group

 
SOLVED
Go to solution
Scott Van Kalken
Esteemed Contributor

‎12-11-2001 07:50 PM

‎12-11-2001 07:50 PM

primary group

I have a question relating to a person's primary group.

Is it possible to set on the fly someone's primary group.

For example, the following directories:

rwxrw---- root:groupA dirA
rwxrw---- root:groupB dirB

If user joe has primary group of groupA and secondary group of groupB joe can obviously access both directories.

This is cool.

However, what if joe wants to create files in dirB. They would be created with group permissions of joe's primary group (groupA) and other people in groupB could not read them (umask).

I do not want to change umask.

Scott.
0 Kudos
Reply
4 REPLIES 4
Steven Sim Kok Leong
Honored Contributor

‎12-11-2001 08:06 PM

‎12-11-2001 08:06 PM

Re: primary group

Hi,

Why not use ACLs?

rwxrw---- root:groupA dirA
rwxrw---- root:groupB dirB

For HFS (JFS use setacl),
# chacl '(%.groupA,rw-)(%.groupB,rw-)(%.%,---)' dirB

Refer also to this thread:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x8f55a22831ebd5118ff40090279cd0f9,00.html

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
Madhu Sudhan_1
Respected Contributor

‎12-11-2001 08:45 PM

‎12-11-2001 08:45 PM

Solution

Re: primary group

Scott:

What you all need here is switching between groups without changin user id.

The 'newgrp(1)' command helps you to acheive this.

Following is an extract from docs.hp.com

"The newgrp command changes your group ID without changing your user ID and replaces your current
shell with a new one.

If you specify group, the change is successful if group exists and either your user ID is a member of the new group, or
group has a password and you can supply it from the terminal."

Enjoy !

-Madhu

Think Positive
Reply
CPHVF-U Guard
Advisor

‎12-12-2001 02:53 AM

‎12-12-2001 02:53 AM

Re: primary group

You have (at least) two choices

1. change (You forgot the x-bit for the group)
rwxrwx--- root:groupA dirA
rwxrwx--- root:groupB dirB
to (chmod g+s dir[AB])
rwxrws--- root:groupA dirA
rwxrws--- root:groupB dirB

SGID on a directory:
New files will enherit the group-ownership.
(I don't know if this works on HP-UX, it does in Linux)

2. users can use newgroup to change primary group.

0 Kudos
Reply
Wim Rombauts
Honored Contributor

‎12-12-2001 02:58 AM

‎12-12-2001 02:58 AM

Re: primary group

Scott, if you want that all new files in dirA get groupA and all files in dirB get groupB, the best way is to set the correct group on the directory itself and set the SGID bit on them :
chmod g+s dirA dirB

This way, all users who belong to groupB have access to dirB(as set by the directory permissions) and while accessing dirB, they will use groupB for file creation and modification, even if their primary group is groupA.

And yes, this works on HP-UX.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.