groupmanage(1) and user-administered groups ------------------------------------------- There is a program `groupmanage', with which users can create their own groups and change their group membership. For a synopsis of its usage, type `groupmanage'. Each group managed by groupmanage has an entry in /etc/grouplist as well as in /etc/group. This contains the administrative information which controls who may do what to the group, in the form: group:description:owner:manager1,manager2,manager3:home-directory (as many or few managers as you like). groupmanage will modify this file as well as /etc/group Each group has a single owner user. The owner and managers are allowed to add and delete managers and members; only the owner may change the group title. Note that being a manager doesn't automatically make you a member of a group - you must use groupmanage --add to do that, and then log in again to ensure that the new membership affects your session. There are some restrictions on groups created by users without administrator intervention: in the default configuration the group name must have the form -, except that if is more than 4 characters only the first 4 need be given. All groups created by a user have that user's name in the title. Any one user may not create more than 5 groups for themselves. All group names must be less than 8 characters long, and a group once created can not easily be deleted because revoking access to a uid or gid on unix is very hard. Groups can be renamed with assistance from the system administrator. For more formal groups (for example, those corresponding to particular organisations, or which interact with system software eg mail delivery) should probably be created by the sysadmin on request and need not heed these restrictions; it might also be useful to create a home directory for shared files. When working with shared files, you should not remove (and should reinstate, if necessary) the setgid bit on the shared directories, and leave your umask set to allow group write (the default is 002). You'll then find that you're able to work in group filespace areas without having to ask other users to chmod files, or having to type incantations to switch between working on shared files and your personal files. $Id$