| 1 | groupmanage(1) and user-administered groups |
| 2 | ------------------------------------------- |
| 3 | |
| 4 | There is a program `groupmanage', with which users can create their |
| 5 | own groups and change their group membership. |
| 6 | |
| 7 | For a synopsis of its usage, type `groupmanage'. |
| 8 | |
| 9 | Each group managed by groupmanage has an entry in /etc/grouplist as |
| 10 | well as in /etc/group. This contains the administrative information |
| 11 | which controls who may do what to the group, in the form: |
| 12 | group:description:owner:manager1,manager2,manager3:home-directory |
| 13 | (as many or few managers as you like). groupmanage will modify this |
| 14 | file as well as /etc/group |
| 15 | |
| 16 | Each group has a single owner user. The owner and managers are |
| 17 | allowed to add and delete managers and members; only the owner may |
| 18 | change the group title. Note that being a manager doesn't |
| 19 | automatically make you a member of a group - you must use |
| 20 | groupmanage --add to do that, and then log in again to ensure that the |
| 21 | new membership affects your session. |
| 22 | |
| 23 | There are some restrictions on groups created by users without |
| 24 | administrator intervention: in the default configuration the group |
| 25 | name must have the form <username>-<groupname>, except that if |
| 26 | <username> is more than 4 characters only the first 4 need be given. |
| 27 | All groups created by a user have that user's name in the title. Any |
| 28 | one user may not create more than 5 groups for themselves. |
| 29 | |
| 30 | All group names must be less than 8 characters long, and a group once |
| 31 | created can not easily be deleted because revoking access to a uid or |
| 32 | gid on unix is very hard. Groups can be renamed with assistance from |
| 33 | the system administrator. |
| 34 | |
| 35 | For more formal groups (for example, those corresponding to particular |
| 36 | organisations, or which interact with system software eg mail |
| 37 | delivery) should probably be created by the sysadmin on request and |
| 38 | need not heed these restrictions; it might also be useful to create a |
| 39 | home directory for shared files. |
| 40 | |
| 41 | When working with shared files, you should not remove (and should |
| 42 | reinstate, if necessary) the setgid bit on the shared directories, and |
| 43 | leave your umask set to allow group write (the default is 002). |
| 44 | You'll then find that you're able to work in group filespace areas |
| 45 | without having to ask other users to chmod files, or having to type |
| 46 | incantations to switch between working on shared files and your |
| 47 | personal files. |
| 48 | |
| 49 | $Id$ |