| | 1 | groupmanage(1) and user-administered groups |
| | 2 | ------------------------------------------- |
| | 3 | |
| | 4 | There is a program `groupmanage', with which users can create their |
| | 5 | own groups and change their group membership. |
| | 6 | |
| | 7 | For a synopsis of its usage, type `groupmanage'. |
| | 8 | |
| | 9 | Each group managed by groupmanage has an entry in /etc/grouplist as |
| | 10 | well as in /etc/group. This contains the administrative information |
| | 11 | which controls who may do what to the group, in the form: |
| | 12 | group:description:owner:manager1,manager2,manager3:home-directory |
| | 13 | (as many or few managers as you like). groupmanage will modify this |
| | 14 | file as well as /etc/group |
| | 15 | |
| | 16 | Each group has a single owner user. The owner and managers are |
| | 17 | allowed to add and delete managers and members; only the owner may |
| | 18 | change the group title. Note that being a manager doesn't |
| | 19 | automatically make you a member of a group - you must use |
| | 20 | groupmanage --add to do that, and then log in again to ensure that the |
| | 21 | new membership affects your session. |
| | 22 | |
| | 23 | There are some restrictions on groups created by users without |
| | 24 | administrator intervention: in the default configuration the group |
| | 25 | name must have the form <username>-<groupname>, except that if |
| | 26 | <username> is more than 4 characters only the first 4 need be given. |
| | 27 | All groups created by a user have that user's name in the title. Any |
| | 28 | one user may not create more than 5 groups for themselves. |
| | 29 | |
| | 30 | All group names must be less than 8 characters long, and a group once |
| | 31 | created can not easily be deleted because revoking access to a uid or |
| | 32 | gid on unix is very hard. Groups can be renamed with assistance from |
| | 33 | the system administrator. |
| | 34 | |
| | 35 | For more formal groups (for example, those corresponding to particular |
| | 36 | organisations, or which interact with system software eg mail |
| | 37 | delivery) should probably be created by the sysadmin on request and |
| | 38 | need not heed these restrictions; it might also be useful to create a |
| | 39 | home directory for shared files. |
| | 40 | |
| | 41 | When working with shared files, you should not remove (and should |
| | 42 | reinstate, if necessary) the setgid bit on the shared directories, and |
| | 43 | leave your umask set to allow group write (the default is 002). |
| | 44 | You'll then find that you're able to work in group filespace areas |
| | 45 | without having to ask other users to chmod files, or having to type |
| | 46 | incantations to switch between working on shared files and your |
| | 47 | personal files. |
| | 48 | |
| | 49 | $Id$ |
~mdw / userv-utils / blame_incremental