 |
Index for
Section 8 |
|
 |
Alphabetical
listing for G |
|
 |
Bottom of
page |
|
groupadd(8)
NAME
groupadd - Adds a new group definition
SYNOPSIS
/usr/sbin/groupadd [-g gid] [-o] [-P] [-x extended_option] group_name
OPTIONS
-g gid
Specifies the group identifier (GID) of the new group being added. The
GID must be a non-negative decimal integer.
-o Allows a group identification (GID) number to be duplicated (non-
unique). This option can be used only with the -g option.
-P Creates a PC group only.
-x extended_option[extended_option...]
Extended options are of the form attribute=value. You may enter any
number of extended options (within the character limit of the command
line) by separating each option with a space. Alternatively, they may
be entered separately following the -x switch. Note that some extended
options are only available under specific system environments.
The following sets of extended_option attributes are available:
local=0|1
Indicates whether the group is local. If set to 1, the group is
added to the local database. This also sets the value of extended
options distributed and ldap to 0.
distributed=0|1
Indicates whether the group is distributed. If set to 1, the group
is added to the NIS database. This also sets the value of extended
option local to 0. You must be on the NIS master to create a NIS
group.
ldap=0|1
Indicates whether the group is created on an LDAP server. If set to
1, the group is added to the LDAP server and also sets the value of
extended options local and distributed to 0. LDAP must be
configured, and you must be on the LDAP server or an LDAP client
with permission to modify the LDAP database.
members=user[,user...]
A comma-delimited list of user's who will be members of the UNIX
group. You can specify the user (login) name or the account UID.
The following extended_option attributes are available for PC group
administration if the Advanced Server for UNIX (ASU) is configured and
running:
pc_group_description=string
Specifies a text string that provides a description of the PC
group.
pc_group_members=user[,user...]
Specifies a comma delimited list of PC users to be added to the
current list of members of a PC group. Note that this adds, but
does not replace members.
group_name
Specifies the name of the new group. There are restrictions, described
below, on the length and allowable characters in the group name.
DESCRIPTION
The groupadd command is part of a set of command-line interfaces (CLI) that
are used to create and administer user groups on the system. When the
Advanced Server for UNIX (ASU) is installed and running, the groupadd
command can also be used to administer PC groups for users who are also
holders of Windows NT domain accounts. Accounts can also be created with
the /usr/bin/X11/dxaccounts graphical user interface (GUI) or the sysman
(8) Accounts Menu.
Different options are available depending on how the local system is
configured:
· In the default UNIX environment, user account management is compliant
with the IEEE POSIX Standard P1387.3.
· The CLI is backwards-compatible, so all existing local scripts will
function. However, you should consider testing your account
management scripts before use.
The groupadd command lets the system administrator create new groups on the
system by specifying the group name and GID. When the GID is not specified
(with the -g option), the GID defaults to the next available (unique)
number.
The -x options local, distributed, and ldap let the system administrator
specify whether the new group is local, distributed by NIS, or an LDAP
server. If these options are not specified on the command line, the system
adds the new group to the appropriate database as specified by the system
defaults. System defaults for groups may be set with the groupmod -D
option. In the absence of any defaults, groupadd creates a local group.
Certain combinations of these settings are incompatible and produce an
error: it is invalid to set all of these values to 0 or set more than one
of them to 1.
RESTRICTIONS
You must have superuser privilege to execute this command.
Distributed groups can only be added, modified, or deleted on NIS servers.
LDAP groups can only be added, modified, or deleted on an LDAP server or on
a suitably privileged LDAP client.
You cannot specify more than 255 characters on a single command line.
However, lines can be split to an appropriate length. If you try and enter
too many new groups, the group file may be corrupted.
Certain characters that have special meaning for the shells are not allowed
in the group name. This list includes $@/[]:;|=,*?<>(){}"'`#, backslash
(\), and white space (space, tab, newline, form-feed, return). In addition,
the first character of the new group name cannot be one of +-!~.
In this release the maximum length of a group name is 8 characters.
The pc_synchronize default value is not used for groupadd, groupmod, and
groupdel. UNIX and PC groups cannot be synchronized and therefore must be
created separately. Use the command groupadd -P xdomain to create a PC
group named xdomain. Then, use the command groupadd xdomain to create a
UNIX group named xdomain.
EXIT STATUS
The groupadd command exits with one of the following values:
0 Success.
1 Failure.
2 Warning.
EXAMPLES
1. The following example adds the group, newgroup, to the group database
with a system-provided GID:
% groupadd newgroup
2. The following example adds the group, newgroup, to the group database
with a GID of 451:
% groupadd -g 451 newgroup
3. The following example adds the group, newgroup, to the NIS master
database:
% groupadd -x distributed=1
newgroup
4. The following example adds the PC group, projectX with members JoeMc
and HiteshC:
% groupadd -P
-x pc_group_members=JoeMc,HiteshC, \
projectX
5. The following example adds the PC group, newgroup and provides a
description field "common project group":
% groupadd -P -x
pc_group_description="common project group" \
projectX
FILES
The groupadd command operates on files for the specific level of system
security.
SEE ALSO
Commands: groupdel(8), groupmod(8), useradd(8), userdel(8), usermod(8)
System Administration
Security
Advanced Server for UNIX administration and configuration documents.
|
Index for
Section 8 |
|
|
Alphabetical
listing for G |
|
 |
Top of
page |
|