 |
Index for
Section 8 |
|
 |
Alphabetical
listing for G |
|
 |
Bottom of
page |
|
groupmod(8)
NAME
groupmod - Modifies a group definition on the system
SYNOPSIS
/usr/sbin/groupmod [-ggid] [-o] [-nnewgroup] [-P] [-xextended_option]
group_name
/usr/sbin/groupmod -D [-x extended_option]
OPTIONS
-D If invoked with any combination of the options below, it sets the
default values for those options. Subsequent invocations of groupmod
without the -D option use these new defaults.
-g gid
Specifies a new group identification number (GID) for the group being
modified. The GID must be a non-negative decimal integer. When the -o
option is used, the GID can be duplicated.
-n newgroup
Specifies a new name for the group. The name has the same restrictions
as described for new group names in groupadd(8). You cannot rename a PC
group.
-o Lets a group identification (GID) number be duplicated (non-unique).
This option can be used only with the -g option.
-P Modifies a PC group only.
-x extended_option [extended_option...]
Extended_options are of the form attribute=value. You may enter any
number of extended options (within the character limit of the command
line) by separating each option with a space. Alternatively, they may
be entered separately following the -x switch. Note that some extended
options are only available under specific system environments.
The value of the extended attributes min_gid, max_gid, and next_gid
given below must be a non-negative decimal number. Note that min_gid
must be less than or equal to next_gid which in turn must be less than
or equal to max_gid. This applies to all modifications of GID values.
The following extended_option attributes are available.
max_gid=n
Specifies the largest numeric identifier that may be associated
with a group. This attribute can be used only with the -D option.
min_gid=n
Specifies the smallest numeric identifier that may be associated
with a group. This attribute can be used only with the -D option.
next_gid=n
Specifies the next available group identifier number (GID) in the
range of min_gid to max_gid. This attribute can be used only with
the -D option.
dup_gid=0|1
Specifies whether duplicate GIDs are allowed. If set to 1,
duplicate GIDs are enabled. If set to 0, duplicate GIDs are
disabled. This attribute can be used only with the -D option.
local=0|1
Indicates whether the group is local. If set to 1, the group is
added to the local database. This also sets the value of extended
options distributed and ldap to 0.
distributed=0|1
Indicates whether the group is distributed by NIS. If set to 1, the
group is added to the NIS database. This also sets the value of
extended options local and ldap to 0. You must be on the NIS master
to modify a NIS group.
ldap=0|1
Indicates whether the group is created on an LDAP server. If set to
1, the group is added to the LDAP database. This also sets the
value of extended options local and distributed to 0.
members=user[,user...]
A comma-delimited list of members of the group. The list replaces
the existing list, adding or removing members as necessary. You can
specify the user by login name or by account UID.
members+=user[,user...]
members-=user[,user...]
A comma-delimited list of members to be added (+=) or (-=) removed
from the group. The list replaces the existing list, adding or
removing members as necessary. You can specify the user by login
name or by account UID.
The following extended_option attributes are available for PC group
administration if the Advanced Server for UNIX (ASU)is configured and
running:
pc_group_description=string
Specifies a text string that provides a description of the PC
group.
pc_group_members=user[,user...]
Specifies a comma delimited list of PC users to be added to the
current list of members of a PC group. Note that this adds, but
does not replace members.
group_name
Specifies the name of the group to be modified. The group name must
exist.
DESCRIPTION
The groupmod command is part of a set of command-line interfaces (CLI) that
are used to create and administer user groups on the system. When The
Advanced Server for UNIX (ASU) is installed and running, the groupmod
command can also be used to administer PC groups with members who are
Windows NT domain account users. Accounts can also be modified with the
/usr/bin/X11/dxaccounts graphical user interface (GUI) or the sysman(8)
Acounts menu.
Different options are available depending on how the local system is
configured:
· User account management is compliant with the IEEE POSIX Standard
P1387.3.
· The CLI is backwards-compatible, so all legacy scripts will function.
However, you should consider testing your account management scripts
before use.
The groupmod command lets the system administrator modify and rename groups
on the system. In addition, the system administrator can use the -D and -x
options on the same command line to change the maximum, minimum, and/or
next available group identifier numbers, as well as specify whether the
group account is local or resides in the NIS master database. If the -x
option is not specified on the command line, the system modifies the group
information in the appropriate database as specified by the system
defaults.
The -x options local, distributed, and ldap let the system administrator
specify whether the group is local, distributed by NIS, or on an LDAP
server. If these options are not specified on the command line, the system
modifies the group in the appropriate database as specified by the system
defaults. System defaults for groups may be set with the groupmod-D option.
In the absence of any defaults, groupmod modifies a local group. Certain
combinations of these settings are incompatible and produce an error: it is
invalid to set all of these values to 0 or set more than one of them to 1.
RESTRICTIONS
You must have superuser privilege to execute this command.
Distributed groups can only be added, modified, or deleted on NIS servers.
LDAP groups can only be added, modified, or deleted on the LDAP server or
on a suitably privileged LDAP client.
EXIT STATUS
The groupmod command exits with one of the following values:
0 Success.
1 Failure.
2 Warning.
EXAMPLES
1. The following example changes the GID of the group, testgrp, to 451:
% groupmod -g 451 testgrp
2. The following example changes the group name of the testgrp group to
unxgrp:
% groupmod -n unxgrp
testgrp
3. The following example changes the maximum group ID (max_gid) to 300
and the next available group ID (next_gid) to 30:
% groupmod -D -x max_gid=300 -x next_gid=30
FILES
The groupmod command operates on the appropriate files for the specific
level of system security.
SEE ALSO
Commands: groupadd(8), groupdel(8), useradd(8), userdel(8), usermod(8)
Manuals: System Administration, Security, Advanced Server for UNIX
Installation and Administration
|
Index for
Section 8 |
|
|
Alphabetical
listing for G |
|
 |
Top of
page |
|