format of the group permissions file
The file /etc/group
consists of newline
separated ASCII records, one per group, containing four colon
’) separated fields. These fields are
- Name of the group.
- Group's encrypted password.
- The group's decimal ID.
- Group members.
field is the group name used for
granting file access to users who are members of the group. The
field is the number associated with the
group name. They should both be unique across the system (and often across a
group of systems) since they control file access. The
field is an optional encrypted
password. This field is rarely used and an asterisk is normally placed in it
rather than leaving it blank. The member
field contains the names of users granted the privileges of
. The member names are separated by
commas without spaces or newlines. A user is automatically in a group if that
group was specified in their
does not need to be added to that group in the
If YP is active, the
file also supports
YP exclusions and inclusions.
Lines beginning with a ‘
’ (minus sign)
are entries marked as being excluded from any following inclusions, which are
marked with a `+' (plus sign).
Lines of the format
cause the specified group to be included from the
YP map. If no group name is
specified, or the ‘
’ (plus sign)
appears alone on a line, all groups are included from the YP map.
YP references may appear anywhere in the file, but the single
’ form should be on the last line, for
historical reasons. Only the first group with a specific name encountered,
whether in the
file itself, or
included via YP, will be used.
Proper YP group support requires consistent
YP maps. See
When YP is enabled but temporarily unavailable, login becomes impossible for all
users except those having an entry in the
file format first appeared in
Version 6 AT&T UNIX
The YP file format first appeared in SunOS.
does not change the
Lines in /etc/group
are limited to 1024
characters. YP groups are not affected by this limit.
Groups are limited to a maximum of 200 members per group.