On Tue, Mar 09, 2004 at 03:29:07PM +0100, Ruben de Groot wrote:
> On Tue, Mar 09, 2004 at 02:10:25PM +0000, Matthew Seaman typed:
> > 
> > Yes, quite.  Your login credentials are established when you login to
> > the system and only then -- that's when the limits of what you're
> > authorized to do are set, which includes amongst other things which
> > groups you're a member of.  So you have to log out and back in again
> > to pick up any changes to /etc/master.passwd or /etc/group.
> Actually, when there's a change in /etc/group, you can use 
> "newgrp <groupname>" to add the new group to your credentials without
> logging in again. It's not exactly the same, but it does the work.

Not on BSD-ish Unices you can't:

    % which newgrp
    newgrp: Command not found.

That's a SysV-ism, and dates back to the days when SysV group handling
used very different semantics to the BSD style that almost every *nix
uses nowadays.  On the early SysV systems your login session would
have one and only one group active at a time: any files you created
would have that group membership, irrespective of the group ownership
of the directory, and your access to files was tested by matching just
that group to the group ownership of the file, rather than comparing
to all groups you are a member of.  If you wanted to change to a new
group, you had to use the newgrp command -- and in some cases, that
would require your giving the group password.  If you ever wondered
why the /etc/group file has an encrypted password field that is almost
never used, this is where it comes from.



Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to