logo

oasis-root

Compiled tree of Oasis Linux based on own branch at <https://hacktivis.me/git/oasis/> git clone https://anongit.hacktivis.me/git/oasis-root.git

newgrp.1p (10351B)


  1. '\" et
  2. .TH NEWGRP "1P" 2017 "IEEE/The Open Group" "POSIX Programmer's Manual"
  3. .\"
  4. .SH PROLOG
  5. This manual page is part of the POSIX Programmer's Manual.
  6. The Linux implementation of this interface may differ (consult
  7. the corresponding Linux manual page for details of Linux behavior),
  8. or the interface may not be implemented on Linux.
  9. .\"
  10. .SH NAME
  11. newgrp
  12. \(em change to a new group
  13. .SH SYNOPSIS
  14. .LP
  15. .nf
  16. newgrp \fB[\fR-l\fB] [\fIgroup\fB]\fR
  17. .fi
  18. .SH DESCRIPTION
  19. The
  20. .IR newgrp
  21. utility shall create a new shell execution environment with a new real
  22. and effective group identification. Of the attributes listed in
  23. .IR "Section 2.12" ", " "Shell Execution Environment",
  24. the new shell execution environment shall retain the working directory,
  25. file creation mask, and exported variables from the previous
  26. environment (that is, open files, traps, unexported variables, alias
  27. definitions, shell functions, and
  28. .IR set
  29. options may be lost). All other aspects of the process environment
  30. that are preserved by the
  31. .IR exec
  32. family of functions defined in the System Interfaces volume of POSIX.1\(hy2017 shall also be preserved by
  33. .IR newgrp ;
  34. whether other aspects are preserved is unspecified.
  35. .P
  36. A failure to assign the new group identifications (for example, for
  37. security or password-related reasons) shall not prevent the new shell
  38. execution environment from being created.
  39. .P
  40. The
  41. .IR newgrp
  42. utility shall affect the supplemental groups for the process as
  43. follows:
  44. .IP " *" 4
  45. On systems where the effective group ID is normally in the
  46. supplementary group list (or whenever the old effective group ID
  47. actually is in the supplementary group list):
  48. .RS 4
  49. .IP -- 4
  50. If the new effective group ID is also in the supplementary group list,
  51. .IR newgrp
  52. shall change the effective group ID.
  53. .IP -- 4
  54. If the new effective group ID is not in the supplementary group list,
  55. .IR newgrp
  56. shall add the new effective group ID to the list, if there is room to
  57. add it.
  58. .RE
  59. .IP " *" 4
  60. On systems where the effective group ID is not normally in the
  61. supplementary group list (or whenever the old effective group ID is not
  62. in the supplementary group list):
  63. .RS 4
  64. .IP -- 4
  65. If the new effective group ID is in the supplementary group list,
  66. .IR newgrp
  67. shall delete it.
  68. .IP -- 4
  69. If the old effective group ID is not in the supplementary list,
  70. .IR newgrp
  71. shall add it if there is room.
  72. .RE
  73. .TP 10
  74. .BR Note:
  75. The System Interfaces volume of POSIX.1\(hy2017 does not specify whether the effective group ID of a process
  76. is included in its supplementary group list.
  77. .P
  78. .P
  79. With no operands,
  80. .IR newgrp
  81. shall change the effective group back to the groups identified in the
  82. user's user entry, and shall set the list of supplementary groups to
  83. that set in the user's group database entries.
  84. .P
  85. If the first argument is
  86. .BR '\-' ,
  87. the results are unspecified.
  88. .P
  89. If a password is required for the specified group, and the user is not
  90. listed as a member of that group in the group database, the user shall
  91. be prompted to enter the correct password for that group. If the user
  92. is listed as a member of that group, no password shall be requested.
  93. If no password is required for the specified group, it is
  94. implementation-defined whether users not listed as members of that
  95. group can change to that group. Whether or not a password is required,
  96. implementation-defined system accounting or security mechanisms may
  97. impose additional authorization restrictions that may cause
  98. .IR newgrp
  99. to write a diagnostic message and suppress the changing of the group
  100. identification.
  101. .SH OPTIONS
  102. The
  103. .IR newgrp
  104. utility shall conform to the Base Definitions volume of POSIX.1\(hy2017,
  105. .IR "Section 12.2" ", " "Utility Syntax Guidelines",
  106. except for the unspecified usage of
  107. .BR '\-' .
  108. .P
  109. The following option shall be supported:
  110. .IP "\fB\-l\fP" 10
  111. (The letter ell.) Change the environment to what would be expected if
  112. the user actually logged in again.
  113. .SH OPERANDS
  114. The following operand shall be supported:
  115. .IP "\fIgroup\fR" 10
  116. A group name from the group database or a non-negative numeric group
  117. ID. Specifies the group ID to which the real and effective group IDs
  118. shall be set. If
  119. .IR group
  120. is a non-negative numeric string and exists in the group database as a
  121. group name (see
  122. \fIgetgrnam\fR()),
  123. the numeric group ID associated with that group name shall be used as
  124. the group ID.
  125. .SH STDIN
  126. Not used.
  127. .SH "INPUT FILES"
  128. The file
  129. .BR /dev/tty
  130. shall be used to read a single line of text for password checking, when
  131. one is required.
  132. .SH "ENVIRONMENT VARIABLES"
  133. The following environment variables shall affect the execution of
  134. .IR newgrp :
  135. .IP "\fILANG\fP" 10
  136. Provide a default value for the internationalization variables that are
  137. unset or null. (See the Base Definitions volume of POSIX.1\(hy2017,
  138. .IR "Section 8.2" ", " "Internationalization Variables"
  139. for the precedence of internationalization variables used to determine
  140. the values of locale categories.)
  141. .IP "\fILC_ALL\fP" 10
  142. If set to a non-empty string value, override the values of all the
  143. other internationalization variables.
  144. .IP "\fILC_CTYPE\fP" 10
  145. Determine the locale for the interpretation of sequences of bytes of
  146. text data as characters (for example, single-byte as opposed to
  147. multi-byte characters in arguments).
  148. .IP "\fILC_MESSAGES\fP" 10
  149. .br
  150. Determine the locale that should be used to affect the format and
  151. contents of diagnostic messages written to standard error.
  152. .IP "\fINLSPATH\fP" 10
  153. Determine the location of message catalogs for the processing of
  154. .IR LC_MESSAGES .
  155. .SH "ASYNCHRONOUS EVENTS"
  156. Default.
  157. .SH STDOUT
  158. Not used.
  159. .SH STDERR
  160. The standard error shall be used for diagnostic messages and a prompt
  161. string for a password, if one is required. Diagnostic messages may be
  162. written in cases where the exit status is not available. See the EXIT
  163. STATUS section.
  164. .SH "OUTPUT FILES"
  165. None.
  166. .SH "EXTENDED DESCRIPTION"
  167. None.
  168. .SH "EXIT STATUS"
  169. If
  170. .IR newgrp
  171. succeeds in creating a new shell execution environment, whether or not
  172. the group identification was changed successfully, the exit status
  173. shall be the exit status of the shell. Otherwise, the following exit
  174. value shall be returned:
  175. .IP >0 6
  176. An error occurred.
  177. .SH "CONSEQUENCES OF ERRORS"
  178. The invoking shell may terminate.
  179. .LP
  180. .IR "The following sections are informative."
  181. .SH "APPLICATION USAGE"
  182. There is no convenient way to enter a password into the group
  183. database. Use of group passwords is not encouraged, because by their
  184. very nature they encourage poor security practices. Group passwords
  185. may disappear in the future.
  186. .P
  187. A common implementation of
  188. .IR newgrp
  189. is that the current shell uses
  190. .IR exec
  191. to overlay itself with
  192. .IR newgrp ,
  193. which in turn overlays itself with a new shell after changing group.
  194. On some implementations, however, this may not occur and
  195. .IR newgrp
  196. may be invoked as a subprocess.
  197. .P
  198. The
  199. .IR newgrp
  200. command is intended only for use from an interactive terminal. It does
  201. not offer a useful interface for the support of applications.
  202. .P
  203. The exit status of
  204. .IR newgrp
  205. is generally inapplicable. If
  206. .IR newgrp
  207. is used in a script, in most cases it successfully invokes a new shell
  208. and the rest of the original shell script is bypassed when the new
  209. shell exits. Used interactively,
  210. .IR newgrp
  211. displays diagnostic messages to indicate problems. But usage such as:
  212. .sp
  213. .RS 4
  214. .nf
  215. newgrp foo
  216. echo $?
  217. .fi
  218. .P
  219. .RE
  220. .P
  221. is not useful because the new shell might not have access to any status
  222. .IR newgrp
  223. may have generated (and most historical systems do not provide this
  224. status). A zero status echoed here does not necessarily indicate that
  225. the user has changed to the new group successfully. Following
  226. .IR newgrp
  227. with the
  228. .IR id
  229. command provides a portable means of determining whether the group
  230. change was successful or not.
  231. .SH EXAMPLES
  232. None.
  233. .SH RATIONALE
  234. Most historical implementations use one of the
  235. .IR exec
  236. functions to implement the behavior of
  237. .IR newgrp .
  238. Errors detected before the
  239. .IR exec
  240. leave the environment unchanged, while errors detected after the
  241. .IR exec
  242. leave the user in a changed environment. While it would be useful to
  243. have
  244. .IR newgrp
  245. issue a diagnostic message to tell the user that the environment
  246. changed, it would be inappropriate to require this change to some
  247. historical implementations.
  248. .P
  249. The password mechanism is allowed in the group database, but how this
  250. would be implemented is not specified.
  251. .P
  252. The
  253. .IR newgrp
  254. utility was retained in this volume of POSIX.1\(hy2017, even given the existence of the multiple
  255. group permissions feature in the System Interfaces volume of POSIX.1\(hy2017, for several reasons. First, in
  256. some implementations, the group ownership of a newly created file is
  257. determined by the group of the directory in which the file is created,
  258. as allowed by the System Interfaces volume of POSIX.1\(hy2017; on other implementations, the group ownership
  259. of a newly created file is determined by the effective group ID. On
  260. implementations of the latter type,
  261. .IR newgrp
  262. allows files to be created with a specific group ownership. Finally,
  263. many implementations use the real group ID in accounting, and on such
  264. systems,
  265. .IR newgrp
  266. allows the accounting identity of the user to be changed.
  267. .SH "FUTURE DIRECTIONS"
  268. None.
  269. .SH "SEE ALSO"
  270. .IR "Chapter 2" ", " "Shell Command Language",
  271. .IR "\fIsh\fR\^"
  272. .P
  273. The Base Definitions volume of POSIX.1\(hy2017,
  274. .IR "Chapter 8" ", " "Environment Variables",
  275. .IR "Section 12.2" ", " "Utility Syntax Guidelines"
  276. .P
  277. The System Interfaces volume of POSIX.1\(hy2017,
  278. .IR "\fIexec\fR\^",
  279. .IR "\fIgetgrnam\fR\^(\|)"
  280. .\"
  281. .SH COPYRIGHT
  282. Portions of this text are reprinted and reproduced in electronic form
  283. from IEEE Std 1003.1-2017, Standard for Information Technology
  284. -- Portable Operating System Interface (POSIX), The Open Group Base
  285. Specifications Issue 7, 2018 Edition,
  286. Copyright (C) 2018 by the Institute of
  287. Electrical and Electronics Engineers, Inc and The Open Group.
  288. In the event of any discrepancy between this version and the original IEEE and
  289. The Open Group Standard, the original IEEE and The Open Group Standard
  290. is the referee document. The original Standard can be obtained online at
  291. http://www.opengroup.org/unix/online.html .
  292. .PP
  293. Any typographical or formatting errors that appear
  294. in this page are most likely
  295. to have been introduced during the conversion of the source files to
  296. man page format. To report such errors, see
  297. https://www.kernel.org/doc/man-pages/reporting_bugs.html .