GROUP ADMINISTRATION
Few Restrictions on the Group Name:
1. Group names cannot start with the below signs:
· Dash or minus sign (-).
· Plus sign (+)
· At symbol (@)
· Tilde (~)
2. Groups cannot be named ALL or default, as these names are reserved for the AIX OS.
3. Group names cannot include :
3. Group names cannot include :
· Colon (:)
· Quotation marks—single or double (' or ")
· Pound or hash sign (#)
· Comma (,)
· Equal sign (=)
· Slashes—back or forward (\ or /)
· Question mark (?)
· Back quote or tick (`)
· White space (space or tab)
· New-line characters
- Group names can have max. 8 characters in AIX V 5.2 or earlier. Starting with AIX 5.3, you can have a
max. of 255 characters.
Now let us look at the configuration files for groups.
/etc/group :
This file contains the basic group configuration details in the following format.
Group Name : Password Flag : GID : User(s)
where
Password Flag - This field is not used in AIX.
GID - Group ID is the unique identification number for every group. 0 is the gid for system group.
User(s) - List of users belonging to the group
/etc/security/group :
This file contains the extended attribtues for the groups.
Here are the parameters used in this file.
adms - List of users with admin rights to ths group
admin - If set to true, this group will have administrative rights.
There are 4 main commands used in the administration of group :
mkgroup - Add a group
chgroup - Change an attribtue of a group
lsgroup - List the attribtues of a group
rmgroup - Remove a group
These words can also be used as fastpaths for smitty.
For example, # smitty mkgroup will open a form to create a group.
For doing the whole group administration, you can use
# smitty group and go thru the menu items for various operations.
Now let us see the commands to administrate groups ...
1. To create a group called dba :
# mkgroup dba
2. To create a admin group called admin1 :
# mkgroup -a admin1
3. To create dba group and add jack as the admin :
# mkgroup adms=jack dba
4. To change the members of dba group, you can use any of the below commands :
# chgroup users=jack,tom,michelle dba
# chgrpmem dba
# chgrpmem -m + raja dba
5. To remove the membership of a user from the dba group :
# chgrpmem -m - jack dba
6. To add a user as admin for the dba group :
# chgrpmem -a + raja dba
7. To remove the group administrator :
# chgrpmem -a - raja dba
8. To list the attributes of a group :
# lsgroup dba
9. To remove a group from the system :
# rmgroup test
No comments:
Post a Comment