Understanding Group Ownership

When working with group ownership, you should be aware of the way Linux handles group ownership. By default, the primary group of the user who creates a new file will become the group owner of that file. If, however, the user is a member of more than one group, you can manipulate this default setting. When a user uses the newgrp command, the user can change the primary group setting on a temporary basis. The following steps show what happens:

1. Log in as some normal user on your computer. Then from a console window, use the groups command to get an overview of all the groups of which you are currently a member. As root you can also use it on another user to see what groups that user is a member of (see Listing 6-1). The primary group is listed first in this overview. If you haven't modified anything for this user, it will be set to the group users.

Listing 6-1. The groups Command

BOS~ # groups linda linda : users dialout video

2. Now from the console window, issue the touch newfile command. This will create a new file with the name newfile. Use ls -l newfile to display the ownership information for this file. You will see that users is set as the owner of the file.

3. Next, use su to become root. Then use groupadd to create a new group; for example, use groupadd -g 101 sales to create a group with the name sales and a group ID of 101. Next, as root, use usermod -g 101 linda to set root's group as the primary group for user linda. After changing this group information, execute exit to close the su session and become the regular user account again.

4. As the regular user, use groups again to get an overview of all the groups of which you are currently a member. The new group should be listed now.

5. As the regular user, use newgrp sales. This will set the primary group to your new group on a temporary basis. You can use the groups command to check this; the new group should be listed first now. You will also see that if you create a new file (use touch somenewfile), the new group will be the group owner of the new file.

In the previous procedure, you saw one method you can use to set a group that you are member of as the primary group on a temporary basis. You can also use group passwords, which allow you to set the group to your temporary primary group, even if you are not a member of that group. If a user is not listed as a member of a group but tries to use the newgrp command anyway to set its primary group, the user will be prompted for the group password. By default, groups don't have a password, but you can use the passwd -g command to set a password for a group.

Was this article helpful?

0 0

Post a comment