1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
<table class="head">
<tr>
<td class="head-ltitle">GROUP(5)</td>
<td class="head-vol">File Formats Manual</td>
<td class="head-rtitle">GROUP(5)</td>
</tr>
</table>
<div class="manual-text">
<section class="Sh">
<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1>
<p class="Pp"><code class="Nm">group</code> — <span class="Nd">format of
the group permissions file</span></p>
</section>
<section class="Sh">
<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1>
<p class="Pp">The <code class="Nm">group</code> file is the local source of
group information. It can be used in conjunction with the Hesiod domain
`group', and the NIS maps `group.byname' and `group.bygid', as controlled by
<a class="Xr">nsswitch.conf(5)</a>.</p>
<p class="Pp">The file <code class="Nm">group</code> consists of newline
separated ASCII records, one per group, containing four colon
‘<code class="Li">:</code>’ separated fields. These fields are
as follows:</p>
<div class="Bd-indent">
<dl class="Bl-tag Bl-compact">
<dt>group</dt>
<dd>Name of the group.</dd>
<dt>passwd</dt>
<dd>Group's <i class="Em">encrypted</i> password.</dd>
<dt>gid</dt>
<dd>The group's decimal ID.</dd>
<dt>member</dt>
<dd>Group members.</dd>
</dl>
</div>
<p class="Pp">Lines whose first non-whitespace character is a pound-sign (#) are
comments, and are ignored. Blank lines that consist only of spaces, tabs or
newlines are also ignored.</p>
<p class="Pp">The <var class="Ar">group</var> field is the group name used for
granting file access to users who are members of the group. The
<var class="Ar">gid</var> field is the number associated with the group
name. They should both be unique across the system (and often across a group
of systems) since they control file access. The <var class="Ar">passwd</var>
field is an optional <i class="Em">encrypted</i> password. This field is
rarely used and an asterisk is normally placed in it rather than leaving it
blank. The <var class="Ar">member</var> field contains the names of users
granted the privileges of <var class="Ar">group</var>. The member names are
separated by commas without spaces or newlines. A user is automatically in a
group if that group was specified in their
<span class="Pa">/etc/passwd</span> entry and does not need to be added to
that group in the <code class="Nm">group</code> file.</p>
</section>
<section class="Sh">
<h1 class="Sh" id="IMPLEMENTATION_NOTES"><a class="permalink" href="#IMPLEMENTATION_NOTES">IMPLEMENTATION
NOTES</a></h1>
<p class="Pp">The <a class="Xr">passwd(1)</a> command does not change the
<code class="Nm">group</code> passwords. The <a class="Xr">pw(8)</a>
utility's <code class="Cm">groupmod</code> command should be used
instead.</p>
</section>
<section class="Sh">
<h1 class="Sh" id="LIMITS"><a class="permalink" href="#LIMITS">LIMITS</a></h1>
<p class="Pp">There are various limitations which are explained in the function
where they occur; see section <a class="Sx" href="#SEE_ALSO">SEE
ALSO</a>.</p>
<p class="Pp">In older implementations, a group cannot have more than 200
members. The maximum line length of <span class="Pa">/etc/group</span> is
1024 characters. Longer lines will be skipped. This limitation disappeared
in <span class="Ux">FreeBSD 3.0</span>. Older binaries that are statically
linked, depend on old shared libraries, or
<span class="No">non-</span><span class="Ux">FreeBSD</span> binaries in
compatibility mode may still have this limit.</p>
</section>
<section class="Sh">
<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1>
<dl class="Bl-tag Bl-compact">
<dt><span class="Pa">/etc/group</span></dt>
<dd style="width: auto;"> </dd>
</dl>
</section>
<section class="Sh">
<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE
ALSO</a></h1>
<p class="Pp"><a class="Xr">newgrp(1)</a>, <a class="Xr">passwd(1)</a>,
<a class="Xr">setcred(2)</a>, <a class="Xr">setgroups(2)</a>,
<a class="Xr">crypt(3)</a>, <a class="Xr">getgrent(3)</a>,
<a class="Xr">initgroups(3)</a>, <a class="Xr">nsswitch.conf(5)</a>,
<a class="Xr">passwd(5)</a>, <a class="Xr">chkgrp(8)</a>,
<a class="Xr">pw(8)</a>, <a class="Xr">yp(8)</a></p>
</section>
<section class="Sh">
<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1>
<p class="Pp">A <code class="Nm">group</code> file format appeared in
<span class="Ux">Version 6 AT&T UNIX</span>. Support for comments
first appeared in <span class="Ux">FreeBSD 3.0</span>.</p>
</section>
</div>
<table class="foot">
<tr>
<td class="foot-date">August 29, 2025</td>
<td class="foot-os">FreeBSD 15.0</td>
</tr>
</table>
|
