Equivalent of linux command `newgrp`?

DouglasDD

Registered
What is the BSD equivalent of the Linux command <tt>newgrp</tt>?

`id` shows that my account belongs to several groups (staff, admin, wheel).

'staff' is the currently "active" one. That is, if I create a file it's group is 'staff'. But I would like to change the currently "active" group to something else (admin, etc.)

RedHat 7.0 Linux that I use @work has `newgrp`, but I cant seem to find a similar command in Mac OS X 10.0 / Darwin 1.3

Many thanks in advance,
D.
 
commands like adduser and newgrp are usually scripts which edit files in /etc/ and do other cleanup work.

There has been various adduser scripts floating about but I haven't seen a newgrp one yet, you can write one which uses niutil and related commands.
 
since in BSD, a process is member of all groups it belongs to; a distinction of primary vs. secondary groups does not exist. Therefore, there is no need to create a new shell running under a different group.

The result of this is that a process has access to all resources belonging to the groups it has an access to (horrible English :)

e. g.
$ id
uid=1001(lada) gid=0(wheel) groups=0(wheel), 5(operator), 100(mds)

can e.g. read all files readable to uid lada, gids wheel, operator, and mds, as well as all files readable to others. There is no primary group; the vestigial meaning of the term "primary group" stems from the fact that /etc/passwd format has room for only one gid.

The file created under BSD does not get the gid of the running process; it inherits the gid of the directory where it was created. So, all files created by the above user lada in the directory

drwxrwxrwx root staff ..... Directory

would be created with gid staff, even though lada does not belong to staff.
 
The 4th field in /etc/passwd is your primary group

To extend the groups you belong too edit

/etc/group - the content of which is fairly clear.


This is of course if you want to go down the standard UNIX route, I''l have to look into this to see if it takes effect under MacOSX. It may well be that NetInfo overides all this.

newgrp - in the old days was used as a cludge to get around the maximum number of groups you could belong too which was 16.

 
Just got going with NetInfo, detailed specs are not easy to find at the start, so my understanding of it is limited.

I can see what NetInfo is doing, too some extent, but more questions come out of any digging around than get resolved.

For instance has anybody got MacOSX going in a NIS environment with automounter properly configured to mount NFS exported volumes from NFS servers.

How do you get around authenticating against a NIS server and getting YP services properly integrated and disable NetInfo authentication, or can NetInfo exist concomitantly.

Can macOSX exist without NetInfo, and use standard UNIX authentication, etc.

I ask merely for information.

 
I took the time to play and get NFS mounts working under OSX, it took a bit.. but it works well.

I couldn't however get the -fstab option to automountd to work appropriatly, however.. You don't need to.

creat a file, say /etc/nfs.mounts, inside it place things like so:

/home rw myserver:/export/home
/home0 rw myserver:/export/home0

Then you change the Aumountd startup script so it uses this "map file" to get the dirs to mount from.

I gave up on the -fstab option, but I figure it's probably trying to locate this info in the NetInfo DB's instead of /etc/fstab like it "should".

I have yet to try NIS, since I don't have a NIS server it's effort I'm not interested in spending just yet. But NFS works well.

If anyone's keen to know more about this, I'll happily email a run down for you.

Cheers, andrew

 
Originally posted by Toadstool
Can macOSX exist without NetInfo, and use standard UNIX authentication, etc.

I ask merely for information.


This should be possible.
Don't have a MAC at hand right now, but OS X uses a program called lookupd (there is a man page for it) for locating all this information. It's a bit like nss on Solaris and Linux. You can determine where for example passwords come from (/etc/passwd, NetInfo, NIS, LDAP). So if you set up lookupd correctly you should be able to use /etc/passwd and /etc/group instead of NetInfo. Of course you probably won't be able to use UserManager.app...
 
The file created under BSD does not get the gid of the running process; it inherits the gid of the directory where it was created. So, all files created by the above user lada in the directory

drwxrwxrwx root staff ..... Directory

would be created with gid staff, even though lada does not belong to staff.

This unfortunately is not true over NFS. We have a problem where the university LDAP by default gives every user the same GID. Unfortunately we don't have access to change these groups on the LDAP. On our linux and sgi systems we newgrp the users to their primary group that comes from NIS if we detect that they have logged in with their LDAP GID.

There is no newgrp in OSX and files created in directories that the user has write permission to are written with the primary group and *not* with the GID permission of the directory in which the file lives as the previous user tried to explain.

Another solution would have been to use a local open directory service but in LDAP you can only get one ou (organizational unit) from one source. That is you can only get the equivalent of the /etc/passwd information from one LDAP source. There is no way to override the information from the /etc/passwd coming form one LDAP source with the local open directory server.

This is really problematic for us and we have no (easy) solution.
 
Back
Top