How To View (primary) Group Members ?

Dear Linux Gurus, how to view all group members?

my code snippet is like below:

groupadd yy
useradd -g yy u1
useradd -g yy u2
useradd -g yy u3

useradd -G yy u4


when i wanted to view the group members of group 'yy' in /etc/group, it only shows secondary group member i.e only u4. what is the problem? Why not showing other group members-u1,u2,u3?

I also used commands getent and groupmems, but they are showing only secondary group members i.e only u4 not others.

But when I used 'system-config-users', in group page, it shows all the users.

My doubt is how to view all the users belonging to group yy in terminal. which command to use?

Thanks in advance.
sorry for the grammatical mistakes.


Similar Content



Best Way To Manage Users And Accounts Etc

hi guys,

busy doing a small project with a centos7 server and virtualbox.
currently i have a login to the physical server called sninja

i have three partitions created for each of my virtual machines
sninja owns the directories for each vm...and root is the primary group...now lets say i wanted to have other users perform functions on my vm's ..ssh in,rsync data into the vm etc...

whats the best way to address security and user accounts etc?

what i was thinking:

create a group called Myusers1,then assign the users to that group and then make the group the primary group of the accessed directories etc

is this the right way to go about it? any ideas or help really appreciated...

Groups Question

So, I have created a group and added myself to it.

When I open /etc/group I can see the group and it shows that I am a member, but when I run $ groups - it doesn't show the new group in the list. What could be the issue?

Normal Linux User Recursively Write Access To Apache Document Root

I tried adding two users in apache group and given 775 permission to Document root but user is not able to write into files in DocumentRoot

Tried adding user and DocumentRoot Folder in sudo file but not able to do it recursively

please help


Thanks for reply,
I have already given chmod 775 -R DocumentRoot - for recursively writting permission
You have told to add user in www-data group and chmod 775 -R to DocumentRoot
usermod -a -G www-data <user1>

How can users in www-data can able to write in DocumentRoot which has apache:apache owner and group
please clarify...

Done below steps to solve this:
1) I have created a new group webdata and added required users in this group
2) set sticky bit to document root with below command
setfacl -m g:webdata:rwx -R /path/to/documentroot/
this command will set rwx permission to DocumentRoot so that members in webdata can have full access but still DocumentRoot user and group will be apache

Pros And Cons Of SUDO Vs Wheel

So right now in some of my servers, some of my users are in the Wheel group and then I have some users who fall under /etc/sudoers. Don't have any consistency, however I want to change that.

I know that wheel group is legacy.

SUDO gives an audit trail I believe under /var/log/secure.

I'm wondering what others have experienced and setup which worked better in the long run, place users either in wheel group or in SUDO?

Problem With Chgrp In Bash

Code:
alice@alice:~$ grep 1003 /etc/group
alice:x:1003:
alice@alice:~$ grep 1003 /etc/passwd
alice:x:1003:1003:Alice,,,:/home/alice:/bin/bash

So there's nobody in alice's group except alice (for whatever that's worth)

Code:
alice@alice:~$ ls -ld dollstuff
drwxrwxr-x 2 alice alice 4096 Jan 28 10:55 dollstuff

alice clearly owns and has full access to the directory "dollstuff" which resides in her home directory

Code:
alice@alice:~$ grep 1005 /etc/group
common:x:1005:alice,dilbert,wally

there's another group of which alice is a member, and alice wants to share her directory with the other members of the group

Code:
alice@alice:~$ chgrp common dollstuff
chgrp: changing group of ‘dollstuff’: Operation not permitted

Why not? dilbert and wally do this very same thing on their machines on a regular basis. All are running fully updated Ubuntu 14.04.

"chown ladybug:common dollstuff" is also disallowed, although "rm -r dollstuff" does work.

Assign Group Permission To Newly Created Files

Directory /media/data/torrents/ has permissions 775, user yzt, group transmission

yzt and debian-transmission are members of the group transmission.

transmission-daemon is run by debian-transmission, and the new files it downloads have permissions 644, owner debian-transmission, group transmission. This is a problem, because I can't later move the files as my user, yzt, and need to be switching to root to change the permissions/ownership to be able to do so.

Using sticky bit I could copy it to anywhere else, but I'm interested on actually moving the file, not just copying it. I could run transmission-daemon as yzt and problem solved, but I rather have that internet facing service running by a limited user, just in case some vulnerability is found on Transmission.

So my question is, how can I set that every new file created under /media/data/torrents/ has permissions 775 like its parent directory?

Webmin Group Through Command Line

hello all,
i am using linux Centos 6. i am not familiar with webmin.. and dont want to create 'webmin group' manually.
So.., is it possible to create 'webmin group' automatically... i.e from the command line?? what are the commands for that?

Thanks..

Chgrp Not Changing A File?

Hello,

OS: CentOS 6.3

Background:
I'm trying to set up a situation where my FTP account is in a group where my phpbb forums were created. This will allow me to upload changes as I customize my forums (ie: .css files). However, right now, my problem is that I'm running into invalid permissions and the only way to move the files is to upload the file to a directory my FTP account has access too and then sudo cp the file over. Upon closer inspection of my files, it appears the groups the files have been made under are not the correct group.

Problem:
I am trying to use chgrp on a specific file to change the group owner to the group my FTP account is a member of but it does not seem to be working. Here is a snippet of what I'm doing:

Code:
zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ sudo chgrp apache colours.css -v
group of `colours.css' retained as apache
zzz@aaaa:/var/www/html/yyy/forums/styles/GlossyBlack/theme]$ ls
total 164
drwxr-xr-x 3 5645316 apache  4096 Mar 27 15:11 .
drwxr-xr-x 6 5645316 apache  4096 Nov 18  2012 ..
-rw-r--r-- 1  root     apache 23480 Mar 27 19:05 colours.css

I'm not sure why it still says root so I suspect I am doing something incorrect. When looking around, at first it seemed chgrp could change group owner on files but as I dug more, it seemed it can also change groups themselves. So I'm a little confused and require some clarity of experts.

I hope changing the group owner of this file will give access to my FTP account so I can apply this change to all needed locations.

Thanks.

Goal: Set Up A Private Discussion Group Using Internet/gmail To Contact Family Member

I'm a nubie, please excuse my ignorance, (not my stupidity) and my omissions at researching possible resources for I'm confused by the descriptions of the multiple applications.

Using ubuntu 14.04 dist with apache2 installation; not sure how to go about creating a discussion group that would (more or less) be unavailable to the casual hacker: e.g. security but not extreme.
Trying to try and sell the idea to media/computer savy young adults.
Simple idea is to have issues, and discussion threads to initiate/respond to various different issues. Possibly links to related issues/responses.
I've been looking at mutt write-up trying to figure out if it will help me achieve my goal. (Goal: Set up a private discussion group using internet/gmail to contact family members).


What else?

Can we use iphone dictation/text conversion in responding to issues. e.g message mailed to email that appears as a response to a discussion issue.

Using lenovo desktop as server/main PC.
Any report of existing similar system(s) in part or whole is sincerely appreciated.
Thanks
punkfeetpete

Setfacl Help

I can't believe I wrote a looong message and it logged me out when I tried to submit it.

So anyway, in short lines:

- I have a network of sites where all sites share same "images" folder
- I have created /home/_images/entities and symlinked it from all websites
- It works great with Apache, when I open /images/ on any of the sites I get list of images and can view them

The problem is suPHP which changes process ID of the PHP script to the file owner ID, so when I load site1.com, all scripts are executed as user1 (and files/folders created with those scripts belong to user1:user1). When I load site2.com, all scripts are executed as user2 (and files/folders created with those scripts belong to user2:user2). All these users do NOT belong to the same group, and I wouldn't like to change that as it is cPanel/WHM server so I'm afraid I'll screw something up if I change (primary?) group of all users.

Therefore I need to set it up in such way that all newly created folders and files under /home/_images/entities (owned by root) have read/write permissions for everyone.

Here's the command I used:

Code:
setfacl -Rdm o::rwx /home/_images/entities

To check it:
Code:
root@server1 [~]# getfacl /home/_images/entities/
getfacl: Removing leading '/' from absolute path names
# file: home/_images/entities/
# owner: root
# group: root
user::rwx
group::rwx
other::rwx
default:user::rwx
default:group::rwx
default:other::rwx

This looks fine, however when I try upload an image via site1.com it looks like this:

Code:
root@server1 [/home/_images/entities]# ls -l
total 24
drwxrwxrwx+ 5 root    root    4096 Jan 14 06:25 ./
drwxrwxrwx  5 root    root    4096 Jan 12 13:08 ../
drwxrwxr-x+ 3 user1   user1   4096 Jan 14 06:25 1/

And in folder "1" is the image (and thumbs folder):

Code:
root@server1 [/home/_images/entities/1]# ls -l
total 236
drwxrwxr-x+ 3 user1   user1     4096 Jan 14 06:25 ./
drwxrwxrwx+ 5 root    root      4096 Jan 14 06:25 ../
-rw-rw-rw-  1 user1   user1   225569 Jan 14 06:25 689048f221ab7c556f4d482a9d92b2d6.jpg
drwxrwxr-x+ 2 user1   user1   4096 Jan 14 06:25 thumbs/

My questions:

1) Why newly created folders do not have "write" permissions for everyone else [not user and/or group]? If I upload first image from site1.com, then I can't upload other images from any other site, while all sites can display them.

2) What is the + at the end of permissions list? (drwxrwxr-x+)

3) Why newly created files have only "rw" permissions for user, group AND everyone else, and not execute permissions? I don't actually need execute flag set here, but from my command you can see I've set "o::rwx" so it should be there (or not?)

Actually the real problem is #1 - other users can't write to this folder so users can't upload images from other sites nor other sites can create (missing) thumbnails.