Date: Tue, 9 Mar 2004 14:44:05 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Ruben de Groot <mail25@bzerk.org>, Marty Landman <MLandman@face2interface.com>, Dan Nelson <dnelson@allantgroup.com>, Alex de Kruijff <freebsd@akruijff.dds.nl>, freebsd-questions@freebsd.org Subject: Re: Why can't I write this file? Message-ID: <20040309144405.GD16123@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <20040309142907.GA37091@ei.bzerk.org> References: <20040308212749.GC894@alex.lan> <20040308214225.GA95503@dan.emsphone.com> <6.0.0.22.0.20040308165050.104aea98@pop.face2interface.com> <20040309141025.GB16123@happy-idiot-talk.infracaninophile.co.uk> <20040309142907.GA37091@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--BRE3mIcgqKzpedwo
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Mar 09, 2004 at 03:29:07PM +0100, Ruben de Groot wrote:
> On Tue, Mar 09, 2004 at 02:10:25PM +0000, Matthew Seaman typed:
> >=20
> > Yes, quite. Your login credentials are established when you login to
> > the system and only then -- that's when the limits of what you're
> > authorized to do are set, which includes amongst other things which
> > groups you're a member of. So you have to log out and back in again
> > to pick up any changes to /etc/master.passwd or /etc/group.
>=20
> Actually, when there's a change in /etc/group, you can use=20
> "newgrp <groupname>" to add the new group to your credentials without
> logging in again. It's not exactly the same, but it does the work.
Not on BSD-ish Unices you can't:
% which newgrp
newgrp: Command not found.
That's a SysV-ism, and dates back to the days when SysV group handling
used very different semantics to the BSD style that almost every *nix
uses nowadays. On the early SysV systems your login session would
have one and only one group active at a time: any files you created
would have that group membership, irrespective of the group ownership
of the directory, and your access to files was tested by matching just
that group to the group ownership of the file, rather than comparing
to all groups you are a member of. If you wanted to change to a new
group, you had to use the newgrp command -- and in some cases, that
would require your giving the group password. If you ever wondered
why the /etc/group file has an encrypted password field that is almost
never used, this is where it comes from.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--BRE3mIcgqKzpedwo
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFATdg1dtESqEQa7a0RAlk7AJ0VmszXu1sukRJE5RySSlB39dgQ/ACeJRAZ
rTSiDDfO2/m47hEO6PdFHaA=
=pJ+g
-----END PGP SIGNATURE-----
--BRE3mIcgqKzpedwo--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040309144405.GD16123>