Provided by: manpages-posix_2013a-2_all 
PROLOG
This manual page is part of the POSIX Programmer's Manual. The Linux implementation of
this interface may differ (consult the corresponding Linux manual page for details of
Linux behavior), or the interface may not be implemented on Linux.
NAME
newgrp — change to a new group
SYNOPSIS
newgrp [−l] [group]
DESCRIPTION
The newgrp utility shall create a new shell execution environment with a new real and
effective group identification. Of the attributes listed in Section 2.12, Shell Execution
Environment, the new shell execution environment shall retain the working directory, file
creation mask, and exported variables from the previous environment (that is, open files,
traps, unexported variables, alias definitions, shell functions, and set options may be
lost). All other aspects of the process environment that are preserved by the exec family
of functions defined in the System Interfaces volume of POSIX.1‐2008 shall also be
preserved by newgrp; whether other aspects are preserved is unspecified.
A failure to assign the new group identifications (for example, for security or password-
related reasons) shall not prevent the new shell execution environment from being created.
The newgrp utility shall affect the supplemental groups for the process as follows:
* On systems where the effective group ID is normally in the supplementary group list
(or whenever the old effective group ID actually is in the supplementary group list):
-- If the new effective group ID is also in the supplementary group list, newgrp
shall change the effective group ID.
-- If the new effective group ID is not in the supplementary group list, newgrp shall
add the new effective group ID to the list, if there is room to add it.
* On systems where the effective group ID is not normally in the supplementary group
list (or whenever the old effective group ID is not in the supplementary group list):
-- If the new effective group ID is in the supplementary group list, newgrp shall
delete it.
-- If the old effective group ID is not in the supplementary list, newgrp shall add
it if there is room.
Note: The System Interfaces volume of POSIX.1‐2008 does not specify whether the
effective group ID of a process is included in its supplementary group list.
With no operands, newgrp shall change the effective group back to the groups identified in
the user's user entry, and shall set the list of supplementary groups to that set in the
user's group database entries.
If the first argument is '−', the results are unspecified.
If a password is required for the specified group, and the user is not listed as a member
of that group in the group database, the user shall be prompted to enter the correct
password for that group. If the user is listed as a member of that group, no password
shall be requested. If no password is required for the specified group, it is
implementation-defined whether users not listed as members of that group can change to
that group. Whether or not a password is required, implementation-defined system
accounting or security mechanisms may impose additional authorization restrictions that
may cause newgrp to write a diagnostic message and suppress the changing of the group
identification.
OPTIONS
The newgrp utility shall conform to the Base Definitions volume of POSIX.1‐2008, Section
12.2, Utility Syntax Guidelines, except for the unspecified usage of '−'.
The following option shall be supported:
−l (The letter ell.) Change the environment to what would be expected if the user
actually logged in again.
OPERANDS
The following operand shall be supported:
group A group name from the group database or a non-negative numeric group ID.
Specifies the group ID to which the real and effective group IDs shall be set.
If group is a non-negative numeric string and exists in the group database as a
group name (see getgrnam()), the numeric group ID associated with that group
name shall be used as the group ID.
STDIN
Not used.
INPUT FILES
The file /dev/tty shall be used to read a single line of text for password checking, when
one is required.
ENVIRONMENT VARIABLES
The following environment variables shall affect the execution of newgrp:
LANG Provide a default value for the internationalization variables that are unset or
null. (See the Base Definitions volume of POSIX.1‐2008, Section 8.2,
Internationalization Variables for the precedence of internationalization
variables used to determine the values of locale categories.)
LC_ALL If set to a non-empty string value, override the values of all the other
internationalization variables.
LC_CTYPE Determine the locale for the interpretation of sequences of bytes of text data
as characters (for example, single-byte as opposed to multi-byte characters in
arguments).
LC_MESSAGES
Determine the locale that should be used to affect the format and contents of
diagnostic messages written to standard error.
NLSPATH Determine the location of message catalogs for the processing of LC_MESSAGES.
ASYNCHRONOUS EVENTS
Default.
STDOUT
Not used.
STDERR
The standard error shall be used for diagnostic messages and a prompt string for a
password, if one is required. Diagnostic messages may be written in cases where the exit
status is not available. See the EXIT STATUS section.
OUTPUT FILES
None.
EXTENDED DESCRIPTION
None.
EXIT STATUS
If newgrp succeeds in creating a new shell execution environment, whether or not the group
identification was changed successfully, the exit status shall be the exit status of the
shell. Otherwise, the following exit value shall be returned:
>0 An error occurred.
CONSEQUENCES OF ERRORS
The invoking shell may terminate.
The following sections are informative.
APPLICATION USAGE
There is no convenient way to enter a password into the group database. Use of group
passwords is not encouraged, because by their very nature they encourage poor security
practices. Group passwords may disappear in the future.
A common implementation of newgrp is that the current shell uses exec to overlay itself
with newgrp, which in turn overlays itself with a new shell after changing group. On some
implementations, however, this may not occur and newgrp may be invoked as a subprocess.
The newgrp command is intended only for use from an interactive terminal. It does not
offer a useful interface for the support of applications.
The exit status of newgrp is generally inapplicable. If newgrp is used in a script, in
most cases it successfully invokes a new shell and the rest of the original shell script
is bypassed when the new shell exits. Used interactively, newgrp displays diagnostic
messages to indicate problems. But usage such as:
newgrp foo
echo $?
is not useful because the new shell might not have access to any status newgrp may have
generated (and most historical systems do not provide this status). A zero status echoed
here does not necessarily indicate that the user has changed to the new group
successfully. Following newgrp with the id command provides a portable means of
determining whether the group change was successful or not.
EXAMPLES
None.
RATIONALE
Most historical implementations use one of the exec functions to implement the behavior of
newgrp. Errors detected before the exec leave the environment unchanged, while errors
detected after the exec leave the user in a changed environment. While it would be useful
to have newgrp issue a diagnostic message to tell the user that the environment changed,
it would be inappropriate to require this change to some historical implementations.
The password mechanism is allowed in the group database, but how this would be implemented
is not specified.
The newgrp utility was retained in this volume of POSIX.1‐2008, even given the existence
of the multiple group permissions feature in the System Interfaces volume of POSIX.1‐2008,
for several reasons. First, in some implementations, the group ownership of a newly
created file is determined by the group of the directory in which the file is created, as
allowed by the System Interfaces volume of POSIX.1‐2008; on other implementations, the
group ownership of a newly created file is determined by the effective group ID. On
implementations of the latter type, newgrp allows files to be created with a specific
group ownership. Finally, many implementations use the real group ID in accounting, and on
such systems, newgrp allows the accounting identity of the user to be changed.
FUTURE DIRECTIONS
None.
SEE ALSO
Chapter 2, Shell Command Language, sh
The Base Definitions volume of POSIX.1‐2008, Chapter 8, Environment Variables, Section
12.2, Utility Syntax Guidelines
The System Interfaces volume of POSIX.1‐2008, exec, getgrnam()
COPYRIGHT
Portions of this text are reprinted and reproduced in electronic form from IEEE Std
1003.1, 2013 Edition, Standard for Information Technology -- Portable Operating System
Interface (POSIX), The Open Group Base Specifications Issue 7, Copyright (C) 2013 by the
Institute of Electrical and Electronics Engineers, Inc and The Open Group. (This is
POSIX.1-2008 with the 2013 Technical Corrigendum 1 applied.) In the event of any
discrepancy between this version and the original IEEE and The Open Group Standard, the
original IEEE and The Open Group Standard is the referee document. The original Standard
can be obtained online at http://www.unix.org/online.html .
Any typographical or formatting errors that appear in this page are most likely to have
been introduced during the conversion of the source files to man page format. To report
such errors, see https://www.kernel.org/doc/man-pages/reporting_bugs.html .