xenial (1) newgrp.1posix.gz

Provided by: manpages-posix_2013a-1_all bug

PROLOG

       This  manual  page  is part of the POSIX Programmer's Manual.  The Linux implementation of this interface
       may differ (consult the corresponding Linux manual page for details of Linux behavior), or the  interface
       may not be implemented on Linux.

NAME

       newgrp — change to a new group

SYNOPSIS

       newgrp [−l] [group]

DESCRIPTION

       The  newgrp  utility  shall  create a new shell execution environment with a new real and effective group
       identification. Of the attributes listed in Section 2.12, Shell  Execution  Environment,  the  new  shell
       execution environment shall retain the working directory, file creation mask, and exported variables from
       the previous environment (that is, open files, traps,  unexported  variables,  alias  definitions,  shell
       functions,  and set options may be lost). All other aspects of the process environment that are preserved
       by the exec family of functions defined in the System Interfaces volume of  POSIX.1‐2008  shall  also  be
       preserved by newgrp; whether other aspects are preserved is unspecified.

       A failure to assign the new group identifications (for example, for security or password-related reasons)
       shall not prevent the new shell execution environment from being created.

       The newgrp utility shall affect the supplemental groups for the process as follows:

        *  On systems where the effective group ID is normally in the supplementary group list (or whenever  the
           old effective group ID actually is in the supplementary group list):

           --  If  the  new  effective group ID is also in the supplementary group list, newgrp shall change the
               effective group ID.

           --  If the new effective group ID is not in the supplementary group list, newgrp shall  add  the  new
               effective group ID to the list, if there is room to add it.

        *  On  systems where the effective group ID is not normally in the supplementary group list (or whenever
           the old effective group ID is not in the supplementary group list):

           --  If the new effective group ID is in the supplementary group list, newgrp shall delete it.

           --  If the old effective group ID is not in the supplementary list, newgrp shall add it if  there  is
               room.

       Note:     The System Interfaces volume of POSIX.1‐2008 does not specify whether the effective group ID of
                 a process is included in its supplementary group list.

       With no operands, newgrp shall change the effective group back to the groups  identified  in  the  user's
       user  entry,  and  shall  set  the  list of supplementary groups to that set in the user's group database
       entries.

       If the first argument is '−', the results are unspecified.

       If a password is required for the specified group, and the user is not listed as a member of  that  group
       in  the  group  database, the user shall be prompted to enter the correct password for that group. If the
       user is listed as a member of that group, no password shall be requested.  If no password is required for
       the  specified  group, it is implementation-defined whether users not listed as members of that group can
       change to that group. Whether or not a password is required, implementation-defined system accounting  or
       security  mechanisms  may  impose  additional authorization restrictions that may cause newgrp to write a
       diagnostic message and suppress the changing of the group identification.

OPTIONS

       The newgrp utility shall conform to the Base Definitions volume of POSIX.1‐2008,  Section  12.2,  Utility
       Syntax Guidelines, except for the unspecified usage of '−'.

       The following option shall be supported:

       −l        (The  letter ell.) Change the environment to what would be expected if the user actually logged
                 in again.

OPERANDS

       The following operand shall be supported:

       group     A group name from the group database or a non-negative numeric group ID. Specifies the group ID
                 to  which  the  real  and  effective group IDs shall be set. If group is a non-negative numeric
                 string and exists in the group database as a group name (see getgrnam()), the numeric group  ID
                 associated with that group name shall be used as the group ID.

STDIN

       Not used.

INPUT FILES

       The  file  /dev/tty  shall  be  used  to  read  a  single line of text for password checking, when one is
       required.

ENVIRONMENT VARIABLES

       The following environment variables shall affect the execution of newgrp:

       LANG      Provide a default value for the internationalization variables that are unset or null. (See the
                 Base  Definitions  volume  of POSIX.1‐2008, Section 8.2, Internationalization Variables for the
                 precedence  of  internationalization  variables  used  to  determine  the  values   of   locale
                 categories.)

       LC_ALL    If  set  to a non-empty string value, override the values of all the other internationalization
                 variables.

       LC_CTYPE  Determine the locale for the interpretation of sequences of bytes of text  data  as  characters
                 (for example, single-byte as opposed to multi-byte characters in arguments).

       LC_MESSAGES
                 Determine  the  locale  that  should  be  used  to affect the format and contents of diagnostic
                 messages written to standard error.

       NLSPATH   Determine the location of message catalogs for the processing of LC_MESSAGES.

ASYNCHRONOUS EVENTS

       Default.

STDOUT

       Not used.

STDERR

       The standard error shall be used for diagnostic messages and a prompt string for a password,  if  one  is
       required.  Diagnostic  messages  may  be written in cases where the exit status is not available. See the
       EXIT STATUS section.

OUTPUT FILES

       None.

EXTENDED DESCRIPTION

       None.

EXIT STATUS

       If newgrp succeeds in creating a new shell execution environment, whether or not the group identification
       was changed successfully, the exit status shall be the exit status of the shell. Otherwise, the following
       exit value shall be returned:

       >0    An error occurred.

CONSEQUENCES OF ERRORS

       The invoking shell may terminate.

       The following sections are informative.

APPLICATION USAGE

       There is no convenient way to enter a password into the group database. Use of  group  passwords  is  not
       encouraged,  because  by  their  very  nature they encourage poor security practices. Group passwords may
       disappear in the future.

       A common implementation of newgrp is that the current shell uses exec  to  overlay  itself  with  newgrp,
       which  in  turn overlays itself with a new shell after changing group.  On some implementations, however,
       this may not occur and newgrp may be invoked as a subprocess.

       The newgrp command is intended only for use from an interactive terminal. It  does  not  offer  a  useful
       interface for the support of applications.

       The  exit  status  of  newgrp  is generally inapplicable. If newgrp is used in a script, in most cases it
       successfully invokes a new shell and the rest of the original shell script is bypassed when the new shell
       exits. Used interactively, newgrp displays diagnostic messages to indicate problems. But usage such as:

           newgrp foo
           echo $?

       is  not  useful  because the new shell might not have access to any status newgrp may have generated (and
       most historical systems do not provide this status). A zero  status  echoed  here  does  not  necessarily
       indicate  that  the  user has changed to the new group successfully. Following newgrp with the id command
       provides a portable means of determining whether the group change was successful or not.

EXAMPLES

       None.

RATIONALE

       Most historical implementations use one of the exec  functions  to  implement  the  behavior  of  newgrp.
       Errors  detected  before  the  exec leave the environment unchanged, while errors detected after the exec
       leave the user in a changed environment. While it would be useful  to  have  newgrp  issue  a  diagnostic
       message  to  tell the user that the environment changed, it would be inappropriate to require this change
       to some historical implementations.

       The password mechanism is allowed in the group database,  but  how  this  would  be  implemented  is  not
       specified.

       The  newgrp utility was retained in this volume of POSIX.1‐2008, even given the existence of the multiple
       group permissions feature in the System Interfaces volume of POSIX.1‐2008, for several reasons. First, in
       some  implementations,  the  group  ownership  of  a newly created file is determined by the group of the
       directory in which the file is created, as allowed by the System Interfaces volume  of  POSIX.1‐2008;  on
       other  implementations,  the group ownership of a newly created file is determined by the effective group
       ID. On implementations of the latter type, newgrp allows files  to  be  created  with  a  specific  group
       ownership. Finally, many implementations use the real group ID in accounting, and on such systems, newgrp
       allows the accounting identity of the user to be changed.

FUTURE DIRECTIONS

       None.

SEE ALSO

       Chapter 2, Shell Command Language, sh

       The Base Definitions volume of POSIX.1‐2008, Chapter 8,  Environment  Variables,  Section  12.2,  Utility
       Syntax Guidelines

       The System Interfaces volume of POSIX.1‐2008, exec, getgrnam()

       Portions of this text are reprinted and reproduced in electronic form from IEEE Std 1003.1, 2013 Edition,
       Standard for Information Technology -- Portable Operating System Interface (POSIX), The Open  Group  Base
       Specifications  Issue 7, Copyright (C) 2013 by the Institute of Electrical and Electronics Engineers, Inc
       and The Open Group.  (This is POSIX.1-2008 with the 2013 Technical Corrigendum 1 applied.) In  the  event
       of  any  discrepancy between this version and the original IEEE and The Open Group Standard, the original
       IEEE and The Open Group Standard is the referee document. The original Standard can be obtained online at
       http://www.unix.org/online.html .

       Any  typographical  or formatting errors that appear in this page are most likely to have been introduced
       during  the  conversion  of  the  source  files  to  man  page  format.  To  report  such   errors,   see
       https://www.kernel.org/doc/man-pages/reporting_bugs.html .