Go to main content

man pages section 8: System Administration Commands

Exit Print View

Updated: Thursday, June 13, 2019
 
 

groupmod(8)

Name

groupmod - modify a group definition on the system

Synopsis

/usr/sbin/groupmod [-S repository] [-g gid [-o]] [-n name]
     [-U [+|-]user1[,user2]...] group

Description

The groupmod command modifies the definition of the specified group by modifying the appropriate entry in the group database in the repository.

An administrator can modify any group for which it has a matching authorization of the form solaris.group.assign/groupname. This authorization is automatically assigned to the administrator who created the group. An administrator must have solaris.group.assign authorization to modify all other groups.

Options

The following options are supported:

–g gid

Specify the new group ID for the group. This group ID must be a non-negative decimal integer less than MAXUID, as defined in <param.h>. The group ID defaults to the next available (unique) number above 99. (Group IDs from 0-99 are reserved by Oracle Solaris for future applications.)

–n name

Specify the new name for the group. The name argument is a string of no more than eight bytes consisting of characters from the set of lower case alphabetic characters and numeric characters. A warning message will be written if these restrictions are not met. A future Oracle Solaris release may refuse to accept group fields that do not meet these requirements. The name argument must contain at least one character and must not include a colon (:) or NEWLINE (\n).

–o

Allow the gid to be duplicated (non-unique). An administrator must have solaris.group.assign authorization to use this option.

–S repository

The valid repositories are files and ldap. The repository specifies which name service will be updated. When repository is not specified, groupmod consults nsswitch.conf(5). When the repository is files, the user name and other items can be present in other name service repositories and can be assigned to a group in the files repository. When the repository is ldap, all the assignable attributes must be present in the ldap repository.

–U [+|-]user1[,user2]

Updates the list of users for the group as follows:

  • A prefix + before the list adds that list to existing users list.

  • A prefix - before the list removes each user in the list from the existing users list.

  • With no prefix before the list, replaces the existing users list with the new list of users specified.

Operands

The following operands are supported:

group

An existing group name to be modified.

Exit Status

The groupmod utility exits with one of the following values:

0

Success.

2

Invalid command syntax. A usage message for the groupmod command is displayed.

3

An invalid argument was provided to an option.

4

gid is not unique (when the –o option is not used).

6

group does not exist.

9

name already exists as a group name.

10

Cannot update the /etc/group file.

Files

/etc/group

group file

Attributes

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/core-os

See Also

group(5), nsswitch.conf(5), attributes(7), groupadd(8), groupdel(8), logins(8), useradd(8), userdel(8), usermod(8)

Notes

The groupmod utility only modifies group definitions in the group database in the repository. If a network name service such as NIS is being used to supplement the local /etc/group file with additional entries, groupmod cannot change information supplied by the network name service. groupmod verifies the uniqueness of group name and group ID against the external name service and uses the entries in the files repository.

groupmod fails if a group entry (a single line in /etc/group) exceeds 2047 characters.