group_override(5)                   OSF                   group_override(5)




 NAME    [Toc]    [Back]
      group_override - The registry group override file.

 SYNOPSIS    [Toc]    [Back]
      dcelocal/etc/group_override


 DESCRIPTION    [Toc]    [Back]
      The dcelocal/etc/group_override administrative file lets you override
      group UNIX IDs and member lists stored in the network registry
      database. The group_override file functions in a similar manner as the
      passwd_override file that overrides principal information in the
      network registry database. The override takes effect when you run
      passwd_export. It may also impact local security mechanisms of vendor
      specific implementations.

      The group_override file is stored on each machine. Any changes you
      make to it are in effect for the local machine only, and have no
      effect on the centralized registry. You may find group_override
      especially useful for overriding the default group definitions
      supplied with the registry if they do not match your local UNIX
      system's group definitions.

    The group_override File Format    [Toc]    [Back]
      The format of group_override entries is similar to the entries in the
      UNIX group file. The format is as follows:

      group_name:passwd:group_uid:members


      In the override entry, group_name and group_uid are keyfields.  You
      must enter one to identify the group to which the override applies.
      The keyfield is used to perform a lookup in the override file. The
      lookup is performed in order as the fields are specified in the entry:
      first by group name, then by group UNIX ID. If you specify both
      keyfields in an override entry, the group_name is used as the lookup
      key; subsequent fields are used as overrides.

    Field Descriptions    [Toc]    [Back]
      Each entry in the group_override file is described below.

      group_name
                A keyfield that contains the name that identifies the group
                to which the override applies.

      passwd    The encrypted password. If you specify an override in this
                field, the password you enter is in effect for this local
                machine only.

                You can also specify OMIT in the passwd field to disallow
                using the newgrp command on the local machine to change a



 Hewlett-Packard Company            - 1 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 group_override(5)        Open Software Foundation         group_override(5)




                user's group identification. The use of OMIT in conjunction
                with an option to the passwd_export command also prevents
                the inclusion of this group in the group file created by
                passwd_export. (See the section entitled "Using OMIT," later
                in this command reference, for details.)

      group_uid A group UNIX ID. This field can function as a keyfield, when
                no other keyfields are entered, or as a field containing an
                override, when entered in conjunction with group_name. When
                used as an override, this field specifies the ID to be used
                for the group on the local machine.

      members   A comma-separated list of members of the group. The contents
                of this field override information in the registry when
                passwd_export creates an /etc/group file. Note that to
                specify a null membership, as opposed to indicating no
                override is required, use an asterisk (*) for this field.


    Leaving Fields Blank    [Toc]    [Back]
      If you do not want to override an item, leave its field blank,
      separating each blank field with a colon (:). Note that to override a
      group with a null membership list, enter an asterisk (*) for the
      members field.

    Using OMIT    [Toc]    [Back]
      If you enter either the word OMIT or another invalid password string
      (such as an asterisk or NO GOOD) in the passwd field, users will not
      be able to issue a newgrp to this group on the local machine. If you
      specify OMIT and run passwd_export with the -x option, the named group
      will not appear in the /etc/group file produced by passwd_export.

      You should also be aware that, if you have omitted groups from the
      /etc/group file, information about those groups will not be available
      to any programs that use the group file. For example, the ls -lg
      command accesses the group file to obtain further information about a
      group. If the group is omitted, no group entry will exist and no
      information will be available. For this reason you should use OMIT to
      omit groups from the /etc/group file only if your user community is
      very large and either of the following conditions occur:


        +  The group file is taking up too much space.

        +  Group-ID-to-name mapping is too slow (during ls -lg, for
           example).


 EXAMPLES    [Toc]    [Back]
       1.  To assign the group named "kmem" a group ID of 3 on the local
           machine, the entry in the group_override file is as follows:



 Hewlett-Packard Company            - 2 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96






 group_override(5)        Open Software Foundation         group_override(5)




           kmem::3:


       2.  To override the membership list of the group named "system" so
           that it contains only the single member named "root," the entry
           is as follows:


           system:::root




 RELATED INFORMATION    [Toc]    [Back]
      Command: passwd_export(1m)


 Hewlett-Packard Company            - 3 -OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96