Quick question: Can a group be added to a group?
Results 1 to 3 of 3

Thread: Quick question: Can a group be added to a group?

  1. #1
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    Question Quick question: Can a group be added to a group?

    Is it possible for a group to be added to an group in Unix? Specifically, I'm on HP-UX. Here's a better illustration of my question:

    /etc/group:
    -------------
    wheel:*:0:root,adm
    bin::1:root,bin,daemon,
    daemon::2:root,bin,daemon,
    sys::3:root,bin,adm,
    adm::4:root,adm,daemon,jenkins
    tty::5:
    www:x:6:bob,roswell1329,adm

    In the above example, the group www contains another group adm. Is this possible? Do I have to use the GID of the adm group instead? If I had a directory called scripts that was owned by www:www (user www and group www) and in mode 770, would user jenkins from the above /etc/group file be able to run scripts in the directory? Normally, I'd just test it myself, but I'm at work and I would have to put a request into the platform team responsible for this server. I also googled this topic, and nothing was really on point. Any help would be most appreciated!
    /* You are not expected to understand this. */

  2. #2
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    Posts
    551
    Hmmmm..... I've never used HP-UX, and I'm strictly talking out of my ass here, but my guess would be no. If you add adm to the www group as you have it above, I would think it would look for user adm, instead of group adm. And that user may or may not exist. If it's possible at all, my guess is that you would have to use the GID.

    Is there some reason why you can't just add jenkins to the www group? Or is this a purely academic question?
    Do what you want with the girl, but leave me alone!

  3. #3
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    The reason I'd like to try this is because I'm setting up a website that will contain some monitoring scripts for various systems I admin. I want the directory that contains all the scripts to be owned by an account with a disabled login, and group owned by the webserver. Unfortunately the only group currently that contains the webserver is the group www. That group contains the webserver account, www, along with several other users. I don't want the other users to have access to the directory...just www. Am I explaining this okay? How's this:


    drwxr-x--- 2 dummy alt-www 1024 Sep 11 12:14 scripts/


    /etc/group:
    www:x:6:bob,sam,tim,john,adam,www
    alt-www:x:7:www


    My question is, if I setup the directory as dummy:alt-www, will bob be able to run those scripts because he's in the www group? I wouldn't think so, as that sounds like it would be too ambiguous for UNIX, but I wanted to make sure. It's kinda important that ONLY the webserver can run these monitoring tools.
    /* You are not expected to understand this. */

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides