groupmod(8)groupmod(8)NAMEgroupmod - Modifies a group definition on the system
SYNOPSIS
/usr/sbin/groupmod [-ggid] [-o] [-nnewgroup] [-P] [-xextended_option]
group_name
/usr/sbin/groupmod -D [-x extended_option]
OPTIONS
If invoked with any combination of the options below, it sets the
default values for those options. Subsequent invocations of groupmod
without the -D option use these new defaults. Specifies a new group
identification number (GID) for the group being modified. The GID must
be a non-negative decimal integer. When the -o option is used, the GID
can be duplicated. Specifies a new name for the group. The name has
the same restrictions as described for new group names in groupadd(8).
You cannot rename a PC group. Lets a group identification (GID) number
be duplicated (non-unique). This option can be used only with the -g
option. Modifies a PC group only. Extended_options are of the form
attribute=value. You may enter any number of extended options (within
the character limit of the command line) by separating each option with
a space. Alternatively, they may be entered separately following the -x
switch. Note that some extended options are only available under spe‐
cific system environments.
The value of the extended attributes min_gid, max_gid, and
next_gid given below must be a non-negative decimal number. Note
that min_gid must be less than or equal to next_gid which in
turn must be less than or equal to max_gid. This applies to all
modifications of GID values.
The following extended_option attributes are available. Speci‐
fies the largest numeric identifier that may be associated with
a group. This attribute can be used only with the -D option.
Specifies the smallest numeric identifier that may be associated
with a group. This attribute can be used only with the -D
option. Specifies the next available group identifier number
(GID) in the range of min_gid to max_gid. This attribute can be
used only with the -D option. Specifies whether duplicate GIDs
are allowed. If set to 1, duplicate GIDs are enabled. If set to
0, duplicate GIDs are disabled. This attribute can be used only
with the -D option. Indicates whether the group is local. If
set to 1, the group is added to the local database. This also
sets the value of extended options distributed and ldap to 0.
Indicates whether the group is distributed by NIS. If set to 1,
the group is added to the NIS database. This also sets the value
of extended options local and ldap to 0. You must be on the NIS
master to modify a NIS group. Indicates whether the group is
created on an LDAP server. If set to 1, the group is added to
the LDAP database. This also sets the value of extended options
local and distributed to 0. A comma-delimited list of members
of the group. The list replaces the existing list, adding or
removing members as necessary. You can specify the user by login
name or by account UID. A comma-delimited list of members to be
added (+=) or (-=) removed from the group. The list replaces the
existing list, adding or removing members as necessary. You can
specify the user by login name or by account UID.
The following extended_option attributes are available for PC
group administration if the Advanced Server for UNIX (ASU)is
configured and running: Specifies a text string that provides a
description of the PC group. Specifies a comma delimited list
of PC users to be added to the current list of members of a PC
group. Note that this adds, but does not replace members.
Specifies the name of the group to be modified. The group name
must exist.
DESCRIPTION
The groupmod command is part of a set of command-line interfaces (CLI)
that are used to create and administer user groups on the system. When
The Advanced Server for UNIX (ASU) is installed and running, the group‐
mod command can also be used to administer PC groups with members who
are Windows NT domain account users. Accounts can also be modified with
the /usr/bin/X11/dxaccounts graphical user interface (GUI) or the sys‐
man(8) Acounts menu.
Different options are available depending on how the local system is
configured: User account management is compliant with the IEEE POSIX
Standard P1387.3. The CLI is backwards-compatible, so all legacy
scripts will function. However, you should consider testing your
account management scripts before use.
The groupmod command lets the system administrator modify and rename
groups on the system. In addition, the system administrator can use the
-D and -x options on the same command line to change the maximum, mini‐
mum, and/or next available group identifier numbers, as well as specify
whether the group account is local or resides in the NIS master data‐
base. If the -x option is not specified on the command line, the system
modifies the group information in the appropriate database as specified
by the system defaults.
The -x options local, distributed, and ldap let the system administra‐
tor specify whether the group is local, distributed by NIS, or on an
LDAP server. If these options are not specified on the command line,
the system modifies the group in the appropriate database as specified
by the system defaults. System defaults for groups may be set with the
groupmod-D option. In the absence of any defaults, groupmod modifies a
local group. Certain combinations of these settings are incompatible
and produce an error: it is invalid to set all of these values to 0 or
set more than one of them to 1.
RESTRICTIONS
You must have superuser privilege to execute this command.
Distributed groups can only be added, modified, or deleted on NIS
servers.
LDAP groups can only be added, modified, or deleted on the LDAP server
or on a suitably privileged LDAP client.
EXIT STATUS
The groupmod command exits with one of the following values: Success.
Failure. Warning.
EXAMPLES
The following example changes the GID of the group, testgrp, to 451: %
groupmod-g 451 testgrp The following example changes the group name of
the testgrp group to unxgrp: % groupmod-n unxgrp testgrp The following
example changes the maximum group ID (max_gid) to 300 and the next
available group ID (next_gid) to 30: % groupmod-D-x max_gid=300 -x
next_gid=30
FILES
The groupmod command operates on the appropriate files for the specific
level of system security.
SEE ALSO
Commands: groupadd(8), groupdel(8), useradd(8), userdel(8), usermod(8)
Manuals: System Administration, Security, Advanced Server for UNIX
Installation and Administration
groupmod(8)