linux question - What are the rules regarding user names in the "group" file?

[bigpcman]

When the "group" file does not contain any user name entries does that mean any user can be in any group?
As in tc group file:

Code: [Select]

root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:
Conversely, if user names are entered for a group does that mean only those user names can be associated with that group.
As in:

Code: [Select]

root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:tc
Where tc is the only user associated with group staff. Are there any other rules of interest?

[^thehatsrule^]

When the "group" file does not contain any user name entries does that mean any user can be in any group?

Not exactly, but afaik this part is:

any user can be in any group

if user names are entered for a group does that mean only those user names can be associated with that group.

No, there are primary groups (see /etc/passwd)

There are probably better explanations of these files in full... if more details are needed

[bigpcman]

I wanted user nobody to be in group staff in addition to nogroup so I added it and user tc to the group file staff group entry (staff:x:50:tc,nobody).

I created a folder test owned by user nobody group staff. Here's the strange part - when logged in as user tc a "cd" to the test directory is denied. I get the message "can't cd to test" If I change the permissions from 666 to 676 then I can access the directory. What the heck is going on?

[jpeters]

You have to have exec permission to enter a directory.   

[bigpcman]

You have to have exec permission to enter a directory.  

Wow after all these years of playing around with linux and I never knew that?

[mikshaw]

When the "group" file does not contain any user name entries does that mean any user can be in any group?

As far as I know it means that no user is currently added to any group, so it's sort of the opposite of what you were asking.

if user names are entered for a group does that mean only those user names can be associated with that group.

It means only those users are currently associated with that group.

I wanted user nobody to be in group staff in addition to nogroup so I added it and user tc to the group file staff group entry

That's probably not a good idea. The user "nobody" is a special user made available to be very limited in what it can do, for use in things such as web servers to prevent remote access from obtaining control of things outside the server.  Nobody probably shouldn't be allowed to do anything apart from accessing files allowed for  "others" (the 4 in chmod 664, for example)

[tobiaus]

Nobody probably shouldn't be allowed to do anything

hey that sounds like windows...

[bigpcman]

When the "group" file does not contain any user name entries does that mean any user can be in any group?

As far as I know it means that no user is currently added to any group, so it's sort of the opposite of what you were asking.

If this is true then why does the default tc group file have no user entries?

root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:

Edit: Ok now I get it. The group file would include secondary user group assignments and since there aren't any there are no entries. The passwd file contains the primary login group assignment. That makes sense.