FW: Speed comp. TNG & 2.2.alpha (fwd)
peter at cadcamlab.org
Thu Mar 1 08:03:47 GMT 2001
> The way to tell if a group is a private group is fairly simple - a
> simple getgrnam call tells you if there are any non-primary members
Are you sure? The man page on my system does not actually say that.
Sure, the usual Unix implementation of getgrnam() only reads /etc/group
and not /etc/passwd, but thanks to NSS, many people do not use the
usual Unix implementation of getgrnam() anymore.
Also consider AIX: the 'mkuser' utility automatically puts you in
/etc/group. (I know this because I had to debug it once: I was
creating hundreds of users from a script, and managed to exceed the
line length limit of some tool that reads /etc/group.)
> A final check would be if no other users have this as their primary
So you have to iterate through getpwent() every time? Bad. Remember,
systems like NIS are optimized for getpwnam() -- it is *much* more
efficient than a loop through getpwent(). (Granted, with a local
/etc/passwd file they are equivalent.)
> In any case, it would be good to get a list of all groups on a system
> and not see all the private groups setup for each individual user
> when all I want to see is admins, staff and students - if you see
> what I mean.
Here's another way to attack the problem. Samba could have a magic NT
group name (say 'nogroup') defined to be invisible to clients, and a
syntax for a wildcard Unix group name in your group map file.
More information about the samba-technical