Managing Groups

Directory Services stores information about groups in its /groups directory. This is different from the /etc/group file, which is consulted only in single-user mode.

To list all of the group IDs (GIDs) and group names for the local domain, invoke nireport with the NetInfo domain (., the local domain), the directory (/groups), and the properties you want to inspect—in this case, gid and name:

$ nireport . /groups gid name
-2      nobody
-1      nogroup
0       wheel
1       daemon
2       kmem
3       sys
4       tty
5       operator
6       mail
7       bin
20      staff
25      smmsp
26      lp
27      postfix
28      postdrop
31      guest
45      utmp
66      uucp
68      dialer
69      network
70      www
74      mysql
75      sshd
76      qtss
78      mailman
79      appserverusr
80      admin
81      appserveradm
99      unknown

Tip

Although the flat file format is called group (after the /etc/group file), the group directory is /groups. If you forget that last s, nireport will look for the wrong directory. However, if you want to dump the groups directory in the /etc/group file format, use the command nidump group . without that last s.

Creating a Group with niload

The niload utility can be used to read the flat-file format used by /etc/group (name:password:gid:members). To add a new group, you can create a file that adheres to that format and load it with niload. For ad hoc work, you can use a here document (an expression that functions as a quoted string, but spans multiple lines) rather than a separate file:

$ sudo niload group . <<EOF
> writers:*:1001:
> EOF

Creating a Group with dscl

To create a ...

Get Mac OS X Panther in a Nutshell, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial