Inconsistency between “/etc/passwd” and “/etc/group”












0















I have 2 users, each has a different primary group.
For user1, the primary group is group1 with GID 501.
For user2, the primary group is group2 with GID 502.



I edited /etc/passwd manually so that user1 now has GID 600.
However, I forgot to create a new group with GID 600 (and I did not edit /etc/group either).



What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists:



Examples:



1) After user1 creates a new file- test.txt- User2 can't r/w that file.



2) When running ls -l I can see that test.txt belongs to GID 600.



What am I missing? Why does it work even though there's inconsistency between /etc/passwd and /etc/group?



Thanks.










share|improve this question



























    0















    I have 2 users, each has a different primary group.
    For user1, the primary group is group1 with GID 501.
    For user2, the primary group is group2 with GID 502.



    I edited /etc/passwd manually so that user1 now has GID 600.
    However, I forgot to create a new group with GID 600 (and I did not edit /etc/group either).



    What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists:



    Examples:



    1) After user1 creates a new file- test.txt- User2 can't r/w that file.



    2) When running ls -l I can see that test.txt belongs to GID 600.



    What am I missing? Why does it work even though there's inconsistency between /etc/passwd and /etc/group?



    Thanks.










    share|improve this question

























      0












      0








      0








      I have 2 users, each has a different primary group.
      For user1, the primary group is group1 with GID 501.
      For user2, the primary group is group2 with GID 502.



      I edited /etc/passwd manually so that user1 now has GID 600.
      However, I forgot to create a new group with GID 600 (and I did not edit /etc/group either).



      What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists:



      Examples:



      1) After user1 creates a new file- test.txt- User2 can't r/w that file.



      2) When running ls -l I can see that test.txt belongs to GID 600.



      What am I missing? Why does it work even though there's inconsistency between /etc/passwd and /etc/group?



      Thanks.










      share|improve this question














      I have 2 users, each has a different primary group.
      For user1, the primary group is group1 with GID 501.
      For user2, the primary group is group2 with GID 502.



      I edited /etc/passwd manually so that user1 now has GID 600.
      However, I forgot to create a new group with GID 600 (and I did not edit /etc/group either).



      What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists:



      Examples:



      1) After user1 creates a new file- test.txt- User2 can't r/w that file.



      2) When running ls -l I can see that test.txt belongs to GID 600.



      What am I missing? Why does it work even though there's inconsistency between /etc/passwd and /etc/group?



      Thanks.







      linux redhat-enterprise-linux






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Feb 25 at 8:49









      Raz MosheRaz Moshe

      31




      31






















          2 Answers
          2






          active

          oldest

          votes


















          0















          What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists




          Not quite everything: a user can only belong to such a nameless group if it is their primary group, i.e. the group ID is specified on their line in /etc/passwd. But that is just a consequence of how the non-primary group membership information is stored.



          The kernel fundamentally handles the users and groups by UID and GID numbers; the names are essentially just a friendly user interface layer for us humans. POSIX-compliant filesystems also tend to store file ownerships by UID/GID numbers, not by user/group names.



          Sometimes it is also necessary to work with incomplete user/group information. For example, a system that is relying on a central LDAP or NIS user database must not destroy file owner/group information merely because a network failure is causing the user information database to be unreachable.



          Or when you are restoring a system after a total system disk failure, it would be inconvenient to have an absolute requirement to restore the user/group information first before anything else. (Granted, it might usually be one of the first things you restore, but it is not absolutely mandatory to do so.)






          share|improve this answer































            0














            For a file to belong to a group (the group is a numerical value), this group doesn't need to exist locally.



            THe best example to show this is a USB disk written on a system where GID 600 is locally defined and then moved to a system where it does not exist locally. The files will show up all right, with the numerical value 600 not being resolved to a group name.






            share|improve this answer
























              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "3"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });














              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409170%2finconsistency-between-etc-passwd-and-etc-group%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              0















              What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists




              Not quite everything: a user can only belong to such a nameless group if it is their primary group, i.e. the group ID is specified on their line in /etc/passwd. But that is just a consequence of how the non-primary group membership information is stored.



              The kernel fundamentally handles the users and groups by UID and GID numbers; the names are essentially just a friendly user interface layer for us humans. POSIX-compliant filesystems also tend to store file ownerships by UID/GID numbers, not by user/group names.



              Sometimes it is also necessary to work with incomplete user/group information. For example, a system that is relying on a central LDAP or NIS user database must not destroy file owner/group information merely because a network failure is causing the user information database to be unreachable.



              Or when you are restoring a system after a total system disk failure, it would be inconvenient to have an absolute requirement to restore the user/group information first before anything else. (Granted, it might usually be one of the first things you restore, but it is not absolutely mandatory to do so.)






              share|improve this answer




























                0















                What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists




                Not quite everything: a user can only belong to such a nameless group if it is their primary group, i.e. the group ID is specified on their line in /etc/passwd. But that is just a consequence of how the non-primary group membership information is stored.



                The kernel fundamentally handles the users and groups by UID and GID numbers; the names are essentially just a friendly user interface layer for us humans. POSIX-compliant filesystems also tend to store file ownerships by UID/GID numbers, not by user/group names.



                Sometimes it is also necessary to work with incomplete user/group information. For example, a system that is relying on a central LDAP or NIS user database must not destroy file owner/group information merely because a network failure is causing the user information database to be unreachable.



                Or when you are restoring a system after a total system disk failure, it would be inconvenient to have an absolute requirement to restore the user/group information first before anything else. (Granted, it might usually be one of the first things you restore, but it is not absolutely mandatory to do so.)






                share|improve this answer


























                  0












                  0








                  0








                  What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists




                  Not quite everything: a user can only belong to such a nameless group if it is their primary group, i.e. the group ID is specified on their line in /etc/passwd. But that is just a consequence of how the non-primary group membership information is stored.



                  The kernel fundamentally handles the users and groups by UID and GID numbers; the names are essentially just a friendly user interface layer for us humans. POSIX-compliant filesystems also tend to store file ownerships by UID/GID numbers, not by user/group names.



                  Sometimes it is also necessary to work with incomplete user/group information. For example, a system that is relying on a central LDAP or NIS user database must not destroy file owner/group information merely because a network failure is causing the user information database to be unreachable.



                  Or when you are restoring a system after a total system disk failure, it would be inconvenient to have an absolute requirement to restore the user/group information first before anything else. (Granted, it might usually be one of the first things you restore, but it is not absolutely mandatory to do so.)






                  share|improve this answer














                  What's surprising me is that even though I never created a group with GID 600 (and thus there's no such group in /etc/group)- everything works as if such a group exists




                  Not quite everything: a user can only belong to such a nameless group if it is their primary group, i.e. the group ID is specified on their line in /etc/passwd. But that is just a consequence of how the non-primary group membership information is stored.



                  The kernel fundamentally handles the users and groups by UID and GID numbers; the names are essentially just a friendly user interface layer for us humans. POSIX-compliant filesystems also tend to store file ownerships by UID/GID numbers, not by user/group names.



                  Sometimes it is also necessary to work with incomplete user/group information. For example, a system that is relying on a central LDAP or NIS user database must not destroy file owner/group information merely because a network failure is causing the user information database to be unreachable.



                  Or when you are restoring a system after a total system disk failure, it would be inconvenient to have an absolute requirement to restore the user/group information first before anything else. (Granted, it might usually be one of the first things you restore, but it is not absolutely mandatory to do so.)







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Feb 25 at 9:08









                  telcoMtelcoM

                  1,4291512




                  1,4291512

























                      0














                      For a file to belong to a group (the group is a numerical value), this group doesn't need to exist locally.



                      THe best example to show this is a USB disk written on a system where GID 600 is locally defined and then moved to a system where it does not exist locally. The files will show up all right, with the numerical value 600 not being resolved to a group name.






                      share|improve this answer




























                        0














                        For a file to belong to a group (the group is a numerical value), this group doesn't need to exist locally.



                        THe best example to show this is a USB disk written on a system where GID 600 is locally defined and then moved to a system where it does not exist locally. The files will show up all right, with the numerical value 600 not being resolved to a group name.






                        share|improve this answer


























                          0












                          0








                          0







                          For a file to belong to a group (the group is a numerical value), this group doesn't need to exist locally.



                          THe best example to show this is a USB disk written on a system where GID 600 is locally defined and then moved to a system where it does not exist locally. The files will show up all right, with the numerical value 600 not being resolved to a group name.






                          share|improve this answer













                          For a file to belong to a group (the group is a numerical value), this group doesn't need to exist locally.



                          THe best example to show this is a USB disk written on a system where GID 600 is locally defined and then moved to a system where it does not exist locally. The files will show up all right, with the numerical value 600 not being resolved to a group name.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered Feb 25 at 9:01









                          Eugen RieckEugen Rieck

                          11.3k22429




                          11.3k22429






























                              draft saved

                              draft discarded




















































                              Thanks for contributing an answer to Super User!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1409170%2finconsistency-between-etc-passwd-and-etc-group%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Probability when a professor distributes a quiz and homework assignment to a class of n students.

                              Aardman Animations

                              Are they similar matrix