Looking at the documentation of the /etc/group file including some google searches, it appears to me that, contrary to the man pages for group, Linux systems generally do not put membership user names for the user's primary group in the record for it in the /etc/group file, only for secondary groups. FreeBSD seems to do the same thing while SCO OpenServer has full entries for the primary group as well as secondaries. Is there a best practice when manipulating these regarding line length? I've see articles that recommend splitting long entries into multiple group lines with the same group id, while at least some SuSE Linux Enterprise systems produce single long lines (30,869 characters on a site with about 5,100 accounts). How would the system's group maintenance routines interact with a group file where this was done? Bill -- INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way Voice: (206) 236-1676 Mercer Island, WA 98040-0820 Fax: (206) 232-9186 Skype: jwccsllc (206) 855-5792 The man who produces while others dispose of his product is a slave. Ayn Rand
On Mon, 2010-03-08 at 12:48 -0800, Bill Campbell wrote:> Looking at the documentation of the /etc/group file including > some google searches, it appears to me that, contrary to the man > pages for group, Linux systems generally do not put membership > user names for the user's primary group in the record for it in > the /etc/group file, only for secondary groups. FreeBSD seems to > do the same thing while SCO OpenServer has full entries for the > primary group as well as secondaries. > > Is there a best practice when manipulating these regarding line > length? I've see articles that recommend splitting long entries > into multiple group lines with the same group id, while at least > some SuSE Linux Enterprise systems produce single long lines > (30,869 characters on a site with about 5,100 accounts). > > How would the system's group maintenance routines interact with a > group file where this was done?---- the 'best practice' in my view is to use LDAP and forget about huge flat file users/groups? Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.