2

This is a follow-up question to Why is a user not a member of their private group (UPG)? although the first question isn't really necessary to understand this one.

The command id seems pretty clear...

test@test ~ $ id test
uid=1000(test) gid=1000(test) groups=1000(test),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),129(sambashare)

it shows the UID and GID of test (resp. its UPG) and then additionally lists all groups of which the user test is a member.

But then how should /etc/group be read?

test@test ~ $ less /etc/group | grep test
adm:x:4:syslog,test
cdrom:x:24:test
sudo:x:27:test
dip:x:30:test
plugdev:x:46:test
lpadmin:x:113:test
test:x:1000:
sambashare:x:129:test

The group-name at the beginning is pretty clear and also that the number is the GID; and after that the names of the group-members are listed. But why isn't the second last line test:x:1000:test instead of test:x:1000: to indicate, that the user test is member of the group test?

bonus question: what is the x in the second column for?

muru
  • 197,895
  • 55
  • 485
  • 740
DJCrashdummy
  • 1,911
  • 1
    x indicates groups are password protected or may use encrypted password. The actual password may or may not be set, but there should be entry for that group in /etc/gshadow. As for testuser, it's the group owner. The list should indicate only other users who are members – Sergiy Kolodyazhnyy Aug 27 '18 at 21:48
  • 2
    See https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Introduction_To_System_Administration/s3-acctspgrps-group.html . "X" indicates passwords are shadowed so .... https://www.tldp.org/LDP/lame/LAME/linux-admin-made-easy/shadow-file-formats.html . There may be more specific Debian/ ubuntu documentation on these files. You have good questions but they are broad – Panther Aug 28 '18 at 04:45
  • 3
    " But why isn't the second last line test:x:1000:test instead of test:x:1000: to indicate, that the user test is member of the group test?" because there's no need for that. The test user is specified to be a member of test group by their /etc/passwd entry (which lists only the primary group). Mentioning it in /etc/group would just be redundant. – muru Aug 28 '18 at 06:10
  • @muru well, avoiding redundancy may be a main reason as it can cause other problems... you are the first one mentioning this. thanks for your input! – DJCrashdummy Aug 28 '18 at 06:35

1 Answers1

5

The answer is in your question

[id] shows the UID and GID of test (resp. its UPG) and then additionally lists all groups of which the user test is a member.

The line you are asking about:

test:x:1000:

test, the user, is a member of test, the group. This is defined in /etc/passwd. The groups in /etc/passwd defines the 'primary' group of user test. Additional or supplementary groups are defined in /etc/group: in this case test user is also member of adm, cdrom, sudo, etc.

Also see

As for "why?", I am afraid this may be a UNIX standard. I.e., it was created this way nearly 50 years ago and that's the way it has been done.

ender.qa
  • 288