UNIX group id

kkalyan · September 8, 2011, 8:28am

How to add a user to the existing user account of a solarise server?
In our solarise server we hav a acc in the name telecom ,now how to add a new user to teleco acc so that he can login in to server through telecom acc.

Thanks to help

DGPickett · September 8, 2011, 9:35am

All user id's (accounts) are added with some group-id. Every id is in at least one group. Just make sure it is established in the right group.

dreipapier · September 9, 2011, 10:59am

"All user id's (accounts) are added with some group-id. Every id is in at least one group. Just make sure it is established in the right group."

it is not true,
There are more groups, you must decide in which group you want to put the new user!

DGPickett · September 13, 2011, 1:28pm

The terminology add user to existing account is a bit fuzzy. It is bad security practice to have more than one user on an account. You can have many users each on their own account and assign them to a group, so they can share access to resources. Otherwise, write a server to run in the existing account that has its own authentication space, and users can log into the service to do what is needed. Either way, the system knows who is responsible for activity, and can block any single individual if necessary without affecting others.

jim_mcnamara · September 13, 2011, 2:10pm

I think I get what you want.

You want to login as user A, but automatically become user B, and stay user B.
When then this weird user logs out he just logs out and is never really user A. Right?
Simply giving user A the same group id as User B will not do what you want. -- assuming I understand what you want.

Here is the very insecure quick version for solaris, run as root (change directory names to work for you):

# user needs to be in a group all by himself
groupadd weird
mkdir -p /export/home/userA
useradd -g weird -d /export/home/userA -c 'odd user' -s /bin/ksh -P 'Primary Administrator' userA
chown userA:weird /export/home/userA

Give userA a password.

next create a login .profile for userA that looks like this:

pfexec su - userB
exit

cp .profile /export/home/userA
chmod 444 /export/home/userA/.profile
chown root:root /export/home/userA/.profile

If you really need this, consider learning about RBAC for Solaris, instead of this hack.
Blastwave.org - An OpenSolaris Community Site has sudo for Solaris, which is a quicker way to get fine control over something like tihs.