PTS_MEMBERSHIP(1) | AFS Command Reference | PTS_MEMBERSHIP(1) |
pts_membership - Displays the membership list for a user or group
pts membership
-nameorid <user or group name or id>+
[-supergroups] [-expandgroups]
[-cell <cell name>]
[-localauth] [-noauth] [-force] [-help]
[-auth] [-encrypt]
[-config <config directory>]
pts m
-na <user or group name or id>+
[-s] [-ex] [-c <cell name>]
[-no] [-l] [-f] [-h]
[-a] [-en]
[-co <config directory>]
pts groups
-na <user or group name or id>+
[-s] [-ex] [-c <cell name>]
[-no] [-l] [-f] [-h]
[-a] [-en]
[-co <config directory>]
pts g
-na <user or group name or id>+
[-s] [-ex] [-c <cell name>]
[-no] [-l] [-f] [-h]
[-a] [-en]
[-co <config directory>]
The pts membership command lists the groups to which each user or machine specified by the -nameorid argument belongs, or lists the users and machines that belong to each group specified by the -nameorid argument.
It is not possible to list the members of the system:anyuser or system:authuser groups, and they do not appear in the list of groups to which a user belongs.
To add users or machine to groups, use the pts adduser command; to remove them, use the pts removeuser command.
Instead of listing groups which are members of a group, list every user and machine which is a member of a group, including the users and machines which are members due to nested groups, for each group specified by the -nameorid argument.
Group membership may be nested when ptserver is compiled with the SUPERGROUPS option enabled.
For each user and machine, the output begins with the following header line, followed by a list of the groups to which the user or machine belongs:
Groups <name> (id: <AFS UID>) is a member of:
For each group, the output begins with the following header line, followed by a list of the users and machines who belong to the group:
Members of <group_name> (id: <AFS GID>) are:
The following example lists the groups to which the user "pat" belongs and the members of the group "smith:friends". Note that third privacy flag for the "pat" entry was changed from the default hyphen to enable a non-administrative user to obtain this listing.
% pts membership pat smith:friends Groups pat (id: 1144) is a member of: smith:friends staff johnson:project-team Members of smith:friends (id: -562) are: pat terry jones richard thompson
The following example shows how to list the groups to which nested groups belong. In this example the group "executives" is a member of the group "management" and the group "management" is a member of the group "staff". The group "management" is called a supergroup of the group "executives" and the group "staff" is called a supergroup of the group "management".
% pts membership executives Members of executives (id: -208) are: jane % pts membership executives -supergroups Members of executives (id: -208) are: jane Groups executives (id: -208) is a member of: management % pts membership management -supergroups Members of management (id: -207) are: executives mary sarah carol Groups management (id: -207) is a member of: staff % pts membership staff -supergroups Members of staff (id: -206) are: sales marketing engineering management Groups staff (id: -206) is a member of:
The following example shows how to find all the users which belong to a group, including users of nested groups. In this example, the user "jane" is listed as an expanded member of the group "management" instead of the group "executives".
% pts membership management -expandgroups Expanded Members of management (id: -207) are: jane mary sarah carol
The following example shows how to find all the groups a user is a member of, including membership due to nested groups. In this example the user "jane" is a direct member of the group "executives". The "-expandgroups" flag shows all the groups to which "jane" has membership status.
% pts membership jane Groups jane (id: 7) is a member of: executives % pts membership jane -expandgroups Expanded Groups jane (id: 7) is a member of: staff management executives
Members of the system:ptsviewers and system:administrators groups can always use this command in any of its variations. Additionally, a user can always list the groups to which they belong, and the owner of a group can always list the members of the group.
Additional privileges may be granted by the setting of the third privacy flag in the Protection Database entry of each user or group indicated by the -nameorid argument (use the pts examine command to display the flags):
pts(1), pts_adduser(1), pts_examine(1), pts_removeuser(1), pts_setfields(1)
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
2021-01-14 | OpenAFS |