24
2
After I edit /etc/group and I add a user to groups it didn't belong to, the user will not be able to use it's newly acquired privileges unless it starts a new session.
Is there a command to refresh user/group properties in an ongoing session?
Is there a way in Linux to update the user/group properties without having to login again?
Answers
16
At the kernel level, group membership is a property of each process. Unless it has the appropriate capability (CAP_SETGID if I'm not mistaken), i.e. root privileges for all intents and purposes, a process cannot belong to a new group.
A user does not exist as an object at the kernel level; only processes (and files) do. A process has a uid (effective and whatnot) and a list of group ids.
When you are adding a user to a group, the kernel has no idea what it means. It only knows, indirectly, that the next time /bin/login or /usr/bin/newgrp is run a process with that user id will have a new group id in its list.
So, to answer your question, if you're speaking of a Gnome or KDE session, you have to restart it indeed. Or if you only care about the result of one command as far as that new group is concerned, you can use newgrp I just mentioned. It will start a new shell with the newly added group.
niXar
Posted 2010-03-22T14:27:48.127
Reputation: 756
5
I've read before that the newgrp command does this, but only for the current shell. There doesn't seem to be a better alternative than to log out and back in again.
Andy Shellam
Posted 2010-03-22T14:27:48.127
Reputation: 291
3What newgrp does is actually start a new shell. So if you ^D from it you're back to your old shell. I usually simply do 'exec newgrp' – niXar – 2010-06-15T10:08:44.180
1Is there a reason you're editing the file by hand instead of using
useradd -G groupname username? – Bobby – 2010-06-15T08:28:59.8604@Bobby: this would make no difference. – niXar – 2010-06-15T10:09:24.817
You might look this answer.
– Pablo A – 2017-07-23T17:22:08.627