pts_membership

Langue: en

Version: 2008-02-04 (ubuntu - 07/07/09)

Section: 1 (Commandes utilisateur)

NAME

pts_membership - Displays the membership list for a user or group

SYNOPSIS

pts membership -nameorid <user or group name or id>+
    [-cell <cell name>] [-localauth] [-noauth
    [-force] [-help]

pts m -na <user or group name or id>+ [-c <cell name>]
    [-no] [-l] [-f] [-h]

pts groups -na <user or group name or id>+ [-c <cell name>]
    [-no] [-l] [-f] [-h]

pts g -na <user or group name or id>+ [-c <cell name>]
    [-no] [-l] [-f] [-h]

DESCRIPTION

The pts membership command lists the groups to which each user or machine specified by the -nameorid argument belongs, or lists the users and machines that belong to each group specified by the -nameorid argument.

It is not possible to list the members of the system:anyuser or system:authuser groups, and they do not appear in the list of groups to which a user belongs.

To add users or machine to groups, use the pts adduser command; to remove them, use the pts removeuser command.

OPTIONS

-nameorid <user or group name or id>+
Specifies the name or AFS UID of each user entry, the IP address (complete or wildcard-style) or AFS UID of each machine entry, or the name or AFS GID of each group, for which to list group membership. It is acceptable to mix users, machines, and groups on the same command line, as well as names and IDs. Precede the GID of each group with a hyphen to indicate that it is negative.
-cell <cell name>
Names the cell in which to run the command. For more details, see pts(1).
-noauth
Assigns the unprivileged identity anonymous to the issuer. For more details, see pts(1).
-localauth
Constructs a server ticket using a key from the local /etc/openafs/server/KeyFile file. Do not combine this flag with the -cell or -noauth options. For more details, see pts(1).
-force
Enables the command to continue executing as far as possible when errors or other problems occur, rather than halting execution at the first error.
-help
Prints the online help for this command. All other valid options are ignored.

OUTPUT

For each user and machine, the output begins with the following header line, followed by a list of the groups to which the user or machine belongs:
    Groups <name> (id: <AFS UID>) is a member of:
 
 

For each group, the output begins with the following header line, followed by a list of the users and machines who belong to the group:

    Members of <group_name> (id: <AFS GID>) are:
 
 

EXAMPLES

The following example lists the groups to which the user "pat" belongs and the members of the group "smith:friends". Note that third privacy flag for the "pat" entry was changed from the default hyphen to enable a non-administrative user to obtain this listing.
    % pts membership pat smith:friends
    Groups pat (id: 1144) is a member of:
      smith:friends
      staff
      johnson:project-team
    Members of smith:friends (id: -562) are:
      pat
      terry
      jones
      richard
      thompson
 
 

PRIVILEGE REQUIRED

The required privilege depends on the setting of the third privacy flag in the Protection Database entry of each user or group indicated by the -nameorid argument (use the pts examine command to display the flags):
If it is the hyphen and the -nameorid argument specifies a user, only the associated user and members of the system:administrators group can list the groups to which the user belongs.
If it is the hyphen and the -nameorid argument specifies a machine, only the members of the system:administrators group can list the groups to which the machine belongs.
If it is the hyphen and the -nameorid argument specifies a group, only the owner of the group and members of the system:administrators group can list the members of the group.
If it is lowercase "m" and the -nameorid argument specifies a user or machine entry, the meaning is equivalent to the hyphen.
If it is lowercase "m" and the -nameorid argument specifies a group, members of the group can also list the other members.
If it is uppercase "M", anyone who can access the cell's database server machines can list group memberships.

SEE ALSO

pts(1), pts_adduser(1), pts_examine(1), pts_removeuser(1), pts_setfields(1) IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.