3 pts_membership - Displays the membership list for a user or group
10 B<pts membership> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
11 [B<-supergroups>] [B<-expandgroups>] S<<< [B<-cell> <I<cell name>>] >>>
12 [B<-localauth>] [B<-noauth>] [B<-force>] [B<-help>]
13 [B<-auth>] [B<-encrypt>] S<<< [B<-config> <I<config directory>>] >>>
15 B<pts m> S<<< B<-na> <I<user or group name or id>>+ >>>
16 [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
17 [B<-no>] [B<-l>] [B<-f>] [B<-h>]
18 [B<-a>] [B<-en>] S<<< [B<-co> <I<config directory>>] >>>
20 B<pts groups> S<<< B<-na> <I<user or group name or id>>+ >>>
21 [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
22 [B<-no>] [B<-l>] [B<-f>] [B<-h>]
23 [B<-a>] [B<-en>] S<<< [B<-co> <I<config directory>>] >>>
25 B<pts g> S<<< B<-na> <I<user or group name or id>>+ >>>
26 [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
27 [B<-no>] [B<-l>] [B<-f>] [B<-h>]
28 [B<-a>] [B<-en>] S<<< [B<-co> <I<config directory>>] >>>
35 The B<pts membership> command lists the groups to which each user or
36 machine specified by the B<-nameorid> argument belongs, or lists the users
37 and machines that belong to each group specified by the B<-nameorid>
40 It is not possible to list the members of the system:anyuser or
41 system:authuser groups, and they do not appear in the list of groups to
44 To add users or machine to groups, use the B<pts adduser> command; to remove
45 them, use the B<pts removeuser> command.
51 =item B<-nameorid> <I<user or group name or id>>+
53 Specifies the name or AFS UID of each user entry, the IP address (complete
54 or wildcard-style) or AFS UID of each machine entry, or the name or AFS
55 GID of each group, for which to list group membership. It is acceptable to
56 mix users, machines, and groups on the same command line, as well as names
57 and IDs. Precede the GID of each group with a hyphen to indicate that it
62 List the groups to which each group specified by the B<-nameorid>
63 argument belongs, in addition to user and machine members. Group
64 membership may be nested when B<ptserver> is compiled with the
65 SUPERGROUPS option enabled.
67 =item B<-expandgroups>
69 Instead of listing only the groups in which the user or machine is a direct
70 member, list every group in which the user or machine belongs, including
71 membership due to nested groups, for each user or machine specified by
72 the B<-nameorid> argument.
74 Instead of listing groups which are members of a group, list every user and
75 machine which is a member of a group, including the users and machines which
76 are members due to nested groups, for each group specified by the B<-nameorid>
79 Group membership may be nested when B<ptserver> is compiled with the
80 SUPERGROUPS option enabled.
82 =include fragments/pts-common.pod
88 For each user and machine, the output begins with the following header
89 line, followed by a list of the groups to which the user or machine
92 Groups <name> (id: <AFS UID>) is a member of:
94 For each group, the output begins with the following header line, followed
95 by a list of the users and machines who belong to the group:
97 Members of <group_name> (id: <AFS GID>) are:
101 The following example lists the groups to which the user C<pat> belongs
102 and the members of the group C<smith:friends>. Note that third privacy
103 flag for the C<pat> entry was changed from the default hyphen to enable a
104 non-administrative user to obtain this listing.
106 % pts membership pat smith:friends
107 Groups pat (id: 1144) is a member of:
111 Members of smith:friends (id: -562) are:
118 The following example shows how to list the groups to which nested groups
119 belong. In this example the group C<executives> is a member of the group
120 C<management> and the group C<management> is a member of the group C<staff>.
121 The group C<management> is called a supergroup of the group C<executives> and the
122 group C<staff> is called a supergroup of the group C<management>.
124 % pts membership executives
125 Members of executives (id: -208) are:
128 % pts membership executives -supergroups
129 Members of executives (id: -208) are:
131 Groups executives (id: -208) is a member of:
134 % pts membership management -supergroups
135 Members of management (id: -207) are:
140 Groups management (id: -207) is a member of:
143 % pts membership staff -supergroups
144 Members of staff (id: -206) are:
149 Groups staff (id: -206) is a member of:
151 The following example shows how to find all the users which belong
152 to a group, including users of nested groups. In this example, the
153 user C<jane> is listed as an expanded member of the group C<management>
154 instead of the group C<executives>.
156 % pts membership management -expandgroups
157 Expanded Members of management (id: -207) are:
163 The following example shows how to find all the groups a user
164 is a member of, including membership due to nested groups. In
165 this example the user C<jane> is a direct member of the group
166 C<executives>. The C<-expandgroups> flag shows all the groups
167 to which C<jane> has membership status.
169 % pts membership jane
170 Groups jane (id: 7) is a member of:
173 % pts membership jane -expandgroups
174 Expanded Groups jane (id: 7) is a member of:
179 =head1 PRIVILEGE REQUIRED
181 Members of the system:ptsviewers and system:administrators groups can
182 always use this command in any of its variations. Additionally, a user
183 can always list the groups to which they belong, and the owner of a group
184 can always list the members of the group.
186 Additional privileges may be granted by the setting of the third privacy
187 flag in the Protection Database entry of each user or group indicated by
188 the B<-nameorid> argument (use the B<pts examine> command to display the
195 If it is a hyphen, the default permissions described above apply.
199 If it is lowercase C<m> and the B<-nameorid> argument specifies a group,
200 then members of that group can also list the other members. A privacy
201 flag of C<m> only changes the permissions when set for a group. Setting
202 this flag for a user or a machine has no effect.
206 If it is uppercase C<M>, anyone who can access the cell's database server
207 machines can list the membership of the group or the groups to which that
208 user or machine belongs, depending on what type of entry the flag is set
218 L<pts_removeuser(1)>,
223 IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
225 This documentation is covered by the IBM Public License Version 1.0. It was
226 converted from HTML to POD by software written by Chas Williams and Russ
227 Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.