11

I did a usermod to add the current user user in a group, but when I run id -Gn it only shows the main user's group:

[user@computer ~]$ id -Gn 
user

But when I specify the user, it works normally:

[user@computer ~]$ id -Gn user
user newgroup

Do you have an idea why it works like it? Am I missing something concerning the groups management in UNIX?

Braiam
  • 35,991
Notiggsam
  • 113

1 Answers1

19

That's because your active set of groups is only determined at login. You'll need to logout and login again to pick up the change and see it reflected by id. You can see this another way by issuing cat /proc/$$/status which lists most of your current (session) process states.

BobDoolittle
  • 1,637
  • 1
    +1. Just in order to point out the difference: when calling id -Gn user, id will perform a group lookup based on /etc/group. When calling id -Gn, id will only lookup groups registered in the current session (that is, for the current user). – John WH Smith Aug 10 '14 at 15:22
  • @JohnWHSmith: run strace id, you can see it read information from /etc/group. – cuonglm Aug 10 '14 at 15:25
  • Thanks all, I just logged out and in and it works now. Thanks for the precisions. – Notiggsam Aug 10 '14 at 15:27
  • The /etc/group file is the default way group information is stored. Systems can supplement it with other sources such as YP/NIS and LDAP. The id and getent commands will query whatever source(s) the system uses. (Likewise for /etc/passwd and several other databases). – Keith Thompson Aug 10 '14 at 19:15
  • 2
    That id reads /etc/group in either case is not relevant. id will call getgroups(3), which returns an array of gid_t types (integers) for the current session. id needs to scan the /etc/group file to retrieve the names for the groups (e.g. 100(users), 10(wheel)...). When you give a username to id, it has to open the /etc/passwd file to get the user ID, then it finds groups that this user belongs to in the /etc/group file. – sleblanc Aug 10 '14 at 19:21
  • newgrp - might also be useful. – bishop Aug 10 '14 at 19:54
  • 2
    @slebanc - that's incorrect. If you invoke id with no specific user, it will do as John WH Smith suggested - it will only return groups registered in the current session, and will not utilize /etc/group directly or indirectly. Try it for yourself and see. Add a group to /etc/group for yourself and then run id. You won't see the new group until you logout and login again. Not only that, but as Keith Thompson stated, when getting group names the /etc/group file is only utilized if the nsswitch.conf file lists "files" for the group map. Although that's the default other sources can be configured. – BobDoolittle Mar 24 '16 at 21:19
  • You are not contradicting what sleblanc actually wrote, or the point that sleblanc was making in response to cuonglm, who indeed actually had tried it for xyrself and seen it using /etc/group. – JdeBP Jun 22 '20 at 17:48