group(5) [mojave man page]
GROUP(5) BSD File Formats Manual GROUP(5) NAME
group -- format of the group permissions file DESCRIPTION
The file </etc/group> consists of newline separated ASCII records, one per group, containing four colon ':' separated fields. These fields are as follows: group Name of the group. passwd Group's encrypted password. gid The group's decimal ID. member Group members. The group field is the group name used for granting file access to users who are members of the group. The gid field is the number associ- ated with the group name. They should both be unique across the system (and often across a group of systems) since they control file access. The passwd field is an optional encrypted password. This field is rarely used and an asterisk is normally placed in it rather than leaving it blank. The member field contains the names of users granted the privileges of group. The member names are separated by commas without spaces or newlines. A user is automatically in a group if that group was specified in their /etc/passwd entry and does not need to be added to that group in the /etc/group file. INTERACTION WITH DIRECTORY SERVICES
Processes generally find group records using one of the getgrent(3) family of functions. On Mac OS X, these functions interact with the DirectoryService(8) daemon, which reads the /etc/group file as well as searching other directory information services to determine groups and group membership. FILES
/etc/group SEE ALSO
passwd(1), setgroups(2), crypt(3), getgrent(3), initgroups(3), passwd(5), DirectoryService(8) BUGS
The passwd(1) command does not change the group passwords. HISTORY
A group file format appeared in Version 6 AT&T UNIX. Mac OS X July 18, 1995 Mac OS X
Check Out this Related Man Page
GSHADOW(5) File Formats and Conversions GSHADOW(5) NAME
gshadow - shadowed group file DESCRIPTION
/etc/gshadow contains the shadowed information for group accounts. This file must not be readable by regular users if password security is to be maintained. Each line of this file contains the following colon-separated fields: group name It must be a valid group name, which exist on the system. encrypted password Refer to crypt(3) for details on how this string is interpreted. If the password field contains some string that is not a valid result of crypt(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password). The password is used when a user who is not a member of the group wants to gain the permissions of this group (see newgrp(1)). This field may be empty, in which case only the group members can gain the group permissions. A password field which starts with an exclamation mark means that the password is locked. The remaining characters on the line represent the password field before the password was locked. This password supersedes any password specified in /etc/group. administrators It must be a comma-separated list of user names. Administrators can change the password or the members of the group. Administrators also have the same permissions as the members (see below). members It must be a comma-separated list of user names. Members can access the group without being prompted for a password. You should use the same list of users as in /etc/group. FILES
/etc/group Group account information. /etc/gshadow Secure group account information. SEE ALSO
gpasswd(5), group(5), grpck(8), grpconv(8), newgrp(1). shadow-utils 4.5 01/25/2018 GSHADOW(5)