naftoli@aecom.UUCP (Robert Berlinger) (07/24/84)
Why were such pains taken to make the newgrp(1) command overlay
the current shell? It seems to me that it's more natural to have it
fork off a seperate shell just like su(1) does. In fact, I prefer
it that way. Anyone else have any comments?
--
Robert Berlinger
...{philabs,cucard,pegasus,ihnp4,rocky2}!aecom!naftoli
"If you're not where you are, you're nowhere"dave@utcsrgv.UUCP (Dave Sherman) (07/30/84)
In article <753@aecom.UUCP> naftoli@aecom.UUCP (Robert Berlinger) writes:
~| Why were such pains taken to make the newgrp(1) command overlay
~| the current shell? It seems to me that it's more natural to have it
~| fork off a seperate shell just like su(1) does. In fact, I prefer
~| it that way. Anyone else have any comments?
First off, please don't start a discussion in both net.unix
and net.unix-wizards. Most people who read one read the other
anyway, and it causes duplication on the ARPA mailing lists
and for those who read news in certain ways. I'm continuing
this in net.unix only.
I would not want newgrp to work like su. Someone who needs
access to various groups' permission may want to change his
current access several times during a session, without
leaving a trail of sleeping shells in the background (using
up process slots, among other things). You should not have
to type ctrl-D umpteen times to log off, when all you've done
is change your group permissions.
This is rather different from su, were, for a (presumably
limited) period of time, you are masquerading as someone else
for the purposes of permissions and it is implicit that when
done with whatever you needed su for, you will return to
being yourself. With newgrp you are still yourself.
Dave Sherman
Toronto
--
{allegra,cornell,decvax,ihnp4,linus,utzoo}!utcsrgv!davebsa@ncoast.UUCP (The WITNESS) (08/06/84)
Maybe a "sg" command should be supplied, analogous to su. On our system,
certain users have access to a special group "prckill" which is used only
temporarily (for security reasons on dialup lines) to forcibly logout abusive
public-access users of the system without giving out the root password. (It
allows use of a root-setuid, group-only execute file.) Currently, to use it
I use an alias in my csh:
alias drop '(echo "hangup \!*" | newgrp prckill)'
but most users on our system are not willing to put up with the old (2.9?)
csh we have, or for various reasons do not wish to run csh, and it would be
much easier to say "sg prckill -c 'hangup ...'" than to have to play games
with newgrp.
--
Brandon Allbery: decvax!cwruecmp{!atvax}!bsafw
6504 Chestnut Road, Independence, OH 44131
Witness, n. To watch and learn, joyously.mwm@ea.UUCP (08/07/84)
#R:aecom:-75300:ea:13400012:000:941
ea!mwm Aug 7 01:49:00 1984
/***** ea:net.unix / aecom!naftoli / 9:31 am Jul 29, 1984 */
Why were such pains taken to make the newgrp(1) command overlay
the current shell? It seems to me that it's more natural to have it
fork off a seperate shell just like su(1) does. In fact, I prefer
it that way. Anyone else have any comments?
--
Robert Berlinger
...{philabs,cucard,pegasus,ihnp4,rocky2}!aecom!naftoli
"If you're not where you are, you're nowhere"
/* ---------- */
There are reasons for not wanting it to do behave that one. One good one
is that you can make it behave that way if you want to. With csh, try
adding "alias newgrp /bin/newgrp" to your .login. Worked like a charm on 4.1
(4.2 doesn't have newgrp, so I can't test it).
As to why you might want this: I create multiple shells with different
accesses, and use process control to bounce around among them to work on
different things. I assume that layers would let you do similar things.
<mike