You can use the following commands to display information about groups and the users who belong to them:
To display the members of a group, or the groups to which a user belongs, use the pts membership command.
To display the groups that a user or group owns, use the pts listowned command.
To display general information about a user or group, including its name, AFS ID, creator, and owner, use the pts examine command.
The system:anyuser and system:authuser system groups do not appear in a user's list of group memberships, and the pts membership command does not display their members. For more information on the system groups, see Using the System Groups on ACLs.
Issue the pts membership command to display the members of a group, or the groups to which a user belongs.
% pts membership <user or group name or id
>+
where user or group name or id
specifies the name or AFS UID of each user for which to
display group membership, or the name or AFS GID of each group for which to display the members. If identifying a group by its
AFS GID, precede the GID with a hyphen (-) to indicate that it is a negative number.
The following example displays the members of the group terry:team.
% pts membership terry:team
Members of terry:team (id: -286) are:
terry
smith
pat
johnson
The following example displays the groups to which users terry and pat belong.
% pts membership terry pat
Groups terry (id: 1022) is a member of:
smith:friends
pat:accounting
terry:team
Groups pat (id: 1845) is a member of:
pat:accounting
sam:managers
terry:team
Issue the pts listowned command to display the groups that a user or group owns.
% pts listowned <user or group name or id
>+
where user or group name or id
specifies the name or AFS UID of each user, or the name or AFS
GID of each group, for which to display group ownership. If identifying a group by its AFS GID, precede the GID with a hyphen
(-) to indicate that it is a negative number.
The following example displays the groups that the group terry:team owns.
% pts listowned -286
Groups owned by terry:team (id: -286) are:
terry:project
terry:planners
The following example displays the groups that user pat owns.
% pts listowned pat
Groups owned by pat (id: 1845) are:
pat:accounting
pat:plans
Issue the pts examine command to display general information about a user or group, including its name, AFS ID, creator, and owner.
% pts examine <user or group name or id
>+
where user or group name or id
specifies the name or AFS UID of each user, or the name or AFS
GID of each group, for which to display group-related information. If identifying a group by its AFS GID, precede the GID with
a hyphen (-) to indicate that it is a negative number.
The output includes information in the following fields:
Name
For users, this is the character string typed when logging in. For machines, the name is the IP address; a zero in
address field acts as a wildcard, matching any value. For most groups, this is a name of the form
owner_name
:group_name
. Some
groups created by your system administrator do not have the owner_name
prefix. See Group Names.
id
This is a unique identification number that the AFS server processes use internally. It is similar in function to a UNIX UID, but operates in AFS rather than the UNIX file system. Users and machines have positive integer AFS user IDs (UIDs), and groups have negative integer AFS group IDs (GIDs).
owner
This is the user or group that owns the entry and so can administer it.
creator
The name of the user who issued the pts createuser and pts creategroup command to create the entry. This field is useful mainly as an audit trail and cannot be changed.
membership
For users and machines, this indicates how many groups the user or machine belongs to. For groups, it indicates how many members belong to the group. This number cannot be set explicitly.
flags
This field indicates who is allowed to list certain information about the entry or change it in certain ways. See Protecting Group-Related Information.
group quota
This field indicates how many more groups a user is allowed to create. It is set to 20 when a user entry is created. The creation quota for machines or groups is meaningless because it not possible to authenticate as a machine or group.
The following example displays information about the group pat:accounting, which includes members of the department that pat manages. Notice that the group is self-owned, which means that all of its members can administer it.
% pts examine pat:accounting
Name: pat:accounting, id: -673, owner: pat:accounting, creator: pat,
membership: 15, flags: S-M--, group quota: 0
The following example displays group-related information about user pat. The two most
interesting fields are membership
, which shows that pat
belongs to 12 groups, and group quota
, which shows that pat
can create another 17 groups.
% pts examine pat
Name: pat, id: 1045, owner: system:administrators, creator: admin,
membership: 12, flags: S-M--, group quota: 17