summaryrefslogtreecommitdiffstats
path: root/docs/GROUP_RECORD.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/GROUP_RECORD.md')
-rw-r--r--docs/GROUP_RECORD.md61
1 files changed, 29 insertions, 32 deletions
diff --git a/docs/GROUP_RECORD.md b/docs/GROUP_RECORD.md
index f463b0a..c055e49 100644
--- a/docs/GROUP_RECORD.md
+++ b/docs/GROUP_RECORD.md
@@ -8,23 +8,23 @@ SPDX-License-Identifier: LGPL-2.1-or-later
# JSON Group Records
Long story short: JSON Group Records are to `struct group` what
-[JSON User Records](USER_RECORD) are to `struct passwd`.
+[JSON User Records](/USER_RECORD) are to `struct passwd`.
-Conceptually, much of what applies to JSON user records also applies to JSON
-group records. They also consist of seven sections, with similar properties and
+Conceptually, much of what applies to JSON user records also applies to JSON group records.
+They also consist of seven sections, with similar properties and
they carry some identical (or at least very similar) fields.
## Fields in the `regular` section
-`groupName` → A string with the UNIX group name. Matches the `gr_name` field of
-UNIX/glibc NSS `struct group`, or the shadow structure `struct sgrp`'s
-`sg_namp` field.
+`groupName` → A string with the UNIX group name.
+Matches the `gr_name` field of UNIX/glibc NSS `struct group`,
+or the shadow structure `struct sgrp`'s `sg_namp` field.
-`realm` → The "realm" the group belongs to, conceptually identical to the same
-field of user records. A string in DNS domain name syntax.
+`realm` → The "realm" the group belongs to, conceptually identical to the same field of user records.
+A string in DNS domain name syntax.
-`description` → A descriptive string for the group. This is similar to the
-`realName` field of user records, and accepts arbitrary strings, as long as
+`description` → A descriptive string for the group.
+This is similar to the `realName` field of user records, and accepts arbitrary strings, as long as
they follow the same GECOS syntax requirements as `realName`.
`disposition` → The disposition of the group, conceptually identical to the
@@ -33,39 +33,36 @@ same field of user records. A string.
`service` → A string, an identifier for the service managing this group record
(this field is typically in reverse domain name syntax.)
-`lastChangeUSec` → An unsigned 64-bit integer, a timestamp (in µs since the UNIX
-epoch 1970) of the last time the group record has been modified. (Covers only
-the `regular`, `perMachine` and `privileged` sections).
+`lastChangeUSec` → An unsigned 64-bit integer, a timestamp
+(in µs since the UNIX epoch 1970) of the last time the group record has been modified.
+(Covers only the `regular`, `perMachine` and `privileged` sections).
-`gid` → An unsigned integer in the range 0…4294967295: the numeric UNIX group
-ID (GID) to use for the group. This corresponds to the `gr_gid` field of
-`struct group`.
+`gid` → An unsigned integer in the range 0…4294967295: the numeric UNIX group ID (GID) to use for the group.
+This corresponds to the `gr_gid` field of `struct group`.
-`members` → An array of strings, listing user names that are members of this
-group. Note that JSON user records also contain a `memberOf` field, or in other
+`members` → An array of strings, listing user names that are members of this group.
+Note that JSON user records also contain a `memberOf` field, or in other
words a group membership can either be denoted in the JSON user record or in
-the JSON group record, or in both. The list of memberships should be determined
-as the combination of both lists (plus optionally others). If a user is listed
-as member of a group and doesn't exist it should be ignored. This field
-corresponds to the `gr_mem` field of `struct group` and the `sg_mem` field of
-`struct sgrp`.
+the JSON group record, or in both.
-`administrators` → Similarly, an array of strings, listing user names that
-shall be considered "administrators" of this group. This field corresponds to
-the `sg_adm` field of `struct sgrp`.
+The list of memberships should be determined as the combination of both lists (plus optionally others).
+If a user is listed as member of a group and doesn't exist it should be ignored.
+This field corresponds to the `gr_mem` field of `struct group` and the `sg_mem` field of `struct sgrp`.
+
+`administrators` → Similarly, an array of strings, listing user names that shall be considered "administrators" of this group.
+This field corresponds to the `sg_adm` field of `struct sgrp`.
`privileged`/`perMachine`/`binding`/`status`/`signature`/`secret` → The
-objects/arrays for the other six group record sections. These are organized the
-same way as for the JSON user records, and have the same semantics.
+objects/arrays for the other six group record sections.
+These are organized the same way as for the JSON user records, and have the same semantics.
## Fields in the `privileged` section
The following fields are defined:
-`hashedPassword` → An array of strings with UNIX hashed passwords; see the
-matching field for user records for details. This field corresponds to the
-`sg_passwd` field of `struct sgrp` (and `gr_passwd` of `struct group` in a
-way).
+`hashedPassword` → An array of strings with UNIX hashed passwords;
+see the matching field for user records for details.
+This field corresponds to the `sg_passwd` field of `struct sgrp` (and `gr_passwd` of `struct group` in a way).
## Fields in the `perMachine` section