IBM 10 SP1 EAL4 Server User Manual


 
5.13.3 Group management
5.13.3.1 groupadd
The groupadd program allows an administrator to create new groups on the system. Refer to the
groupadd man page for more detailed information on usage of the command. groupadd generally
follows these steps:
1. Sets language.
2. Invokes getpwuid (getuid()) to obtain an application user’s passwd structure.
3. Invokes pam_start() to initialize the PAM library, and to identify the application with a particular
service name.
4. Invokes pam_authenticate() to authenticate the application user. Generates an audit record to
log the authentication attempt and its outcome.
5. Invokes pam_acct_mgmt() to perform module-specific account management.
6. Processes command-line arguments.
7. Ensures that the group being created does not already exist.
8. Invokes open_files() to lock and open authentication database files.
9. Invokes grp_update() to update authentication database files with new group information.
Generates audit record to log creation of new group.
10. Invokes close_files() to close the authentication database files.
11. Invokes pam_chauthok() to rejuvenate the user’s authentication tokens.
12. Exits.
200