Hi!

I'm writing a script in which I need to use the command
newgrp <group>
After the newgrp command I need to execute a bunch of other commands and scripts.

However, if I for example use

#!/bin/sh
newgrp <group>
script1.sh
command1
script2.sh

newgrp will create a new shell and the remaining commands will not be run until after the newgrp command returns which is not what I want. I want the commands to be run from within the new shell created by newgrp.

Simply changing my login to use <group> as my primary group is not an option since it's in a corporate environment and I do not have access to do those changes.

I saw an example that looked something like

newgrp group << ENDGRP
script1.sh
command1
script2.sh
ENDGRP

but I couldn't get that working. I don't even fully understand what it's supposed to be doing though I guess it would be some kind of redirection/piping of the commands or something...

Also tried a futile
newgrp <group> script.sh

The newgrp man page doesn't reveal anything regarding this issue and I was unable to find any helpful information on google or elsewhere on this forum.

Anybody got a clue how to do this or is there some other way to change the current primary group?

Thanks

If newgrp is creating a subshell, then getting your scripts and commands to run within that environment is dependent on some sort of inter process communication.

If newgrp is itself a script of some sort, posting the source would be most helpful.


I saw an example that looked something like
Code:

newgrp group << ENDGRP script1.sh command1 script2.sh ENDGRP

but I couldn't get that working. I don't even fully understand what it's supposed to be doing though I guess it would be some kind of redirection/piping of the commands or something...

The << [word] syntax is called a Here Document. It will pass anything up to [word] to the stdin of the process preceding it, and the contents of that block will be passed verbatim, with variables expanded. More information on this is found in the bash man page under Here Documents.

However, this will only work for you if the newgrp process is written to take newline delimited commands from stdin and execute them. That form of IPC would be effective for accomplishing your task, but newgrp needs to be aware of it.

newgrp is a C program that's part of the shadow package. It's like su for groups.

And here's the helpful bit: By looking at the shadow source code, I see that it installs newgrp under two different names: newgrp and sg. By looking at the src/newgrp.c file, I see that if you use the sg name and provide the -c option, it will run whatever command you pass after -c under the new GID. I also see that when it's called as newgrp, it ignores -c.

So to do what you need, you have to use sg instead of newgrp, and you need to do it like this:

sg <group> -c "script1.sh && command1 && script2.sh"

Thanks alot!

Now that I new what I was looking for I got it working quite fast... The "Here document" way was the way to go for me. After knowing how Here document worked it was quite straightforward.

The sg command was not available for me. Probably because I run the script on Solaris. The newgrp command seems to work the same way according to its documentation both on Solaris and Linux though.

Well, you could just switch the OS on that machine to Linux... *ducks*

:p

Good that the here-document worked, at least. I doubt that shadow will install on Solaris, so even if you did convince whoever admins this machine that shadow was better than whatever Solaris provides (because it lets you use -c), I doubt they'd be able to install shadow as long as the underlying OS is still Solaris. Too bad...

Well, you could just switch the OS on that machine to Linux... *ducks*

Oh if only I could... :)

I did find an even simpler solution though. Apparently there was a "setgroup" command available in Solaris, which I didn't have in Linux. The setgroup cmd lets me change the primary group without creating a new shell so I'm sticking to that now. =)