This manual page is part of the POSIX Programmer's Manual. The Linux
implementation of this interface may differ (consult the corresponding Linux
manual page for details of Linux behavior), or the interface may not be
implemented on Linux.
newgrp — change to a new group
newgrp [−l] [group]
utility shall create a new shell execution environment with a
new real and effective group identification. Of the attributes listed in
, Shell Execution Environment
, the new shell
execution environment shall retain the working directory, file creation mask,
and exported variables from the previous environment (that is, open files,
traps, unexported variables, alias definitions, shell functions, and
options may be lost). All other aspects of the process environment
that are preserved by the exec
family of functions defined in the
System Interfaces volume of POSIX.1‐2008 shall also be preserved by
; whether other aspects are preserved is unspecified.
A failure to assign the new group identifications (for example, for security or
password-related reasons) shall not prevent the new shell execution
environment from being created.
utility shall affect the supplemental groups for the process
- On systems where the effective group ID is normally in the
supplementary group list (or whenever the old effective group ID actually
is in the supplementary group list):
- If the new effective group ID is also in the supplementary
group list, newgrp shall change the effective group ID.
- If the new effective group ID is not in the supplementary
group list, newgrp shall add the new effective group ID to the
list, if there is room to add it.
- On systems where the effective group ID is not normally in
the supplementary group list (or whenever the old effective group ID is
not in the supplementary group list):
- If the new effective group ID is in the supplementary group
list, newgrp shall delete it.
- If the old effective group ID is not in the supplementary
list, newgrp shall add it if there is room.
- The System Interfaces volume of POSIX.1‐2008 does
not specify whether the effective group ID of a process is included in its
supplementary group list.
With no operands, newgrp
shall change the effective group back to the
groups identified in the user's user entry, and shall set the list of
supplementary groups to that set in the user's group database entries.
If the first argument is '−'
, the results are unspecified.
If a password is required for the specified group, and the user is not listed as
a member of that group in the group database, the user shall be prompted to
enter the correct password for that group. If the user is listed as a member
of that group, no password shall be requested. If no password is required for
the specified group, it is implementation-defined whether users not listed as
members of that group can change to that group. Whether or not a password is
required, implementation-defined system accounting or security mechanisms may
impose additional authorization restrictions that may cause newgrp
write a diagnostic message and suppress the changing of the group
utility shall conform to the Base Definitions volume of
POSIX.1‐2008, Section 12.2
, Utility Syntax Guidelines
except for the unspecified usage of '−'
The following option shall be supported:
- (The letter ell.) Change the environment to what would be
expected if the user actually logged in again.
The following operand shall be supported:
- A group name from the group database or a non-negative
numeric group ID. Specifies the group ID to which the real and effective
group IDs shall be set. If group is a non-negative numeric string
and exists in the group database as a group name (see getgrnam()),
the numeric group ID associated with that group name shall be used as the
The file /dev/tty
shall be used to read a single line of text for
password checking, when one is required.
The following environment variables shall affect the execution of newgrp
- Provide a default value for the internationalization
variables that are unset or null. (See the Base Definitions volume of
POSIX.1‐2008, Section 8.2, Internationalization
Variables for the precedence of internationalization variables used to
determine the values of locale categories.)
- If set to a non-empty string value, override the values of
all the other internationalization variables.
- Determine the locale for the interpretation of sequences of
bytes of text data as characters (for example, single-byte as opposed to
multi-byte characters in arguments).
Determine the locale that should be used to affect the format and contents
of diagnostic messages written to standard error.
- Determine the location of message catalogs for the
processing of LC_MESSAGES.
The standard error shall be used for diagnostic messages and a prompt string for
a password, if one is required. Diagnostic messages may be written in cases
where the exit status is not available. See the EXIT STATUS section.
succeeds in creating a new shell execution environment, whether
or not the group identification was changed successfully, the exit status
shall be the exit status of the shell. Otherwise, the following exit value
shall be returned:
- An error occurred.
The invoking shell may terminate.
The following sections are informative.
There is no convenient way to enter a password into the group database. Use of
group passwords is not encouraged, because by their very nature they encourage
poor security practices. Group passwords may disappear in the future.
A common implementation of newgrp
is that the current shell uses
to overlay itself with newgrp
, which in turn overlays
itself with a new shell after changing group. On some implementations,
however, this may not occur and newgrp
may be invoked as a subprocess.
command is intended only for use from an interactive terminal.
It does not offer a useful interface for the support of applications.
The exit status of newgrp
is generally inapplicable. If newgrp
used in a script, in most cases it successfully invokes a new shell and the
rest of the original shell script is bypassed when the new shell exits. Used
displays diagnostic messages to indicate
problems. But usage such as:
is not useful because the new shell might not have access to any status
may have generated (and most historical systems do not provide
this status). A zero status echoed here does not necessarily indicate that the
user has changed to the new group successfully. Following newgrp
command provides a portable means of determining whether the
group change was successful or not.
Most historical implementations use one of the exec
implement the behavior of newgrp
. Errors detected before the
leave the environment unchanged, while errors detected after the
leave the user in a changed environment. While it would be useful
to have newgrp
issue a diagnostic message to tell the user that the
environment changed, it would be inappropriate to require this change to some
The password mechanism is allowed in the group database, but how this would be
implemented is not specified.
utility was retained in this volume of POSIX.1‐2008,
even given the existence of the multiple group permissions feature in the
System Interfaces volume of POSIX.1‐2008, for several reasons. First,
in some implementations, the group ownership of a newly created file is
determined by the group of the directory in which the file is created, as
allowed by the System Interfaces volume of POSIX.1‐2008; on other
implementations, the group ownership of a newly created file is determined by
the effective group ID. On implementations of the latter type, newgrp
allows files to be created with a specific group ownership. Finally, many
implementations use the real group ID in accounting, and on such systems,
allows the accounting identity of the user to be changed.
, Shell Command Language
The Base Definitions volume of POSIX.1‐2008, Chapter 8
, Section 12.2
, Utility Syntax
The System Interfaces volume of POSIX.1‐2008, exec
Portions of this text are reprinted and reproduced in electronic form from IEEE
Std 1003.1, 2013 Edition, Standard for Information Technology -- Portable
Operating System Interface (POSIX), The Open Group Base Specifications Issue
7, Copyright (C) 2013 by the Institute of Electrical and Electronics
Engineers, Inc and The Open Group. (This is POSIX.1-2008 with the 2013
Technical Corrigendum 1 applied.) In the event of any discrepancy between this
version and the original IEEE and The Open Group Standard, the original IEEE
and The Open Group Standard is the referee document. The original Standard can
be obtained online at http://www.unix.org/online.html .
Any typographical or formatting errors that appear in this page are most likely
to have been introduced during the conversion of the source files to man page
format. To report such errors, see