14

Is it possible to add a name as a group member when the name has a space? For example "foo bars" is the name and I want it to add to the group called "reindeers".

This group is created in AD and it is quite common for names to have spaces. I won't be able to change the name.

Apologies if this has already been asked here. I just could not find any references. I did find solutions/discussions to adding a username with a space in the sudoers config file by replacing the space with a "_" instead, or escaping the space with a backslash. Not sure if this works with regards to adding it to a group.

Thanks, Mrky

Improve this question
6
  • Did you try "%20"? Commented Nov 1, 2017 at 4:19
  • 1
    You want to add a group (that has a space in it) into another group? How does that work on unix? Commented Nov 1, 2017 at 4:22
  • Won't "%20" be treated literally instead in this case? Commented Nov 1, 2017 at 4:24
  • 5
    Why, for the sake of Church of Emacs, would somebody like to have a username (or group name) with space in it? Commented Nov 1, 2017 at 7:27
  • 1
    @cezar : It's a synagogue, not a church. Commented Mar 19, 2018 at 10:59

8 Answers 8

Reset to default
15

Group and user names aren’t allowed to contain the space character on POSIX-style systems; see Command line login failed with two strings ID in Debian Stretch for references (the restrictions apply to groups as well as users).

In your case you might be able to work around the limitation by managing your groups in AD rather than in /etc/group. But I’d recommend trying to convince the powers that be to drop spaces entirely...

Improve this answer
5

I had a similar problem with group name "domain users" coming from AD. For chown I was able to use group id number instead of group name. For example:

sudo chown -R user1:118600513 /home/user1

where 118600513 is the id for a group "domain users".

Improve this answer
3
  • Using the GID might work for chown (since the group name doesn't really exist at that level), but I don't think this answers the question of how manage user-to-group membership with names like that. Commented Feb 6, 2018 at 10:45
  • @ilkkachu, thanks! I have updated my answer. But you are right - probably it does not help OP. Commented Feb 6, 2018 at 12:50
  • Using gid in place of group name also works with the create command in logrotate, which similarly throws an error when using group names with spaces. I realize this is even more tangential to the question, but this thread is the first search hit I got investigating my issue so perhaps it's permissible. Commented Dec 20, 2024 at 11:13
2

If using sssd to do this AD integration and reference this group and its group membership, sssd has a cute directive in sssd.conf:

override_space = -

This affects the display output only.  So "AD Group" now shows up as ad-group and "AD User" would show up as ad-user.  Then it's trivial to do useradd, write sudoers rules, etc.  Because those AD groups and users no longer have a space in them.

Improve this answer
2
  • This was my problem. After a deep dive in sssd configuration, I found that override_space (in the [sssd] section) solved the problem. Than use_fully_qualified_names = False also masquerade the @my.domain.com in the user name. Don't forget to clear the sssd cache and restart its daemon Commented Jun 12, 2024 at 16:08
  • I opted for override_space = _ since the existing names had hyphens in them Commented Feb 10 at 17:26
0

You can use \ to escape the space char. example:domain\ users

Improve this answer
0

This is not quite a direct answer, but if reindeers is an AD group, then it would seem that user foo bars would need to be added to that group on the domain controller, so that other domain members will be able to recognize foo bars as a member of the group.

But generally, no special handling is necessary for spaces in user or group names, other than double-quoting.

# finger "test user"
Login: test user                Name: Test User
Directory: /nonexistent         Shell: /usr/sbin/nologin
No Mail.
No Plan.
# id "test user"
uid=99563(test user) gid=99563(test user) groups=99563(test user),9999(test group)
# su -m "test user"
$ id
uid=99563(test user) gid=99563(test user) groups=99563(test user),9999(test group)
$ whoami
test user
$ touch /tmp/test; ls -l /tmp/test; 
-rw-r--r--  1 test user  wheel  0 Nov 30 15:00 /tmp/test
$ chgrp "test group" /tmp/test; ls -l /tmp/test
-rw-r--r--  1 test user  test group  0 Nov 30 15:00 /tmp/test
$ find /tmp -group "test group" -ls
 38023    1 -rw-r--r--   1 test user   test group      0 Nov 30 15:00 /tmp/test
Improve this answer
0

Update: It was pointed to me that the question is about username having space, not group name... But since Google points this answer for "how to add user to a group that has space in name" (and frankly I understood it also this way), I'll still leave this snipped.

  1. add a group name without space: groupadd mybestfriends
  2. add users to it: usermod -a -G mybestfriends friend1
  3. edit /etc/group and add spaces: nano /etc/group change line: mybestfriends:x:1003:friend1 to: my best friends:x:1003:friend1
  4. manipulate group with its GID : usermod -a -G 1003 friend2

For now I didn't see no side effects, but YMMV.

Don't forget sudo where applicable.

Improve this answer
2
  • The question is about usernames with spaces: how to add a user, whose login contains a space (“foo bars”), to a group (“reindeers”). Commented Jan 20, 2023 at 23:00
  • Hot damn! You're right! This answer shows at 1st pos in Google for "how to make a group with spaces"... Maybe I will make a note. Unless I should delete it? What do you think? Commented Jan 21, 2023 at 14:20
0

I spent an entire day searching the same topic. Here's what I found and tested on Debian 9 + Samba AD DC 4.5.12:

In order to set sharing folder permission, a somewhat local UNIX group or user must be present.

Option 1: Create Group with GID

I failed to map the GID after creation by net groupmap, but was able to map them at the time of creation by:

groupadd localgroupnamewithoutspace
cat /etc/group
samba-tool group add "Group name with space" --nis-domain=mydomain --gid-number=corresponding gid we just saw in /etc/group
chgrp localgroupnamewithoutspace /path/of/share
chmod 0770 /path/of/share
Option 2: Look up GID of AD group

UNIX groups don't allow space, so set the group of the directory to its GID; it will work.

However, when doing ls -al, it will show the GID number not the AD group or UNIX group name. This could potentially be a problem if multiple groups are nested and assigned in the same large sharing parent directory.

wbinfo --name-to-sid "AD group name with space"
wbinfo --sid-to-gid "Copy from the output above"

It should look like this, and you only need this part S-1-5-21-53980404-2501955692-3283166571-512 then use the GID number when setting permission by chgrp, chmod.

Noted, The above only takes care of AD group and Unix group mapping, the actual ACL and group member permission still requires having proper SeDiskOperatorPrivilege setup, and then configured through Windows Client with account has SeDiskOperatorPrivilege in File Explorer and ADUC.

Improve this answer
-1

I did not try this for group, but to add a space to the user info (a.k.a. GECOS info) with the usermod command, add " " (i.e., quotes with space in between):

usermod  username  -c  User" "Name

e.g.,

usermod  jsmith  -c  John" "Smith
Or, more intuitively, just quote the entire string that contains space(s):

usermod  jsmith  -c  "John Smith"

Or use single quotes ('…') instead of double quotes ("…").

Improve this answer
2
  • 2
    In UNIX parlance, inverted commas are probably more widely known as double quotes. Commented Nov 30, 2021 at 23:13
  • This has nothing to do with this question. Commented Apr 13, 2024 at 16:34

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.