It's known that all users are members of the 'staff' group. If you setup a standard user and create any file, a list of that file in the terminal with 'ls -la' shows the user group to be 'staff'.

Using the dscacheutil command, we can see information about groups. For example: -

dscacheutil -q group -a name admin

This returns information about the admin group, including all the members.

However, when used to look at the 'staff' group, I expected to see standard users as members of the group, but this is not the case: -

dscacheutil -q group -a name staff

name: staff
password: *
gid: 20
users: root

So, if all standard users are members in the staff group, why do they not appear here?

Is there another command which can show the real members of the staff group?


There's only one reliable way to get all members of a group in OS X and the reply from 2DD8847 covers that. As for "why" I can't offer a logical explanation. All I can tell you is what differentiates the results.

These approaches fail to include users that are only members of the group via PrimaryGroupID. One way to think of it is that these users not listed weren't officially added to the staff group. They were just given a PrimaryGroupID that matches the staff gid. Therefore they're not officially listed with some commands. I know, it's absurd.

INCOMPLETE RESULTS:

dscl . -read /Groups/[groupname]
dscl . -read /Groups/[groupname] GroupMembership
dscacheutil -q group -a name [groupname]

COMPLETE RESULTS:

dscl . -list /Users PrimaryGroupID | grep [gid]

All I can really tell you is that without looking up group members by their PrimaryGroupID (instead of listing members of a group) it won't give you complete results. Chalk it up to the oddities of Unix. There are many.

Hope that helps!

Source


What exactly do you want to achieve/do?

This command lists all users in the staff group:

dscl . -list /Users PrimaryGroupID | grep ' 20$'

Source

Explanation: The staff group has the PrimaryGroupID of 20.