Isn't it strange how the process of explaining a problem has a habit of solving it!
I was of course talking total nonsense. The reason that I couldn't get this to work was that I had misunderstood the format of the /etc/groups file.
So for anyone else trying to do this here is the snippet I missed.
Each individual entry in /etc/group consists of a single line having the following form:
group-name:x:GID:additional-users
The meanings of these fields are:
group-name: A name identifying the group. For example, a development group that is working on new simulation software might have the group-name simulation.
"!": The second field is the traditional group password field. It holds an exclamation point when a group password file is in use (see below), as is usually the case under Linux.
GID: This is the group's identification number. User groups generally start numbering at 100. Note that usernames and group names are independent of each other, even when the same name is both a username and a group name. Similarly, UIDs and GIDs sharing the same numerical value have absolutely no inherent, system-recognized relation to one another either, although the system administrator may choose to assign them in analogous ways).
additional users: This field lists all of the users and groups that will have access to this group's files in addition to those users belonging to the group by virtue of /etc/passwd. (These users do not need to be listed.) Note the correct syntax -- usernames must be separated by commas, but no spaces may appear within the list.
Here are some typical entries from an /etc/group file:
chem:x:200:root,williams,wong,jones
bio:x:300:root,chavez,harvey
genome:!:360:root
The first line defines the chem group. It assigns the group identification number (GID) 200 to this group. Linux will allow all members of group 200 plus the additional users williams, wong, jones, and root to access this group's files. The bio and genome groups are also defined, with GIDs of 300 and 360, respectively. Users chavez and harvey have access to the bio group's files, and root can access files of both groups.
