View Single Post
  #2   (View Single Post)  
Old 8th October 2009
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
Join Date: May 2008
Location: USofA
Posts: 1,546

Q1: one has a GID of 10, another has a GID of 5, and the other a GID of 20. This is basically what the operating system sees with regard to membership within a 'group'.

Q2: some have specialized uses, OpenBSD seems to like daemon related groups to start with an _, but in general a group is for whatever you make of it. login.conf on my system notes what purposes the login classes & groups serve for: daemon is used by programs, staff has fewer restrictions, authpf deals with authpf, operator can do somethings that others shouldn't: like update /etc/dumpdates when dumping the system. Many programs in the /bin:/usr/bin:/sbin:/usr/sbin directories are owned by root:bin by default. TTY device files are often owned by root or uucp, with groups of dialer or wheel. Commands like write and talk, work by reading and writing to the users TTY device file, a tty group and a simple control of file permissions works wonders (mesg just didles this):

Terry@vectra$ ls -l $(tty)
crw--w----  1 Terry  tty    5,   0 Oct  8 02:55 /dev/ttyp0

Q3: login.conf describes authentication and resource limits, these can be useful for example, to prevent a daemon from burning so much resources that it denies other processes access to resources (like memory or fork bombs). The manual page describes it more so. Also when you create a user, you specify their default group, which is the GID entry saved in the passwd database.

Q4: When you want too! Although when appropriate would be wiser. Look at login.conf and perhaps, the login source code as well.
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote