View Single Post
  #3   (View Single Post)  
Old 19th December 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
Join Date: May 2008
Location: USofA
Posts: 1,547

Well, I'm honestly not sure if there is a real answer to your question; but I'll offer my opinions. The system cares more about UID/GID stuff then names, but most people like names, some are practical, others are likely historical. Note, I'm using /etc/group on my OpenBSD machine here, and there are interesting colations between /etc/group and /etc/login.conf on some unix systems, but I'm not totally sure where login classes and groups connect if at all (little time to spelunk the code :\)

I've never understood why they call GID 0 'wheel', but this helps explain it.

The operator group is fairly logical IMHO. It's not uncommon to use the operator group to grant people the ability to access certain devices, and other things that an operator might need to tinker with -> without being close to the big 0. An example would be mounting backup media.

daemon is of interest to daemons and the rc system, if you look in /etc/login.conf which specifies stuff about the users login class (see login(1)); it changes the limits, etc.

tty is the default group that owns TTY device files for the user when going through the login(1) program (see /usr/src/usr.bin/login/). I don't know if you ever noticed this, but if you've got write permission on the users TTY device, you can litterly do $ echo 'Hi foob' > /dev/ttyp2; the write command basically does this; and the mesg command just chmod's your TTY device to stop messages ;-).

bin is used by binaries for some reason or other. On my OpenBSD system, most things in /bin:/sbin belong to the bin group, as does about half of /usr/bin:/usr/sbin. This includes utilities like chmod, dd, df, hostname, chown, fsck, ifconfig, init, etc. I just took a look on Google, and to qoute the

Originally Posted by The Unix and Internet Fundamentals HOWTO
The ‘bin’ group exists on some Unixes to group together system commands (the name is a historical relic, short for ‘binary’). Your Unix might use a ‘root’ group instead (not quite the same as the ‘root' user!).
Which is more or less the HOWTO that lit my fire for Unix...

staff gets less restrictions and what not, I will usually keep an account around that belongs to staff.

kmem device files related to memory, like /dev/kmem and related seem to be owned by the kmem group; considering how Unix is, if you've ever got a permission error about trying to access a /dev/*mem file while running a program as non-root, odds are the program tried to read from a root:kmwm owned device!

games I would expect is historical, much like the stuff in /usr/games is, and probably originated in BSD or Research UNIX. Several of the things in /usr/share/games; that need manipulation by a games process, but would allow the user to cheat if they could write to them personally.

It's a WSG, but I'd reckon network and dialer are related to the associated thoughts the words express. On OpenBSD: ppp, pppd, and sliplogin are all owned by root:network. Some TTY devices in /dev are owned by uucp:dialer, probably for use by people dialing in over UUCP and related old-stuff.

Things like named, sshd, www, and the common style of things like _syslog, _ftp, etc are all likely used somewhere in the services that share the name.

Most boxes I've seen, usually start new UID/GID after 1000; I would reckon for the same convention, that access to ports 0–1023 are protected from non-privileged folk. And also, to reserve ~1000 UID/GID for use by the operating system lol.

That is the best I can offer you JMJ_coder. If anyone knows or sees any errors in what I've posted here, I would appreciate a public correction! One can only learn so much in 2~3 years about a system that's grown over a lifetime....
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote