|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
|||
Various Groups -- Information
Hello,
Where can I find information on the various groups (i.e., wheel, guest, etc.)? I know what some are and are for, such as wheel, but I'm looking for information on all of them. I tried using the man pages (i.e., man guest & man -k guest) to no avail -- and I tried google, with very little success.
__________________
And the WORD was made flesh, and dwelt among us. (John 1:14) |
|
||||
That's a tough one! I tried a google search:
Code:
group site:freebsd.org However, I found a couple of links dealing with the operator and wheel groups: http://lists.freebsd.org/pipermail/f...er/138652.html and http://lists.freebsd.org/pipermail/f...er/001724.html For the rest of the groups, I have no idea. I guess you have read chapter 13.8 of the handbook, which doesn't answer your question either. http://www.freebsd.org/doc/en_US.ISO...rs-groups.html |
|
||||
Well, I'm honestly not sure if there is a real answer to your question; but I'll offer my opinions. The system cares more about UID/GID stuff then names, but most people like names, some are practical, others are likely historical. Note, I'm using /etc/group on my OpenBSD machine here, and there are interesting colations between /etc/group and /etc/login.conf on some unix systems, but I'm not totally sure where login classes and groups connect if at all (little time to spelunk the code :\)
I've never understood why they call GID 0 'wheel', but this helps explain it. The operator group is fairly logical IMHO. It's not uncommon to use the operator group to grant people the ability to access certain devices, and other things that an operator might need to tinker with -> without being close to the big 0. An example would be mounting backup media. daemon is of interest to daemons and the rc system, if you look in /etc/login.conf which specifies stuff about the users login class (see login(1)); it changes the limits, etc. tty is the default group that owns TTY device files for the user when going through the login(1) program (see /usr/src/usr.bin/login/). I don't know if you ever noticed this, but if you've got write permission on the users TTY device, you can litterly do $ echo 'Hi foob' > /dev/ttyp2; the write command basically does this; and the mesg command just chmod's your TTY device to stop messages ;-). bin is used by binaries for some reason or other. On my OpenBSD system, most things in /bin:/sbin belong to the bin group, as does about half of /usr/bin:/usr/sbin. This includes utilities like chmod, dd, df, hostname, chown, fsck, ifconfig, init, etc. I just took a look on Google, and to qoute the Quote:
staff gets less restrictions and what not, I will usually keep an account around that belongs to staff. kmem device files related to memory, like /dev/kmem and related seem to be owned by the kmem group; considering how Unix is, if you've ever got a permission error about trying to access a /dev/*mem file while running a program as non-root, odds are the program tried to read from a root:kmwm owned device! games I would expect is historical, much like the stuff in /usr/games is, and probably originated in BSD or Research UNIX. Several of the things in /usr/share/games; that need manipulation by a games process, but would allow the user to cheat if they could write to them personally. It's a WSG, but I'd reckon network and dialer are related to the associated thoughts the words express. On OpenBSD: ppp, pppd, and sliplogin are all owned by root:network. Some TTY devices in /dev are owned by uucp:dialer, probably for use by people dialing in over UUCP and related old-stuff. Things like named, sshd, www, and the common style of things like _syslog, _ftp, etc are all likely used somewhere in the services that share the name. Most boxes I've seen, usually start new UID/GID after 1000; I would reckon for the same convention, that access to ports 0–1023 are protected from non-privileged folk. And also, to reserve ~1000 UID/GID for use by the operating system lol. That is the best I can offer you JMJ_coder. If anyone knows or sees any errors in what I've posted here, I would appreciate a public correction! One can only learn so much in 2~3 years about a system that's grown over a lifetime....
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
TerryP did a good job explaining this, but... as implied, it's kinda OS/vendor specific.
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Pre-installed Groups: What are they for? | Greg_Morgan | OpenBSD General | 5 | 11th October 2009 01:05 AM |
groups.google.com down? | jb_daefo | Off-Topic | 2 | 23rd September 2008 03:37 AM |
ezjail /usr/home users and groups question | neurosis | FreeBSD Security | 7 | 8th September 2008 08:40 PM |
Ports - cofiguration information | jaymax | FreeBSD Ports and Packages | 6 | 25th June 2008 10:40 AM |
Copyright information | erno | NetBSD General | 2 | 6th May 2008 04:16 PM |