Re: exploring debian's users and groups
On Tuesday 07 Aug 2001 6:35 am, Joey Hess wrote:
>
> bin:
>
> HELP: No files on my system are owned by user or group bin. What
> good are they? Historically they were probably the owners of
> binaries in /bin? It is not mentioned in the FHS, debian
> policy, or the changelog of base-passwd or base-files.
The only files on my system owned by bin:bin are in the unpacked
sources for cdrtools, but that hardly counts.
>
> sys:
>
> HELP: As with bin, except I don't even know what it was good for
> historically.
>
I have /dev/vcs[1-6] and /dev/vcsa[1-6], and /var/spool/cups. All
group sys, but user root for the stuff in /dev, and user lp for the
stuff in /var/cups
>
> games:
>
> Many games are sgid to games so they can write their high score
> files. This is explained in policy.
>
> HELP: My system has no files owned by user games, and I don't see
> the point of the user, aside from symmetry.
>
It would appear that only spellcast uses the user:
clothcat:/# find . -user games
./usr/games/spellcast
./var/games/spellcast
> man:
>
> The man program (sometimes) runs as user man, so it can write cat
> pages to /var/cache/man
>
> HELP: My system has no files owned by user man, and I don't see
> the point of the user, aside from symmetry.
My system has quite a lot of files owned by user man, mostly in /proc,
which hardly count, but a fair few directories in /var/cache/man, and
/usr/lib/mandb/man and /usr/lib/mandb/mandb. Total number of files and
directories owned by man is:
clothcat:/# find . -user man | wc -l
48
>
> lp:
>
> HELP: I assume it's used by lpr, as I have not owned a printer in
> years and have not used lpr in longer, I can't say what
> exactly the user is used for or what the group is used for.
> Or is the idea to make the printer device owned by one or the
> other, to let eg, users in group lp cat files to it directly?
user lp appears to own /var/spool/lpd and /var/spool/cups on my system.
Presumably so it can write files to there. group lp owns lots of
devices in /dev, the paralell ports basically, all the stuff in
/var/spool/lpd and, strangely a lot of stuff in /var/spool/texmf. It
also owns its logs in /var/log.
> operator:
>
> HELP: No files owned by it here, what's it good for?
Historical reasons I suspect
> dialout:
>
> HELP: Is this used for /dev/cua devices or something?
It is used so that unpriveleged users can be added to the group dialout
and be able to use the modem devices, that is what I use it for here
anyway. I am afraid I don't recall if it was as simple as just adding
the user to the group, or if I had to do some playing with permissions
as well, sorry. The group dip appears to have a similar function. It
is entirely possible that I added users to dialout, and when that
didn't work added them to dip as well. Curse my crap memory.
>
> fax:
>
> HELP: ?
I imagine similarly, although I don't use fax from this box.
> dip:
>
> HELP: WHat did this group's name signify? DIaluP?
>
> pppd may only be run by users in the dip group (and by root of
> course).
>
>From V.E.R.A. -- Virtual Entity of Relevant Acronyms 13 March 2001
[vera]:
DIP
Dial-up Internet Protocol (Linux)
> staff:
>
> HELP: So, /usr/local and /var/local are owned by it, but how's it
> differ from say, adm, and what's the historical meaning, and
> the current purpose?
Historically it was used to allow staff users write access to certain
directories. I was in group staff when I was at college and was
testing the new unix machine, it allowed me to write to any student
$HOME directory (the rationale being that eventually it was planned
that all assignments for CS courses would be handed in electronically
and the tutor would hand it back by dumping it in $HOME. Sounds like a
really silly way to do it now, but at the time it sounded a lot better
:)
Hope some of that has been of help anyway
--
Stephen Stafford
GPG public key on request
Reply to: