[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Converting /home/* from Susie to Debian

On Tue, Oct 22, 2002 at 11:38:23PM +1000, Garry Byrne wrote:
> At 02:00 PM 10/22/2002 +0200, Adrian 'Dagurashibanipal' von Bidder wrote:
> >To my knowledge there is nothing in Debian depending on a one group per
> >user setup. So the transition might be easier if you just changed the
> >default to match your old policy, i.e. one group for all users.

I'm sure there must be massive list archive threads about this...

AFAIK, the main benefit of an extra group per user is it allows you to have
communal work directories with 'g+rws' permissions and users with umask
'002' without sacrificing security. Any files created by a user with umask
'002' will be writeable by the group that owns it. In the communal area with
'g+s' this means the group that owns the directory. In any other directory
without 'g+s' permissions, this will be the user's own group... ie just the
one user.

If this is just a mail server, then the whole "communal work area" concept
is not really applicable so you are probably better off to put them all in
one group. It might pay however to give any special admin users their own
unique group so that they can take advantage of "group admin directories".

ABO: finger abo@minkirri.apana.org.au for more info, including pgp key

Reply to: