[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian's 'group' system

tgakem@chem.tue.nl writes:

> Pete Harlan wrote:
> > 
> > This reminds me---Debian has adopted this nice system of every user
> > having his/her own group.  (No sarcasm: It's a Good Thing.)

I agree. It is a good thing.  It is a nice system.  I saw this for the first
time in RedHat and I liked the idea.

> > Everything is then group-writable by default, which is probably what
> > you want.
> Can you enlighten me as to why this should be a Good Thing?

Take my example. My username is alair and my default group is alair. Only user
alair belongs to the group alair.  In this way, all the files can be, by
default, group writable.  I couldn't do that if someone else belongs to my
default group.  I also belong to the group emacs-admin, for instance, and I
want to put/edit/remove some files on site-lisp (owned by the group
emacs-admin with group write permissions).  Anyone who belongs to emacs-admin
should be able to modify my changes.  So my emacs-lisp files should be group
writable.  Since my files are by default group writable, it is sufficient that
I use newgrp to change my group to emacs-admin and I will not need to change
my umask as I used to do.

Better yet, in this example, if the site-lisp directory was setgid (chmod g+s
some-long-path/site-lisp), then any new file inside site-lisp would be owned
by the emacs-lisp group.  Any new directory would also be setgid.  So neither
my command newgrp would be necessary.  Isn't that great?

> To me it
> feels as though the group and user ownerships are now merged into one,
> effectively _removing_ one possibility to differentiate.

As you could see, it is not true that the group and user ownerships are merged
into one since I can change.  In the case where the group has more than me ---
and in some systems (slackware?) the default group is the group users, and
everyone belongs to users --- my files are usually readable by everyone but
writable only by me.  In this case, would be the group and others ownerships

Indeed, if you belong to a group and you prefer your files group readable but
not world readable, you would rather prefer this group to be your default
group. Your default umask would be something like 027.  I guess this situation
is not so usual and I prefer all the files to be world readable, in general.

I hope I didn't do any mistake.  Even in this case, the ideas are here.

> Of course I found
> how to switch it off in /etc/adduser.conf, but I think it should be
> something that adduser should at least _prompt_ about.
> Eric Meijer
>  E.L. Meijer (tgakem@chem.tue.nl)          | tel. office +31 40 2472189
>  Eindhoven Univ. of Technology             | tel. lab.   +31 40 2475032
>  Lab. for Catalysis and Inorg. Chem. (TAK) | tel. fax    +31 40 2455054

Alair Pereira do Lago  <alair@ime.usp.br> <http://www.ime.usp.br/~alair>
Computer Science Department -- Universidade de S~ao Paulo -- Brazil

Reply to: