I'd like to create a admin group (adm), and have some
questions. But first, my goals:
Ultimately, I want to have 2 accounts for myself (1 being root,
the other being a normal user.) I also would like to create
a few accounts for friends. My normal user account will
be added to the member of the "adm" group.
1) What is the best way to prevent other users (except for my
normal user) from running programs like dmesg? I suppose
I could always chgrp the programs to "adm", and change
permissions to -rwxr-x---. Is this the recommended way?
2) How does Debian's package management system deal with this?
Am I going to have to reset my permissions/groups after
every "apt-get upgrade"?
3) Some versions are said to "not support the wheel group".
how is this possible? If I've set the group of the file
to "wheel" (or "adm" in this case), and the permissions
to -rwxr-x---, then how can the su executable get around this?
4) What binaries do you suggest putting in the "adm" group?
thanks in advance,