Re: Groups and what not 2.

To: Hans <hansfong@zonnet.nl>
Cc: debian-user@lists.debian.org
Subject: Re: Groups and what not 2.
From: Dave Sherohman <esper@usinternet.com>
Date: Thu, 27 Jan 2000 09:23:56 -0600 (CST)
Message-id: <[🔎] E12Dqm5-0000Gu-00@pchan>
In-reply-to: <[🔎] 3.0.32.20000127115713.006b6f70@pop3.zonnet.nl> from Hans at "Jan 27, 2000 12:10:55 pm"

Hans said:
> There were already a great number of groups in /etc/group. Do I get it
> right then that when I add myself to cdrom:x:24: (thus becoming
> cdrom:x:24:hans) I have access to that device?

In that case, for all practical purposes, yes.  In the broader sense, once
you log hans out and back in, that account gets the cdrom group's access to
any/everything.

Also, you should be aware that the user cdrom is implicitly a member of the
group cdrom and hans is implicitly a member of group hans, even though
/etc/group doesn't list them.

> If so, this would seems
> better to me than the suggestion "change the permission with chmod" you
> always see when a person reports a device he/she can't access.

It depends on what you want to do.  Remember that chmod lets you set three
groups of permissions - user, group, and other.

> I would
> still change the permission from the standard 755 to 440 which seems more
> appropriate to me for /cdrom, making it unreadable for the world. 

With 755, whether someone is a member of the group or not doesn't matter,
since group and other have the same permissions, which is more convenient if
you want everyone on the system to have access to the file.  (Note that, in
general, *nix treats devices as a special type of file.)  OTOH, if you want
to restrict access, you would use the 440, but that has the disadvantage of
requiring you to add each CD-authorized user to the cdrom group.

(There is another way around this, by setting up one of the config files to
temporarily add users to certain groups (usually cdrom and sound, IIRC)
whenever they're logged in on the console, but I've never used it so I don't
recall the details.)

> Maybe I'm not making sense at all, but I'm trying to get the philosophy
> behind all this. Sorry. -- Hans

No need to apologize!  You're trying to figure out how things work and why,
which is an excellent way (probably the best way) to approach Linux.

-- 
Geek Code 3.1:  GCS d- s+: a- C++ UL++$ P+>+++ L++>++++ E- W--(++) N+ o+ !K
w---$ O M- !V PS+ PE Y+ PGP t 5++ X+ R++ tv- b++ DI++++ D G e* h+ r++ y+

Reply to:

Follow-Ups:
- Re: Groups and what not 2.
  - From: David Wright <d.wright@open.ac.uk>

References:
- Groups and what not 2.
  - From: Hans <hansfong@zonnet.nl>

Prev by Date: Re: less and color
Next by Date: Compaq Netscape problem on Debian 2.1 Alpha system
Previous by thread: Groups and what not 2.
Next by thread: Re: Groups and what not 2.
Index(es):
- Date
- Thread