[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What are these groups for?



Robert Wilhelm Land wrote:
> Would someone kindly explain  when the following
> groups should be used?
> 
> bin:*:2:

        HELP: No files on my system are owned by user or group bin. What
              good are they? Historically they were probably the owners of
              binaries in /bin? It is not mentioned in the FHS, debian
              policy, or the changelogs of base-passwd or base-files.

> sys:*:3:

        HELP: As with bin, except I don't even know what it was good for
              historically.

> adm:*:4:

        Group adm is used for system monitoring tasks. Members of this
        group can read many log files in /var/log, and can use xconsole.

        Historically, /var/log was /usr/adm (and later /var/adm), thus the
        name of the group.

> kmem:*:15:
    
        /dev/kmem and similar files are readably by this group. This is
        mostly a BSD relic, but any programs that need direct read access
        to the system's memory can thus be made sgid kmem.

> staff:*:50:

        Allows users to add local modifications to the system (/usr/local,
        /home) without needing root priveledges. Compare with group "adm",
        which is more related to monitoring/security.

> www-data:*:33:

        Some web browsers run as www-data. Web content should *not* be
        owned by this user, or a compromised web server would be able to
        rewrite a web site. Data written out by web servers, including
        log files, will be owned by www-data.

> dip:*:30:

        THe group's man stands for "Dialup IP". Being in group dip allows
        you to use a tool such as ppp or dip to dial up a connection. 

> uucp:*:10:

        The uucp user and group is used by the UUCP subsystem. It owns
        spool and configuration files. Users in the uucp group may run
        uucico.

> irc:*:39:

        Used by irc daemons. A statically allocated user is needed only
        because of a bug in ircd -- it setuid()s itself to a given UID on
        startup.

-- 
see shy jo

Attachment: pgpL0oZVMXjsJ.pgp
Description: PGP signature


Reply to: