Robert Wilhelm Land wrote:
> Would someone kindly explain when the following
> groups should be used?
>
> bin:*:2:
HELP: No files on my system are owned by user or group bin. What
good are they? Historically they were probably the owners of
binaries in /bin? It is not mentioned in the FHS, debian
policy, or the changelogs of base-passwd or base-files.
> sys:*:3:
HELP: As with bin, except I don't even know what it was good for
historically.
> adm:*:4:
Group adm is used for system monitoring tasks. Members of this
group can read many log files in /var/log, and can use xconsole.
Historically, /var/log was /usr/adm (and later /var/adm), thus the
name of the group.
> kmem:*:15:
/dev/kmem and similar files are readably by this group. This is
mostly a BSD relic, but any programs that need direct read access
to the system's memory can thus be made sgid kmem.
> staff:*:50:
Allows users to add local modifications to the system (/usr/local,
/home) without needing root priveledges. Compare with group "adm",
which is more related to monitoring/security.
> www-data:*:33:
Some web browsers run as www-data. Web content should *not* be
owned by this user, or a compromised web server would be able to
rewrite a web site. Data written out by web servers, including
log files, will be owned by www-data.
> dip:*:30:
THe group's man stands for "Dialup IP". Being in group dip allows
you to use a tool such as ppp or dip to dial up a connection.
> uucp:*:10:
The uucp user and group is used by the UUCP subsystem. It owns
spool and configuration files. Users in the uucp group may run
uucico.
> irc:*:39:
Used by irc daemons. A statically allocated user is needed only
because of a bug in ircd -- it setuid()s itself to a given UID on
startup.
--
see shy jo
Attachment:
pgpx7iMV76zI9.pgp
Description: PGP signature