You are not logged in.

#1 2007-03-01 06:24:20

sokuban
Member
Registered: 2006-11-11
Posts: 412

Permission Groups

Maybe a stupid question but...

I have had a lot of problems when I was a newbie, and the answer to most of them was "is your user part of the **** group?"

Is there a list anywhere of all the permission groups used in Arch? Is this something that would be the same on all distros?

Offline

#2 2007-03-01 06:58:06

phrakture
Arch Overlord
From: behind you
Registered: 2003-10-29
Posts: 7,879
Website

Re: Permission Groups

No, it's not the same on all distros.  For instance, ubuntu uses "www-data" as the "you can change stuff the web server sees" group.  We don't.

I think there was a list somewhere... generally, I just check the permissions of the device/file that caused the failure... i.e. cdrom (after following symlinks)

$ ll /dev/sr0
brw-rw---- 1 root optical 11, 0 2007-02-19 02:02 /dev/sr0

Offline

#3 2007-03-01 07:12:07

mutlu_inek
Member
From: all over the place
Registered: 2006-11-18
Posts: 684

Re: Permission Groups

less /etc/group

Offline

#4 2007-03-01 22:07:34

Snarkout
Member
Registered: 2005-11-13
Posts: 542

Re: Permission Groups

I think that what the OP is asking for is a list of groups you *should* be a member of if you want a full desktop experience.  I have to admit to having some issues with this in the past myself, especially when, as Phrak points out, different distros have different groups.  There's also the fact that the groups file seems to have evolved some in recent years, and many people don't even know what half of the entries are for, exactly, myself included.


Unthinking respect for authority is the greatest enemy of truth.
-Albert Einstein

Offline

#5 2007-03-12 19:55:57

s26c.sayan
Member
From: Kolkata, India
Registered: 2007-02-07
Posts: 176
Website

Re: Permission Groups

I need to know what  groups should my normal  user belong to  if  I  want to be able to connect to net as normal user (using the adsl daemon), burn CD-s and listen to music via MPD.

Maybe you guys an help me!!
Thanks!!


March Linux : An Arch Linux "distrolet" that I am trying to develop (March = My Arch!)
Please take a look......:)

Offline

#6 2007-03-12 20:54:36

elasticdog
Member
From: Washington, USA
Registered: 2005-05-02
Posts: 995
Website

Re: Permission Groups

Didn't somebody post a wiki page with the common groups and what each one does?  I tried searching, but couldn't find it anywhere...either way, it might be helpful since it is fairly confusing and comes up fairly often here on the forums.

Offline

#7 2007-03-13 00:19:00

Zer0
Member
From: Windsor, ON, Canada
Registered: 2006-08-25
Posts: 299

Re: Permission Groups

I asked about this once on IRC and saw planning to make a wiki, it's too bad I never got around to it.  I think this is something that every arch user has thought about at one point.. "what the heck is that group for"  or "what group do I need to be in to get [something] working".

A "list of groups" wiki would be perfect for this along the lines of..

audio = sound
camera = camera devices
scanner = scanners
optical = dvd/cd drives

etc..  a long overdue wiki but at the same time I'm not going to install every package to get the list of all groups.. I say we converge our lists here then we write a wiki page.

Here are mine.

adm
audio
avahi
bin
camera
daemon
dbus
disk
floppy
ftp
hal
kmem
log
lp
mail
mem
network
nobody
optical
power
root
scanner
slocate
smmsp
storage
sys
tty
users
video
wheel

pretty overwhelming,  I still don't know what half of em are wink

Offline

#8 2007-03-13 00:37:37

junglepeanut
Member
From: California
Registered: 2007-01-24
Posts: 145
Website

Re: Permission Groups

Wow, thats a lot... I don't have any issues that I know of but I am little confused as I am only in

optical,audio, and storage

everything seems to work fine...

Offline

#9 2007-03-14 01:52:33

mutlu_inek
Member
From: all over the place
Registered: 2006-11-18
Posts: 684

Re: Permission Groups

Zer0 wrote:

Here are mine.

I also have:

abs
mysql
thinkpad
vmware


I am a member of:

abs
audio
camera
floppy
log
optical
scanner
slocate
storage
thinkpad
[users]
video
vmware
wheel


Zer0 wrote:

A "list of groups" wiki would be perfect for this along the lines of..

audio = sound
camera = camera devices
scanner = scanners
optical = dvd/cd drives

abs = rights to Arch's auto build system
floppy = floppy drive
log = access to log files in /var/log
slocate = access to command updatedb
storage = access to external drives
thinkpad = for thinkpad users accessing /dev/misc/nvram through e.g. tpb
video = ?
vmware = right to execute vmware
wheel = right to do su

Offline

#10 2007-03-14 08:17:38

s26c.sayan
Member
From: Kolkata, India
Registered: 2007-02-07
Posts: 176
Website

Re: Permission Groups

N00b question : Is there any group that the normal user  needs to be a member of if he wishes to have R/W access to all the mounted partitions of the current hard drive??

I am currently acheiving this by 'chown'-ing the /mnt directory recursively.Is there another way?


March Linux : An Arch Linux "distrolet" that I am trying to develop (March = My Arch!)
Please take a look......:)

Offline

#11 2007-03-14 15:50:05

AlmaMater
Member
Registered: 2007-02-28
Posts: 97

Re: Permission Groups

i olso dont undestand very much the meaning of every group

i added myself whit
audio
video
optical
storage
wheel
power    <-- whit that i didnt had to install sudo to be able to reboot-shutdown my laptop

Offline

#12 2007-03-16 22:28:00

Snowman
Developer/Forum Fellow
From: Montreal, Canada
Registered: 2004-08-20
Posts: 5,212

Re: Permission Groups

s26c.sayan wrote:

N00b question : Is there any group that the normal user  needs to be a member of if he wishes to have R/W access to all the mounted partitions of the current hard drive??

I am currently acheiving this by 'chown'-ing the /mnt directory recursively.Is there another way?

This is usually done with a mount option. What filesystem are you using?

BTW, the video group is for DRI/ 3D video acceleration.

Offline

#13 2007-03-16 22:42:43

fishonadish
Member
Registered: 2006-11-04
Posts: 130

Re: Permission Groups

mutlu_inek wrote:

wheel = right to do su

I'm not a member of this group, and can use su from my user account...
Is this what you meant, or is it that root must be a member of the wheel group for users to use su?

Offline

#14 2007-03-17 08:06:18

s26c.sayan
Member
From: Kolkata, India
Registered: 2007-02-07
Posts: 176
Website

Re: Permission Groups

This is usually done with a mount option. What filesystem are you using?

I have my Arch installation currently on a XFS partition (but I might well revert to reiserfs soon).
The partitions I want to mount wth R/W permissions are all ext3.


March Linux : An Arch Linux "distrolet" that I am trying to develop (March = My Arch!)
Please take a look......:)

Offline

#15 2007-03-17 20:36:45

Snarkout
Member
Registered: 2005-11-13
Posts: 542

Re: Permission Groups

fishonadish wrote:
mutlu_inek wrote:

wheel = right to do su

I'm not a member of this group, and can use su from my user account...
Is this what you meant, or is it that root must be a member of the wheel group for users to use su?

It's a pam option at this point, but traditionally on unix and unix-like systems this was a way to help fight against priv escalation by users who weren't supposed to have access.


Unthinking respect for authority is the greatest enemy of truth.
-Albert Einstein

Offline

#16 2007-03-17 21:19:07

Snowman
Developer/Forum Fellow
From: Montreal, Canada
Registered: 2004-08-20
Posts: 5,212

Re: Permission Groups

s26c.sayan wrote:

This is usually done with a mount option. What filesystem are you using?

I have my Arch installation currently on a XFS partition (but I might well revert to reiserfs soon).
The partitions I want to mount wth R/W permissions are all ext3.

I'm setup on ext3 partitions. For the single partition that I mount manually, I have this line in /etc/fstab:

/dev/hda5  /mnt/bak_orion ext3  noauto,user,rw,suid,dev,exec,async   0   1

This enable me to mount it as a regular user which gets rw permissions.

Offline

#17 2007-03-19 01:38:16

brucebertrand
Member
Registered: 2006-07-24
Posts: 52

Re: Permission Groups

Here's a wiki link:
http://wiki.archlinux.org/index.php/Groups

go at it.

Offline

#18 2007-03-20 23:31:00

Zer0
Member
From: Windsor, ON, Canada
Registered: 2006-08-25
Posts: 299

Re: Permission Groups

great.. a wiki finally.  I did my part..

- posted up the groups I know
- added how to "list files owned by groups" and "add user to a group"
- cleaned up a bit
- fixed wheel group description.  I believe wheel group affects sudo and not su.  I can run su without being a member of wheel but for sudo I have edit /etc/sudoers (with visudo command) and add my user to the wheel group.  Please correct me if this is wrong!

anyone else?

Offline

#19 2007-04-06 11:55:11

matahari
Member
From: Bandung, Indonesia
Registered: 2007-04-04
Posts: 59

Re: Permission Groups

you can uncomment this line :

auth            required        pam_wheel.so use_uid

@ /etc/pam.d/su
so only user in wheel can do su

Offline

Board footer

Powered by FluxBB