You are not logged in.

#1 2012-12-29 12:10:51

jrussell
Member
From: Cape Town, South Africa
Registered: 2012-08-16
Posts: 510

I am so confused with systemd and ACLs and user groups

Hi all, what groups does a standard user with no special permissions need to be in at the moment with systemd? Right now I have all normal/standard users in no groups other than 'users' and some have there own group and are part of that (others just have 'users', not sure how some have there own group).

groups jason

returns:

users jason
groups megan

returns:

users

I have done much googleing and have seen various posts about optical and power and wheel groups with regards to power control (restart, poweroff) and cd mounting etc, how does this all work? I think I miss the old way of having the groups dictate what a user is capable of doing.

Where does one edit these ACL's? I would like only sudoers to be able to poweroff and reboot my computer, right now I think any local user can reboot or poweroff, but not remotely.

Last edited by jrussell (2012-12-30 14:58:52)


bitcoin: 1G62YGRFkMDwhGr5T5YGovfsxLx44eZo7U

Offline

#2 2012-12-29 12:38:06

65kid
Member
From: Germany
Registered: 2011-01-26
Posts: 663

Re: I am so confused with systemd and ACLs and user groups

Offline

#3 2012-12-29 20:52:11

cfr
Member
From: Cymru
Registered: 2011-11-27
Posts: 7,130

Re: I am so confused with systemd and ACLs and user groups

Note that ACLs are neither new nor particularly associated with systemd. systemd may use them but they are an existing feature of file systems and not even specific to GNU/Linux.


CLI Paste | How To Ask Questions

Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L

Offline

#4 2013-01-15 13:57:43

jrussell
Member
From: Cape Town, South Africa
Registered: 2012-08-16
Posts: 510

Re: I am so confused with systemd and ACLs and user groups

How would I control/edit the ACLs to prevent a user from doing certain things? Ive read https://bbs.archlinux.org/viewtopic.php?id=152565, seems messy


bitcoin: 1G62YGRFkMDwhGr5T5YGovfsxLx44eZo7U

Offline

#5 2013-01-15 22:09:25

cfr
Member
From: Cymru
Registered: 2011-11-27
Posts: 7,130

Re: I am so confused with systemd and ACLs and user groups

I don't think that is the kind of thing you can do (easily/securely) with ACLs. If you can, it will not be at all nice. If you have polkit installed, use polkit rules. If you don't have it installed, I don't think users have permission to do those things anyway.


CLI Paste | How To Ask Questions

Arch Linux | x86_64 | GPT | EFI boot | refind | stub loader | systemd | LVM2 on LUKS
Lenovo x270 | Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz | Intel Wireless 8265/8275 | US keyboard w/ Euro | 512G NVMe INTEL SSDPEKKF512G7L

Offline

#6 2013-01-16 13:04:48

jrussell
Member
From: Cape Town, South Africa
Registered: 2012-08-16
Posts: 510

Re: I am so confused with systemd and ACLs and user groups

OK cool I found this https://wiki.archlinux.org/index.php/Po … #Structure I previously had no idea what polkit was smile


bitcoin: 1G62YGRFkMDwhGr5T5YGovfsxLx44eZo7U

Offline

#7 2013-01-16 13:13:44

phil
Member
Registered: 2012-09-22
Posts: 72

Re: I am so confused with systemd and ACLs and user groups

caesium ~ $ groups
users vboxusers

Offline

Board footer

Powered by FluxBB