Unix Power ToolsUnix Power ToolsSearch this book

Chapter 49. Root, Group, and User Management

Contents:

Unix User/Group Infrastructure
When Does a User Become a User
Forgetting the root Password
Setting an Exact umask
Group Permissions in a Directory with the setgid Bit
Groups and Group Ownership
Add Users to a Group to Deny Permissions
Care and Feeding of SUID and SGID Scripts
Substitute Identity with su
Never Log In as root
Providing Superpowers with sudo
Enabling Root in Darwin
Disable logins

49.1. Unix User/Group Infrastructure

Unix users are given unique usernames and also added to one or more Unix groups (Section 49.7). Both a user and a group own all content within a system. If you list information about a file, you'll see both user and group ownership:

> ls -l
-rw-r--r--  1 root      weblog.burningbi  32230 May 22 13:58 access_log
-rw-r-----  1 shelleyp  weblog.burningbi   3995 May 12 11:08 analog.cfg
-rw-r--r--  1 root      weblog.burningbi      0 May 22 12:01 error_log

In this listing, the users are root and shelleyp, and the group (truncated) is weblog.burningbird.net.

You're assigned a primary group when you're added to a system. In addition, you can also be assigned to one or more secondary groups. Depending on the type of Unix system, you can either work with files that are owned by any one of the groups you belong to or you can work with files of your primary group only.

BSD-based Unix systems allow you to work with files from primary and secondary groups; this includes Darwin as well as the popular PC-based BSD systems, FreeBSD, and OpenBSD. System V systems restrict you to working with a primary group only.

For the majority of Unix systems, user and group membership is controlled through a couple of files, passwd and group, stored in the /etc directory. This directory has root write access only, but read and execute access by all users.

-- SP



Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.