Groups

From ArchWiki

Jump to: navigation, search
i18n
English
Italiano
简体中文
Türkçe

Adding a user to a permission group enables that user to perform certain actions or access certain files pertaining to that group. All available groups can be found using the command "cat /etc/group"

Contents

List of groups

Below is a list of groups and their function in Arch (sorted alphabetically)

Group Affected Files Purpose
adm /var/log/* Read access to log files in /var/log
audio /dev/sound/*, /dev/snd/*, /dev/misc/rtc0 Access to sound hardware.
avahi
bin /usr/bin/* Right to modify binaries only by root, but right to read or executed by anyone.//Please modify this for better understanding...
camera Access to Digital Cameras.
clamav /var/lib/clamav/*, /var/log/clamav/*
daemon
dbus /var/run/dbus
disk /dev/sda[1-9], /dev/sdb[1-9], /dev/hda[1-9], etc Access to block devices not affected by other groups such as optical,floppy,storage.
floppy /dev/fd[0-9] Access to floppy drives.
ftp /srv/ftp
games /var/games Access to some game software.
gdm
hal /var/run/hald, /var/cache/hald
http
kmem /dev/port, /dev/mem, /dev/kmem
locate /usr/bin/locate, /var/lib/locate, /var/lib/slocate, /var/lib/mlocate Right to use updatedb command.
log /var/log/* Access to log files in /var/log,
lp /etc/cups, /var/log/cups, /var/cache/cups, /var/spool/cups Access to printer hardware
mem
mail /usr/bin/mail
network Right to change network settings such as when using a Networkmanager.
nobody Unprivileged group.
ntp
optical /dev/sr[0-9], /dev/sg[0-9] Access to optical devices such as CD,CD-R,DVD,DVD-R.
policykit
power Right to use suspend utils.
root /* -- ALL FILES! Complete system administration and control (root, admin)
scanner /var/lock/sane Access to scanner hardware.
smmsp sendmail group
storage Access to removable drives such as USB harddrives,flash/jump drives,mp3 players.
stb-admin
sys Right to admin printers in CUPS.
thinkpad /dev/misc/nvram Right for thinkpad users using tools such as tpb.
tty /dev/tty, /dev/vcc, /dev/vc, /dev/ptmx
users Standard users group.
uucp /dev/ttyS[0-9] /dev/tts/[0-9] Serial & USB devices such as modems,handhelds,RS232/serial ports.
vboxusers /dev/vboxdrv Right to use Virtualbox software.
video /dev/fb/0, /dev/misc/agpgart Access to video capture devices, DRI/3D hardware acceleration.
vmware Right to use VMware software.
wheel Right to use sudo (setup with visudo), Also affected by PAM

Common actions

List all groups

To list all groups currently available on your system.

cat /etc/group

List your current groups

To find out what groups your user is currently a member of, simply issue the command "groups". You can also use "id" for more verbose output.

Finding group ownership

You can list files owned by a group with this command if needed.. as root (where [group] is the group name you wish to search for)

find /* -group [group]

Adding user to a group

You can add a user to a group by using this command as root (where [group] is the group you want to add and [user] is the user you want to add to the group)

usermod -aG [group] [user]

or

gpasswd -a [user] [group]

If you are currently logged in and adding yourself to a group, you must logout all instances of yourself in order to be able to access that group's functionality.

Removing user from a group

You can remove a user from a group by using this command as root (where [group] is the group you want to remove and [user] is the user you want to remove to the group)

gpasswd -d [user] [group]

Creating and removing a group

You can create a new group by using the following command as root (where [group] is the name of the group you wish to create)

groupadd [group]

For removing a group use

groupdel [group]
Personal tools