Groups
From ArchWiki
i18n |
---|
English |
Italiano |
简体中文 |
Türkçe |
Adding a user to a permission group enables that user to perform certain actions or access certain files pertaining to that group. All available groups can be found using the command "cat /etc/group"
Contents |
List of groups
Below is a list of groups and their function in Arch (sorted alphabetically)
Group | Affected Files | Purpose |
---|---|---|
adm | /var/log/* | Read access to log files in /var/log |
audio | /dev/sound/*, /dev/snd/*, /dev/misc/rtc0 | Access to sound hardware. |
avahi | ||
bin | /usr/bin/* | Right to modify binaries only by root, but right to read or executed by anyone.//Please modify this for better understanding... |
camera | Access to Digital Cameras. | |
clamav | /var/lib/clamav/*, /var/log/clamav/* | |
daemon | ||
dbus | /var/run/dbus | |
disk | /dev/sda[1-9], /dev/sdb[1-9], /dev/hda[1-9], etc | Access to block devices not affected by other groups such as optical,floppy,storage. |
floppy | /dev/fd[0-9] | Access to floppy drives. |
ftp | /srv/ftp | |
games | /var/games | Access to some game software. |
gdm | ||
hal | /var/run/hald, /var/cache/hald | |
http | ||
kmem | /dev/port, /dev/mem, /dev/kmem | |
locate | /usr/bin/locate, /var/lib/locate, /var/lib/slocate, /var/lib/mlocate | Right to use updatedb command. |
log | /var/log/* | Access to log files in /var/log, |
lp | /etc/cups, /var/log/cups, /var/cache/cups, /var/spool/cups | Access to printer hardware |
mem | ||
/usr/bin/mail | ||
network | Right to change network settings such as when using a Networkmanager. | |
nobody | Unprivileged group. | |
ntp | ||
optical | /dev/sr[0-9], /dev/sg[0-9] | Access to optical devices such as CD,CD-R,DVD,DVD-R. |
policykit | ||
power | Right to use suspend utils. | |
root | /* -- ALL FILES! | Complete system administration and control (root, admin) |
scanner | /var/lock/sane | Access to scanner hardware. |
smmsp | sendmail group | |
storage | Access to removable drives such as USB harddrives,flash/jump drives,mp3 players. | |
stb-admin | ||
sys | Right to admin printers in CUPS. | |
thinkpad | /dev/misc/nvram | Right for thinkpad users using tools such as tpb. |
tty | /dev/tty, /dev/vcc, /dev/vc, /dev/ptmx | |
users | Standard users group. | |
uucp | /dev/ttyS[0-9] /dev/tts/[0-9] | Serial & USB devices such as modems,handhelds,RS232/serial ports. |
vboxusers | /dev/vboxdrv | Right to use Virtualbox software. |
video | /dev/fb/0, /dev/misc/agpgart | Access to video capture devices, DRI/3D hardware acceleration. |
vmware | Right to use VMware software. | |
wheel | Right to use sudo (setup with visudo), Also affected by PAM |
Common actions
List all groups
To list all groups currently available on your system.
cat /etc/group
List your current groups
To find out what groups your user is currently a member of, simply issue the command "groups". You can also use "id" for more verbose output.
Finding group ownership
You can list files owned by a group with this command if needed.. as root (where [group] is the group name you wish to search for)
find /* -group [group]
Adding user to a group
You can add a user to a group by using this command as root (where [group] is the group you want to add and [user] is the user you want to add to the group)
usermod -aG [group] [user]
or
gpasswd -a [user] [group]
If you are currently logged in and adding yourself to a group, you must logout all instances of yourself in order to be able to access that group's functionality.
Removing user from a group
You can remove a user from a group by using this command as root (where [group] is the group you want to remove and [user] is the user you want to remove to the group)
gpasswd -d [user] [group]
Creating and removing a group
You can create a new group by using the following command as root (where [group] is the name of the group you wish to create)
groupadd [group]
For removing a group use
groupdel [group]