Groups
From ArchWiki
| i18n |
|---|
| English |
| Italiano |
| 简体中文 |
| Türkçe |
Adding a user to a permission group enables that user to perform certain actions or access certain files pertaining to that group. All available groups can be found using the command "cat /etc/group"
Contents |
List of groups
Below is a list of groups and their function in Arch (sorted alphabetically)
| Group | Affected Files | Purpose |
|---|---|---|
| adm | /var/log/* | Read access to log files in /var/log |
| audio | /dev/sound/*, /dev/snd/*, /dev/misc/rtc0 | Access to sound hardware. |
| avahi | ||
| bin | /usr/bin/* | Right to modify binaries only by root, but right to read or executed by anyone.//Please modify this for better understanding... |
| camera | Access to Digital Cameras. | |
| clamav | /var/lib/clamav/*, /var/log/clamav/* | |
| daemon | ||
| dbus | /var/run/dbus | |
| disk | /dev/sda[1-9], /dev/sdb[1-9], /dev/hda[1-9], etc | Access to block devices not affected by other groups such as optical,floppy,storage. |
| floppy | /dev/fd[0-9] | Access to floppy drives. |
| ftp | /srv/ftp | |
| games | /var/games | Access to some game software. |
| gdm | ||
| hal | /var/run/hald, /var/cache/hald | |
| http | ||
| kmem | /dev/port, /dev/mem, /dev/kmem | |
| locate | /usr/bin/locate, /var/lib/locate, /var/lib/slocate, /var/lib/mlocate | Right to use updatedb command. |
| log | /var/log/* | Access to log files in /var/log, |
| lp | /etc/cups, /var/log/cups, /var/cache/cups, /var/spool/cups | Access to printer hardware |
| mem | ||
| /usr/bin/mail | ||
| network | Right to change network settings such as when using a Networkmanager. | |
| nobody | Unprivileged group. | |
| ntp | ||
| optical | /dev/sr[0-9], /dev/sg[0-9] | Access to optical devices such as CD,CD-R,DVD,DVD-R. |
| policykit | ||
| power | Right to use suspend utils. | |
| root | /* -- ALL FILES! | Complete system administration and control (root, admin) |
| scanner | /var/lock/sane | Access to scanner hardware. |
| smmsp | sendmail group | |
| storage | Access to removable drives such as USB harddrives,flash/jump drives,mp3 players. | |
| stb-admin | ||
| sys | Right to admin printers in CUPS. | |
| thinkpad | /dev/misc/nvram | Right for thinkpad users using tools such as tpb. |
| tty | /dev/tty, /dev/vcc, /dev/vc, /dev/ptmx | |
| users | Standard users group. | |
| uucp | /dev/ttyS[0-9] /dev/tts/[0-9] | Serial & USB devices such as modems,handhelds,RS232/serial ports. |
| vboxusers | /dev/vboxdrv | Right to use Virtualbox software. |
| video | /dev/fb/0, /dev/misc/agpgart | Access to video capture devices, DRI/3D hardware acceleration. |
| vmware | Right to use VMware software. | |
| wheel | Right to use sudo (setup with visudo), Also affected by PAM |
Common actions
List all groups
To list all groups currently available on your system.
cat /etc/group
List your current groups
To find out what groups your user is currently a member of, simply issue the command "groups". You can also use "id" for more verbose output.
Finding group ownership
You can list files owned by a group with this command if needed.. as root (where [group] is the group name you wish to search for)
find /* -group [group]
Adding user to a group
You can add a user to a group by using this command as root (where [group] is the group you want to add and [user] is the user you want to add to the group)
usermod -aG [group] [user]
or
gpasswd -a [user] [group]
If you are currently logged in and adding yourself to a group, you must logout all instances of yourself in order to be able to access that group's functionality.
Removing user from a group
You can remove a user from a group by using this command as root (where [group] is the group you want to remove and [user] is the user you want to remove to the group)
gpasswd -d [user] [group]
Creating and removing a group
You can create a new group by using the following command as root (where [group] is the name of the group you wish to create)
groupadd [group]
For removing a group use
groupdel [group]