Users and groups (Српски)

From ArchWiki
Revision as of 05:09, 18 May 2013 by Fengchao (Talk | contribs) (Add English link.)

Jump to: navigation, search

User groups are used on GNU/Linux for access control – members of a group are granted access to devices and files belonging to that group. /etc/group is the file that defines the groups on the system (man group for details).

This article provides a list of common groups and their purpose along with an overview of group manipulation commands.

Korisne grupe

Preporučene grupe koje korisnik treba da postavi za svoje korisnički nalog.

  • audio - za pristup audio hardveru
  • floppy - za pristup flopiu (ovo u slačaju samo ko ga poseduje)
  • lp - za pristup štampačima
  • optical - za pristup CD ili DVD čitačima (npr. puštanje CD-a)
  • power - used with power options (e.g. shutdown with power button)
  • storage - za uređivanje skladišnog prostora
  • video - za video aceleraciju
  • wheel - za sudo privilegije

Group list

A list of groups and their function (sorted alphabetically)
Group Affected files Purpose
adm /var/log/* Read access to log files in /var/log
audio /dev/sound/*, /dev/snd/*, /dev/misc/rtc0 Access to sound hardware.
bin /usr/bin/* Right to modify binaries only by root, but right to read or executed by anyone. (Please modify this for better understanding...)
camera Access to Digital Cameras.
clamav /var/lib/clamav/*, /var/log/clamav/*
dbus /var/run/dbus
disk /dev/sda[1-9], /dev/sdb[1-9], etc Access to block devices not affected by other groups such as optical,floppy,storage.
floppy /dev/fd[0-9] Access to floppy drives.
ftp /srv/ftp
games /var/games Access to some game software.
hal /var/run/hald, /var/cache/hald
kmem /dev/port, /dev/mem, /dev/kmem
locate /usr/bin/locate, /var/lib/locate, /var/lib/slocate, /var/lib/mlocate Right to use updatedb command.
log /var/log/* Access to log files in /var/log,
lp /etc/cups, /var/log/cups, /var/cache/cups, /var/spool/cups Access to printer hardware
mail /usr/bin/mail
network Right to change network settings such as when using a Networkmanager.
networkmanager Requirement for your user to connect wirelessly with Networkmanager. This group is not included with Arch by default so it must be added manually.
nobody Unprivileged group.
optical /dev/sr[0-9], /dev/sg[0-9] Access to optical devices such as CD,CD-R,DVD,DVD-R.
power Right to use suspend utils.
root /* -- ALL FILES! Complete system administration and control (root, admin)
scanner /var/lock/sane Access to scanner hardware.
smmsp sendmail group
storage Access to removable drives such as USB harddrives,flash/jump drives,mp3 players.
sys Right to admin printers in CUPS.
thinkpad /dev/misc/nvram Right for thinkpad users using tools such as tpb.
tty /dev/tty, /dev/vcc, /dev/vc, /dev/ptmx
users Standard users group.
uucp /dev/ttyS[0-9] /dev/tts/[0-9] Serial & USB devices such as modems,handhelds,RS232/serial ports.
vboxusers /dev/vboxdrv Right to use Virtualbox software.
video /dev/fb/0, /dev/misc/agpgart Access to video capture devices, DRI/3D hardware acceleration.
vmware Right to use VMware software.
wheel Right to use sudo (setup with visudo), Also affected by PAM

Group manipulation

List groups

Display group membership with the groups command:

$ groups [user]

If user is omitted, the current user's group names are displayed.

The id command provides additional detail, such as the user's UID and associated GIDs:

$ id [user]

To list all groups on the system:

$ cat /etc/group

Find group ownership

List files owned by a group with the find command:

# find / -group [group]

Manage group membership

Add users to a group with the gpasswd command:

# gpasswd -a [user] [group]

To remove users from a group:

# gpasswd -d [user] [group]

If the user is currently logged in, he/she must log out and in again for the change to have effect.

Manage groups

Create new groups with the groupadd command:

# groupadd [group]

To delete existing groups:

# groupdel [group]