Difference between revisions of "Linux:group"

From HypertWiki
Jump to navigation Jump to search
 
(moved to htyp)
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[Techniques]]: [[Linux]]: [[Linux:group|group]]
{{to htyp}}
 
In Linux and other Unix-based operating systems, a '''group''' is an entity to which a [[Linux:user|user]] may belong and which confers certain "priveleges" or "rights" to such users.
 
==How Groups Are Used==
Groups play a significant role in system [[Linux:security|security]]. Ideally, a system administrator can define roles which the various users might play (e.g. scanner operator, webmaster, developer), create a group for each of those roles, and then assign the necessary rights (for performing those functions) to each ''group'', rather than to each ''user''. When managing users, it is then only necessary to assign a new user to the group(s) corresponding to that user's role(s).
==Details==
*Every file (including directories) has a set of '''permissions''', an '''owner [[Linux:user|user]]''' and an '''owner group'''. Every file or directory's permission set is composed of twelve bits, but the meaning of the bits is slightly different for directories than for files.
*'''File permissions''' contain three groups of three bits each. The first set of three applies if and only if the current user is the same as the file's owner user; the second set applies only if the current user belongs to the file's owner group, and the third set applies to everyone else. There are some additional specialized bits. Going from Most Significant Bit (MSB) to Least (LSB):
**Bit 11: "set user ID"
**Bit 10: "set group ID"
**Bit 09: "sticky" -- largely obsolete; used on early Unix systems. See [[chmod]] for more information.
**Bits 8-0: rwx (owner user), rwx (owner group), rwx (everyone else): r = can read file, w = can write file, x = can execute file
*Directory permissions are similar:
**Bit 11: "set user ID"
**Bit 10: "set group ID"
**Bit 09: "sticky" --
**:1 = files in that directory may be unlinked or renamed only by root or their owner.
**:0 = anyone able to write to the directory can delete or rename files.
***The sticky bit is commonly found on directories, such as /tmp, that are "world-writable" (rwxrwxrwx)
**Bits 8-0: same as for files, except "x" means "can enter (chdir into) directory"

Latest revision as of 18:01, 14 October 2005

VYPLGO2.64pxh.png This page has been moved to HTYP, the HyperTwin Yellow Pages.