Группы в LINUX
Чаще всего на рабочих станциях и домашних компьютерах добавляют не-root пользователей в ниже указанные группы, чтобы дать доступ к оборудованию или функциям системного администрирования:
- audio
- floppy
- lp
- network
- optical
- power
- storage
- video
- wheel
| Группа | Affected files | Назначение |
|---|---|---|
| adm | /var/log/* |
доступ на чтение к log файлам. |
| audio | /dev/audio, /dev/snd/*, /dev/rtc0 |
Доступ к звуковому оборудованию. |
| avahi | ||
| bin | /usr/bin/* |
Right to modify binaries only by root, but right to read or executed by anyone. (Please modify this for better understanding…) |
| camera | доступ к цифровым камерам Digital Cameras. | |
| clamav | /var/lib/clamav/*, /var/log/clamav/* |
И Clam AntiVirus. |
| daemon | ||
| dbus | /var/run/dbus/* |
|
| disk | /dev/sda[1-9], /dev/sdb[1-9] |
Access to block devices not affected by other groups such as optical, floppy, and storage. |
| floppy | /dev/fd[0-9] |
Access to floppy drives. |
| ftp | /srv/ftp |
|
| games | /var/games |
Access to some game software. |
| gdm | ||
| hal | /var/run/hald, /var/cache/hald |
|
| http | ||
| kmem | /dev/port, /dev/mem, /dev/kmem |
|
| locate | /usr/bin/locate, /var/lib/locate, /var/lib/mlocate, /var/lib/slocate |
Right to use updatedb command. |
| log | /var/log/* |
Access to log files in /var/log, |
| lp | /etc/cups, /var/log/cups, /var/cache/cups, /var/spool/cups |
Access to printer hardware; enables the user to manage print jobs. |
| mem | ||
/usr/bin/mail |
||
| network | Right to change network settings such as when using NetworkManager. | |
| networkmanager | Requirement for your user to connect wirelessly with NetworkManager. This group is not included with Arch by default so it must be added manually. | |
| nobody | Unprivileged group. | |
| ntp | ||
| optical | /dev/sr[0-9], /dev/sg[0-9] |
Access to optical devices such as CD and DVD drives. |
| policykit | ||
| power | Right to use suspend utilities and power management controls. | |
| rfkill | ||
| root | /* |
Complete system administration and control (root, admin). |
| scanner | /var/lock/sane |
Access to scanner hardware. |
| smmsp | sendmail group |
|
| storage | Access to removable drives such as USB hard drives, flash/jump drives, MP3 players; enables the user to mount storage devices through HAL and D-Bus. | |
| stb-admin | ||
| sys | Right to admin printers in CUPS. | |
| thinkpad | /dev/misc/nvram |
Used by ThinkPad users for access to tools such as tpb. |
| tty | /dev/tty, /dev/vcc, /dev/vc, /dev/ptmx |
Eg. to acces /dev/ACMx |
| users | Standard users group. | |
| uucp | /dev/ttyS[0-9], /dev/tts/[0-9] |
Serial and USB devices such as modems, handhelds, RS-232/serial ports. |
| vboxusers | /dev/vboxdrv |
Right to use VirtualBox software. |
| video | /dev/fb/0, /dev/misc/agpgart |
Access to video capture devices, DRI/3D hardware acceleration (X can be used without belonging to this group). |
| vmware | Right to use VMware software. | |
| wheel | Right to use sudo (setup with visudo), also affected by PAM. |
При подготовке использован материал с сайта Archlinux.org
+ There are no comments
Add yours