LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-01-2016, 07:55 PM   #1
QWE123
Member
 
Registered: Nov 2014
Posts: 49

Rep: Reputation: Disabled
The difference of user group


I would like to ask what is the difference of user group in different case , In case 1 , when created the user1/2 , I assign it to group 400 ; in case 2 , I manually added user1/2 to the tail of /etc/group file .

is it different user permission if in these two case ? thanks

Case 1
======
user1:x:500:400:web_user:/home/user1:/sbin/nologin

user2:x:501:400:web_user:/home/user2:/sbin/nologin

Case 2
======

nginx:x:400:user1,user2
 
Old 07-01-2016, 09:14 PM   #2
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,152
Blog Entries: 14

Rep: Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081
What distro/version?

This article from the Arch wiki might help: https://wiki.archlinux.org/index.php/users_and_groups
 
Old 07-01-2016, 10:11 PM   #3
QWE123
Member
 
Registered: Nov 2014
Posts: 49

Original Poster
Rep: Reputation: Disabled
Rh 6.5
 
Old 07-01-2016, 10:53 PM   #4
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,152
Blog Entries: 14

Rep: Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081Reputation: 3081
If you are using RHEL, you are paying for support. You might direct this question to the RHEL support channels for which you are paying.

I have a few thoughts:

Most distros assign user numbers automatically. Generally, the first user is number 1000 (sometimes it's number 500) and successive users increment upwards to the next higher number. AFAIC, if you start ad libbing user numbers, you are likely to have unexpected consequences.

I don't have any expertise here, but I suspect that your original question could be answered by your inspecting the /etc/passwd and /etc/group files and comparing the group memberships of the users that you added and making sure that no other users (some of which may be, not persons, but processes) have conflicting user numbers.

Last edited by frankbell; 07-01-2016 at 10:54 PM.
 
Old 07-01-2016, 11:09 PM   #5
Aia
Member
 
Registered: Jun 2006
Posts: 66

Rep: Reputation: 21
Quote:
Originally Posted by QWE123 View Post
I would like to ask what is the difference of user group in different case , In case 1 , when created the user1/2 , I assign it to group 400 ; in case 2 , I manually added user1/2 to the tail of /etc/group file .

is it different user permission if in these two case ? thanks

Case 1
======
user1:x:500:400:web_user:/home/user1:/sbin/nologin

user2:x:501:400:web_user:/home/user2:/sbin/nologin

Case 2
======

nginx:x:400:user1,user2
nginx, user1, user2, all those are nothing more that human readable help for our consumption. The number is what matters to the system.

An user account can have many, and usually have many groups assigned to it. However, only one is the primary and the rest are secondary.
Groups do not have a category of primary or secondary assigned to them. A group in /etc/groups can be primary or secondary to any amount of users account, simultaneously. This can be seen in /etc/groups.
The primary group for an user will appear as the fourth entry in /etc/password.
The command id <username> or groups <username> can show secondary group information.

Last edited by Aia; 07-02-2016 at 10:57 AM.
 
Old 07-02-2016, 02:01 AM   #6
AwesomeMachine
Senior Member
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora
Posts: 2,302

Rep: Reputation: 407Reputation: 407Reputation: 407Reputation: 407Reputation: 407
Using the commands:
Code:
groupadd
and
Code:
useradd
is a worthwhile way to add groups and users. Manually adding them is the road to chaos.
 
Old 07-02-2016, 07:46 AM   #7
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,688

Rep: Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259Reputation: 1259
Quote:
Originally Posted by AwesomeMachine View Post
Using the commands:
Code:
groupadd
and
Code:
useradd
is a worthwhile way to add groups and users. Manually adding them is the road to chaos.
It all depends on what you are doing.

Adding users directly to the passwd/shadow/group files is possible and reasonable - specially when you use a pre-existing disk server for users home directories. Adding 500 users at once this way is very fast... MUCH faster than using the "useradd" function.

You just have to pay reasonable attention to the distributions policies. Most of them now use UIDs (and GIDs, though that is a bit less restrictive) for system accounts (accounts for special purposes - databases, jails for named/sendmail, security monitoring tools...). These are usually identified with UID/GID values under 1000. As long those policies are checked you should have no problem.

It is also reasonable consider using LDAP instead... and that has the SAME "chaos" as adding users manually.

Last edited by jpollard; 07-02-2016 at 07:48 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
User is a Part of a Group But Group Details Do Not Show the User devUnix Linux - Server 6 08-08-2013 07:02 AM
[SOLVED] user removed from one group can still get that group's permission LanFan.BlueSailor Linux - Security 11 08-23-2012 12:32 AM
Group permissions: user can't access 770 directory even though a member of group jm34003 Linux - Security 13 05-16-2012 02:03 PM
Difference between DH group and a PSK? s0n|k Linux - Security 5 04-19-2007 06:48 AM
what's the difference between main group and other group? hongxing Linux - Software 1 11-14-2005 06:40 AM


All times are GMT -5. The time now is 01:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration