I installed Xubuntu on my laptop yesterday.

My main user, "toe", belongs to the group, "toe".

What reason is there to have a group dedicated to the user? I would have thought that "toe" would have been a member of "users" by default, but no it's a member of the group "toe".

Unless there's a good reason to leave things the way they are, I'm gonna change my group to "users", or I might make a new group called "admins".

I'm not clear on all the folklore behind how and why such things are done. In general, the whole point of a group is to have a convenient way of assigning the same privileges to multiple users. I suppose that having a group in your name gives you a way of personalizing a custom set of permissions.

I always look only at what groups a user is assigned to---eg audio, CDrom, printer administration, and the ever-popular "users"

A toes is a toes by any other name.

You can (and probably do) have multiple groups, so this isn't really an issue.
In the other hand depending on your umask and how your system groups are formed, having your own group for creating files (this is your main group) prevent other users from having access to them by just being on the same group.

i.e.
If your primary group is 'users' and other_user belongs to that group; and if your umask is something like 007 then other_user has read/write permissions on your newly created files.

Think about it. Users can be members of more than one group. If you want to share your files with others but not allow them to change the files you can make them members of your group with appropriate permissions (u+r--). You may not want all other users to be able to access your files so you don't want to make all users members of your group. It provides for maximum flexibility in file sharing. Unix and Linux were developed originally for computers which had hundreds and thousands of users connected so the file access is quite flexible.

File ownership and access is not set in stone and can always be changed. The default is to have owners in their own group. This can also be changed when establishing new users by making their files associated with any other group the administrator chooses.

Cool thanks, I was hoping I'd get a good reason. But I didn't like having a group named "toe" so I changed it to "grp_toe" :-D

What you describe is called User Private Groups and you can find out more information about it at the Red Hat site.

I would assume that such things were started to make things more user friendly. If the umask is defaulted to 007 and the user IS in their own primary group then no other users can view their stuff.

However if they are not in their own primary group with 007 umask, then any user in that user's primary group can view their files.

Just as well... the default umask could always be changed to 077. Then only that user could view files created by that user.

But then... as long as you are the primary owner of the file, you should be able to chmod the permissions to anything you want.


Something else to keep in mind is that group names and usernames mean nothing to the filesystem on the disk. The disk just knows group numbers and user numbers. Your system's /etc/passwd and /etc/group files are what keep track of the names (well of course there is a lot more that goes into all that...)

You will run into this issue if you dual boot linux OS's and when you swap drives and what not.
You will end up with a file owned by 2000:1340 because there is no user or group assigned to those.

In most popular OSs new users will be assigned the first available starting at 500:500 or 1000:1000 and will name them both the same.