Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
if a user belongs to the root group does that just mean he can access/write to every file on the system, but the system will still ask you for the root password when security is a concern (installing etc) just wanted to clear it up...thanks
As far as I know you MUST be the user "root" to do certain things, period. I believe every file/directory has "owner," "group," and "everyone" with permissions like "none," "read-only", and "read/write." I don't know how to use the console very well anymore because I had a stroke, take psych-meds, and have not used Linux for almost 10 years but plan on trying to refresh my memory as best I can with openSUSE, Ubuntu, and Puppy Linux.
if a user belongs to the root group does that just mean he can access/write to every file on the system, but the system will still ask you for the root password when security is a concern (installing etc) just wanted to clear it up...thanks
Thanks for the correction -- I really am hungry for Linux whenever I feel up to it... I used to be considered a senior member as fatpigjoke or something like that in High-School about 10 yrs. ago...
To answer your specific question, as I understand it, each user in Linux has a group. (For example when I create the user "snowpine" I also create a group called "snowpine" containing the user.) So, to the extent there is a user named "root" there must also be a group called "root."
It varies from distro to distro, but these days, "best practice" is typically to add your administrative users to the "sudo" or "wheel" group (not the "root" group).
No, it doesn't. It depends on the permissions set for a given file or folder. You can give root privileges to a user via the sudoers file or else just execute the su command from the console. You will give the root password only once and run programs as root until you logout.
jdk
The group "root" has no special significance to the kernel. Of course any specific file or directory can grant permissions to the "root" group, just like any other group ID. It is possible that some privileged commands might allow certain functions for members of the "root" group and not for others, but that is decided in the code for that executable. An example of something similar is that on some systems you have to be a member of the "wheel" group (and know the password) in order to su to the "root" UID.
hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...
the point i was trying to make is that Linux doesnt work like a windows system in regard to users and groups right? eg: you cant install programs using the guest account in windows, yet i can add a domain account to local administrators and have full access...does linux always prompt for root password regardless of what group/s you belong to ie: root group?
hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...hi jamison20000e so thats adding me to the sudo group right...so i can run as root via sudo...
...
Yes.
I read somewhere (probibly here at LQ) recently that microcoughed-winblow$ has two or three layers to it and the average Linux triples that hence the security and stability if you do things right.
Last edited by jamison20000e; 03-19-2014 at 05:10 PM.
To answer your specific question, as I understand it, each user in Linux has a group.
Any user can in fact belong to many groups, but there is one main group any user belongs to.
Quote:
(For example when I create the user "snowpine" I also create a group called "snowpine" containing the user.)
This is distro dependent behavior. While this is for example standard behavior for Debian systems (any creation of a user also creates a group, if not specified differently), it is not true for Slackware, where all users by default have the same main group "users".
Quote:
So, to the extent there is a user named "root" there must also be a group called "root."
Not really. Like any other user the root user also needs a main group, but that this group is also called root is just a convenient convention.
To answer the question: The root group works like any other group: If the group part of the permissions of a file owned by the root group allows the group to execute, write or read a specific file then any member of that group has the permissions to do that. Of course nothing prevents an executable to do additional checks if you are the root user (which indeed many programs and scripts that are intended to run as root do), so that being a member of the root group will not help in such a case.
Regarding Windows: Actually, by default the Windows permission system is better than plain Linux/UNIX permissions. The lack of fine grained control is why things like ACL where invented, in use in Windows since Windows NT, often not used, despite being widely available, on Linux systems. The real problem with Windows security is not the lack of security mechanisms, but that they are disabled by default and most people are not willing to learn how to properly configure a Windows system (and FWIW, also not their Linux systems). Though a very common misconception, even among long time Linux users, Linux is not by default more secure than Windows.
I just wanted to clarify the misconceptions. It is a widely distributed mistake, especially by people not using Windows, that Windows by definition has to less secure than Linux, while that simply isn't the case. A well configured Windows system can be as secure as a well configured Linux system. It mostly depends on the capabilities of the administrator how secure a system is, not on the underlying OS.
The real problem with Windows security is not the lack of security mechanisms, but that they are disabled by default and most people are not willing to learn how to properly configure a Windows system (and FWIW, also not their Linux systems). Though a very common misconception, even among long time Linux users, Linux is not by default more secure than Windows.
Aren't you contradicting yourself there about the default security level?
Aren't you contradicting yourself there about the default security level?
No, just because there is no default Linux. Just start a Puppy Linux and look at its default security level, running everything as root. Look at a default Slackware (Arch, Gentoo, ...) installation, having only the root user (or the likes of Ubuntu, giving the first created user full rights using sudo without ever asking the user if that is what the user wants).
So even when Windows by default has most of its security systems disabled, Linux is by default not more secure, just because it is Linux. You may have a distribution where that is indeed the case (I believe Fedora and openSuse are pretty good at that), but there is no guarantee for that. Security is still a process, not a product. A process that involves the education of the system admin, regardless if the admin is the user and regardless which is the OS in use.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.