LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 11-20-2018, 02:56 PM   #1
gregors
Member
 
Registered: Mar 2018
Posts: 177

Rep: Reputation: Disabled
Meaning of console group?


Finally I found a thing that distinguishes Slackware from Debian!

Forgive me - I'm just kidding.

Moving from Debian to Slackware I stepped over some files belonging to gregor.ftp

So it seems that GID 50 belongs to ftp now - not 'staff'. After adding a staff group I saw there is a group called console. What is this group meant to be used for? Maybe it's the right one for me - I want to distinguish me as root from myself as a normal user.

Since I'm quite new to Slackware I don't want to change system files until I really know what I'm doing.

TIA

Gregor
 
Old 11-20-2018, 05:00 PM   #2
GazL
LQ Veteran
 
Registered: May 2008
Posts: 6,882

Rep: Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988
Quote:
Originally Posted by gregors View Post
Maybe it's the right one for me - I want to distinguish me as root from myself as a normal user
I don't understand. root is distinguished by being root; you as a normal user won't be root.


The 'console' group is likely just an historical leftover. I'd be inclined to just ignore it.
 
Old 11-20-2018, 05:37 PM   #3
coralfang
Member
 
Registered: Nov 2010
Location: Bristol, UK
Distribution: Slackware, FreeBSD
Posts: 836
Blog Entries: 3

Rep: Reputation: 297Reputation: 297Reputation: 297
Can't say i've ever used it, but i would assume it's linked to any existing serial console / serial port interface access. (i may be wrong)
 
Old 11-20-2018, 07:37 PM   #4
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 8,792

Rep: Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656
The only groups that are beneficial to a user are suggested when using the adduser script. On 14.2, those are:

Code:
users audio cdrom floppy plugdev video power netdev lp scanner
The other groups aren't really intended for users and are either system groups or, as GazL mentioned, a historical leftover.

Quote:
I want to distinguish me as root from myself as a normal user.
What do you mean by this? As GazL mentioned, root is intended to be its own account. And other users can be specified to have certain permissions, either with the use of groups or sudo. If you give more information on this, we may be able to suggest the "Slackware Way" (if there even is one for whatever you're desiring), but the "Slackware Way" certainly isn't the only way and we might be able to give you info to tweak and modify your system as desired.
 
Old 11-20-2018, 10:49 PM   #5
gregors
Member
 
Registered: Mar 2018
Posts: 177

Original Poster
Rep: Reputation: Disabled
Looks like didn't make clear what I'm thinking of.

Well, it is (was?) said that I shouldn't log in as root if I want to do a typical user's work (like using some office stuff, nothing system related). So I want some things to be writable for my "simple user account" but not for any other user. What I'm thinking of is something between a normal user and root. I thought of using a group other than 'user' (but not 'root'). Maybe I'm missing something ...?

Gregor
 
Old 11-20-2018, 11:26 PM   #6
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 8,792

Rep: Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656
Quote:
Originally Posted by gregors View Post
So I want some things to be writable for my "simple user account" but not for any other user.
Is this more than just your home directory? Because that is only viewable by you and root (everything is viewable by root).

In addition, if you want your user to have a directory outside /home/ that is controlled by the user, you can create it with root, set the user:group using chown as root, and then set the proper permissions using chmod as the user.
 
Old 11-20-2018, 11:42 PM   #7
gregors
Member
 
Registered: Mar 2018
Posts: 177

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bassmadrigal View Post
Is this more than just your home directory? Because that is only viewable by you and root (everything is viewable by root).
...
Yes, e.g. there are things under /usr/local/bin that I want to be editable (its not about viewable) only by me, not any other user. But I don't want to use the root account for changing these files.

For example: A script that produces a fancy signature. I want that script to be writable for my user account but not for other users. I'm thinking of some kind of level 'between root and a normal user'.

Hm. Maybe I have to think that thing over. Adding $USER to the root group may be what I'm looking for.

BTW: It's round 06:42 hrs here. Kind of late :-)

Gregor
 
Old 11-21-2018, 12:05 AM   #8
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 8,792

Rep: Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656Reputation: 6656
Ah, I'm understanding now.

What you'd probably want to do is create the file as root, chown it to $USER:users, then you can chmod it to 755 (read write execute for the owner, you, then read and execute for the group and all others). You could also create your own group (I wouldn't use an existing group for this) which you could assign to your user, then you could have root own the file, that group have rwx and all others would just have r-x (775)

Adding your user to the root group can have serious security implications and would probably be best to be avoided.

And it's 23:04 right now here, so it's kinda late too
 
Old 11-21-2018, 12:17 AM   #9
gregors
Member
 
Registered: Mar 2018
Posts: 177

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by bassmadrigal View Post
Ah, I'm understanding now.
...
Thanks for your answer! I think I'll have to get used to work with file/user permissions again. Haven't done that for a long time.

Quote:
Originally Posted by bassmadrigal View Post
And it's 23:04 right now here, so it's kinda late too
So, consider this topic solved - g'night!

Gregor
 
Old 11-21-2018, 05:48 AM   #10
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105Reputation: 8105
Quote:
Originally Posted by gregors View Post
Looks like didn't make clear what I'm thinking of.

Well, it is (was?) said that I shouldn't log in as root if I want to do a typical user's work (like using some office stuff, nothing system related). So I want some things to be writable for my "simple user account" but not for any other user. What I'm thinking of is something between a normal user and root. I thought of using a group other than 'user' (but not 'root'). Maybe I'm missing something ...?

Gregor
The "wheel" group is historically meant to be used for purposes like this.
 
Old 11-21-2018, 06:42 AM   #11
GazL
LQ Veteran
 
Registered: May 2008
Posts: 6,882

Rep: Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988Reputation: 4988
I thought 'wheel' was pretty much just for controlling access to su/sudo on UNIX systems.

I know in the past on some UNIX the 'bin' user/group were used to permit binaries to be updated without the need for full superuser permissions, but because of the need for SUID/SGID executable that never really worked well, and you tend not to see it done these days.

Anyway, for the specific use case given by the op, I would be inclined to suggest that editing in-place is just a bad approach and that one should keep a master copy of the script (or whatever) elsewhere and su -c 'cp whatever /usr/local/bin/' as needed. This is what I do.

There's also sudoedit, and emacs has TRAMP which can allow you to edit files owned by another user, but as I mentioned, I'm not a fan of editing in-place.

He could also use default ACLs to permit his login to create change files in /usr/local/bin but that can get a little involved as ACLs aren't straight forward.

Lots of options really...

Last edited by GazL; 11-21-2018 at 06:44 AM.
 
Old 11-21-2018, 09:42 AM   #12
rknichols
Senior Member
 
Registered: Aug 2009
Distribution: Rocky Linux
Posts: 4,770

Rep: Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210Reputation: 2210
I simply created a group "admin" that I use for this purpose, with myself as the only member. There would be a problem with files that might be affected by updates, but I'm not using that GID with any such files.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Block bitmap for group 416 not in group (block 0) + group descriptors corrupted? quanta Linux - Server 1 12-08-2010 10:40 AM
Linux: What are the meaning of pam_console, pam_console_apply, console.perms ? quanba Linux - Newbie 1 04-14-2010 02:55 AM
Meaning of text color in the console? (ls output for example) EtherGhost Linux - General 3 12-31-2006 12:59 AM
group: add complete group into other group max_mad SUSE / openSUSE 1 04-12-2006 01:43 AM
Group Admin, Group Root, or God over Group crickett Linux - General 5 07-12-2004 04:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 01:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration