Группы в LINUX
Чаще всего на рабочих станциях и домашних компьютерах добавляют не-root пользователей в ниже указанные группы, чтобы дать доступ к оборудованию или функциям системного администрирования:
- audio
- floppy
- lp
- network
- optical
- power
- storage
- video
- wheel
| Группа | Affected files | Назначение |
|---|---|---|
| adm |
/var/log/* |
доступ на чтение к log файлам. |
| audio |
/dev/audio , /dev/snd/* , /dev/rtc0 |
Доступ к звуковому оборудованию. |
| avahi | ||
| bin |
/usr/bin/* |
Right to modify binaries only by root, but right to read or executed by anyone. (Please modify this for better understanding…) |
| camera | доступ к цифровым камерам Digital Cameras. | |
| clamav |
/var/lib/clamav/* , /var/log/clamav/* |
И Clam AntiVirus. |
| daemon | ||
| dbus |
/var/run/dbus/* |
|
| disk |
/dev/sda[1-9] , /dev/sdb[1-9] |
Access to block devices not affected by other groups such as optical, floppy, and storage. |
| floppy |
/dev/fd[0-9] |
Access to floppy drives. |
| ftp |
/srv/ftp |
|
| games |
/var/games |
Access to some game software. |
| gdm | ||
| hal |
/var/run/hald , /var/cache/hald |
|
| http | ||
| kmem |
/dev/port , /dev/mem , /dev/kmem |
|
| locate |
/usr/bin/locate , /var/lib/locate , /var/lib/mlocate , /var/lib/slocate |
Right to use
updatedb command. |
| log |
/var/log/* |
Access to log files in
/var/log , |
| lp |
/etc/cups , /var/log/cups , /var/cache/cups , /var/spool/cups |
Access to printer hardware; enables the user to manage print jobs. |
| mem | ||
|
/usr/bin/mail |
||
| network | Right to change network settings such as when using NetworkManager. | |
| networkmanager | Requirement for your user to connect wirelessly with NetworkManager. This group is not included with Arch by default so it must be added manually. | |
| nobody | Unprivileged group. | |
| ntp | ||
| optical |
/dev/sr[0-9] , /dev/sg[0-9] |
Access to optical devices such as CD and DVD drives. |
| policykit | ||
| power | Right to use suspend utilities and power management controls. | |
| rfkill | ||
| root |
/* |
Complete system administration and control (root, admin). |
| scanner |
/var/lock/sane |
Access to scanner hardware. |
| smmsp |
sendmail group |
|
| storage | Access to removable drives such as USB hard drives, flash/jump drives, MP3 players; enables the user to mount storage devices through HAL and D-Bus. | |
| stb-admin | ||
| sys | Right to admin printers in CUPS. | |
| thinkpad |
/dev/misc/nvram |
Used by ThinkPad users for access to tools such as tpb. |
| tty |
/dev/tty , /dev/vcc , /dev/vc , /dev/ptmx |
Eg. to acces /dev/ACMx |
| users | Standard users group. | |
| uucp |
/dev/ttyS[0-9] , /dev/tts/[0-9] |
Serial and USB devices such as modems, handhelds, RS-232/serial ports. |
| vboxusers |
/dev/vboxdrv |
Right to use VirtualBox software. |
| video |
/dev/fb/0 , /dev/misc/agpgart |
Access to video capture devices, DRI/3D hardware acceleration (X can be used without belonging to this group). |
| vmware | Right to use VMware software. | |
| wheel | Right to use sudo (setup with
visudo ), also affected by PAM. |
При подготовке использован материал с сайта Archlinux.org
Постоянная ссылка на эту статью