WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: linux question - What are the rules regarding user names in the "group" file?  (Read 9154 times)

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
When the "group" file does not contain any user name entries does that mean any user can be in any group?
As in tc group file:

Code: [Select]
root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:

Conversely, if user names are entered for a group does that mean only those user names can be associated with that group.
As in:

Code: [Select]
root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:tc

Where tc is the only user associated with group staff. Are there any other rules of interest?
big pc man

Offline ^thehatsrule^

  • Retired Admins
  • Hero Member
  • *****
  • Posts: 1726
Quote
When the "group" file does not contain any user name entries does that mean any user can be in any group?
Not exactly, but afaik this part is:
Quote
any user can be in any group

Quote
if user names are entered for a group does that mean only those user names can be associated with that group.
No, there are primary groups (see /etc/passwd)

There are probably better explanations of these files in full... if more details are needed

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
I wanted user nobody to be in group staff in addition to nogroup so I added it and user tc to the group file staff group entry (staff:x:50:tc,nobody).

I created a folder test owned by user nobody group staff. Here's the strange part - when logged in as user tc a "cd" to the test directory is denied. I get the message "can't cd to test" If I change the permissions from 666 to 676 then I can access the directory. What the heck is going on?
big pc man

Offline jpeters

  • Restricted
  • Hero Member
  • *****
  • Posts: 1017
You have to have exec permission to enter a directory.   

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
You have to have exec permission to enter a directory.  
Wow after all these years of playing around with linux and I never knew that?
big pc man

Offline mikshaw

  • Sr. Member
  • ****
  • Posts: 368
Quote
When the "group" file does not contain any user name entries does that mean any user can be in any group?
As far as I know it means that no user is currently added to any group, so it's sort of the opposite of what you were asking.

Quote
if user names are entered for a group does that mean only those user names can be associated with that group.
It means only those users are currently associated with that group.

Quote
I wanted user nobody to be in group staff in addition to nogroup so I added it and user tc to the group file staff group entry
That's probably not a good idea. The user "nobody" is a special user made available to be very limited in what it can do, for use in things such as web servers to prevent remote access from obtaining control of things outside the server.  Nobody probably shouldn't be allowed to do anything apart from accessing files allowed for  "others" (the 4 in chmod 664, for example)

Offline tobiaus

  • Suspended
  • Hero Member
  • *****
  • Posts: 599
Nobody probably shouldn't be allowed to do anything

hey that sounds like windows...

Offline bigpcman

  • Hero Member
  • *****
  • Posts: 719
Quote
Quote
When the "group" file does not contain any user name entries does that mean any user can be in any group?
As far as I know it means that no user is currently added to any group, so it's sort of the opposite of what you were asking.

If this is true then why does the default tc group file have no user entries?

root:x:0:
lp:x:7:lp
nogroup:x:65534:
staff:x:50:

Edit: Ok now I get it. The group file would include secondary user group assignments and since there aren't any there are no entries. The passwd file contains the primary login group assignment. That makes sense.
« Last Edit: May 06, 2009, 10:35:08 AM by bigpcman »
big pc man