Myhre, Julie said:
> Hello,
>
> I come from an SGI and Sun UNIX background, where the admin needs to do
> some good group and file management planning, and creates accounts giving
> groups of users a main project group (thus, their primary GID), and
> perhaps adding them to other groups as well. The users'
> individually (default login mode - no newgrp) created files are safe from
> tampering and destruction, but can be viewed by members only in their
> group. The Linux default requires the user to explicitly share every file
> he creates, since every new user has a unique GID.
>
> I'm having some trouble finding any discussion that relates the pros and
> cons of the Linux method, and I know some of the issues must revolve
> around the duties and experience level of shared groups one might
> create.
I think a benefit is maintaining UID and GID number naming consistancy.
for me it's just nice I guess, to know that the UID number in passwd matches
an entry in group(for user accounts at least). This of course can vary
depending on what your used to. In my last job I created users(on a solaris
NIS/NFS box) with each user in their own group. In addition to that the
manager was used to the "unix" way and wanted everyone in a "staff" group
so I put them in that group as well. Directories were 775 by default, if
someone wanted to share a file they could either change permissions
accordingly on their directory or copy it toa temporary location(there were
several "public" locations that were shared depending on what purpose the
data was being used for). Or, more often they just put the file in their
~/public_html directory and emailed a url to the user.
the "linux" way is also a bit more secure of course because of this, having
each user in their own group. e.g. back in ~1994 I had a unix class,
and the teacher was teaching us awk. I could never get beyond the most
basic usage of awk, so I just copied his scripts from his home directory and
modified them a bit so they looked like mine. Either he didn't suspect
anything or he didn't care(the OS was SCO). I would think that most users
would prefer that their files are not readable by other users on the system
by default(when I say most I am mostly referring to the less experienced,
perhaps they don't know how to use chown/chmod or don't know what it is
at all).
For me, it is habbit, if I want to share a file with someone, I copy it
to /tmp, let them get it, and delete it after. Though I am rarely on
systems that have more then a couple users logged on at any given point.
Most of the systems I am the only user in the shell, and most of my
systems do not run ftp servers. And pretty much all of my systems
run with only trusted users.
most linux systems the adduser process is done by a script though on
redhat I can't seem to find a script that does it, all I see is useradd.
Debian's setup uses a perl script to add users, and maintains a config
file[1] which you can adjust the defaults for adding users, e.g. put them
in their own group or not, what UID/GIDs to assign(ranges), and more.
Back when I used slackware('97) I think adduser was a bash script..though
no idea what it uses now.
nate
(solaris, irix, hpux, aix, tru64, redhat, suse, debian, slackware, freebsd
etc.................debian is by far my favorite!)
[1] http://www.fifi.org/cgi-bin/man2html/usr/share/man/man5/adduser.conf.5.gz
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
