CentOS System Administration Essentials by Andrew Mallett
Author:Andrew Mallett
Language: eng
Format: epub
Publisher: Packt Publishing
Managing public and private groups
The Red Hat and, therefore, the CentOS user management systems deploy a private user group system. Each user created will also belong to an eponymous primary group; in other words, creating a user bob will also create a group bob, to which the user will be the only member.
Linux groups
Firstly, we have to understand a little about Linux groups. A user has both a primary group and secondary groups.
User ID and group ID (UID/GID) are used with the permission management structure in Linux. Every file in any filesystem will be owned by a user and a group by means of storing the UID and GID in the files metadata. Permissions can be assigned to the user, group, or others.
Each user has one UID and GID but belongs to just one group, which is a little restrictive, so users additionally have secondary groups. Users can change their current GID to one from their secondary groups using the /usr/bin/newgrp command, effectively switching their GID. In practice, this is not required and leads us to describing the differences between the users' primary group and secondary groups.
When creating a new file, the users UID and their current GID are used to create the ownership of the new file. If a user creates a new file, he/she will be the owner of that file and the file will be group owned by his/her own private group, creating an inherently secure system without the need of user intervention. Secondary groups are used in all other situations when accessing resources that currently exist. Users present all of their secondary groups when accessing a resource. In this way, a file that is readable by the users group but not to others will be accessible to a user whose GID is set to his/her own private group, but the list of secondary groups to which they belong includes the users group.
When assessing a user's ID, setting the /usr/bin/id command can be very useful. Run without any options or arguments and the output will display your own associated IDs. In the following screenshot, we can see that the user andrew belongs to only the private user group and has no additional secondary group memberships:
$ id
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Test-Driven iOS Development with Swift 4 by Dominik Hauser(7323)
Linux Device Driver Development Cookbook by Rodolfo Giometti(3414)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2312)
The Infinite Retina by Robert Scoble Irena Cronin(2170)
Kali Linux - An Ethical Hacker's Cookbook: End-to-end penetration testing solutions by Sharma Himanshu(2098)
Docker on Windows by Stoneman Elton(2080)
Hands-On AWS Penetration Testing with Kali Linux by Karl Gilbert(1829)
Computers For Seniors For Dummies by Nancy C. Muir(1769)
Hands-On Linux for Architects by Denis Salamanca(1738)
The Old New Thing by Raymond Chen(1719)
Programming in C (4th Edition) (Developer's Library) by Stephen G. Kochan(1700)
Filmora Efficient Editing by Alexander Zacharias(1530)
MCSA Windows Server 2016 Study Guide: Exam 70-741 by William Panek(1478)
Installing and Configuring Windows 10: 70-698 Exam Guide by Bekim Dauti(1411)
Mastering PowerShell Scripting - Fourth Edition by Chris Dent(1394)
Embedded Systems Architecture by Daniele Lacamera(1377)
Learn Computer Forensics by William Oettinger(1354)
Database Reliability Engineering: Designing and Operating Resilient Database Systems by Campbell Laine & Majors Charity(1347)
Mastering Kubernetes by Gigi Sayfan(1347)
