Additional groups for users on a desktop system - Slackware

This is a discussion on Additional groups for users on a desktop system - Slackware ; Hi, When adding users to the system with 'adduser', until recently, I've been using these groups: audio,video,cdrom,floppy,scanner As far as i understand, 12.0 recommends to use also the plugdev group for automatic mounting of removable media. Are the other groups ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Additional groups for users on a desktop system

  1. Additional groups for users on a desktop system

    Hi,

    When adding users to the system with 'adduser', until recently, I've been
    using these groups:

    audio,video,cdrom,floppy,scanner

    As far as i understand, 12.0 recommends to use also the plugdev group for
    automatic mounting of removable media.

    Are the other groups still OK? What would you recommend for a normal
    desktop user?

    Niki

  2. Re: Additional groups for users on a desktop system

    Niki Kovacs wrote:

    > Hi,
    >
    > When adding users to the system with 'adduser', until recently,
    > I've been using these groups:
    >
    > audio,video,cdrom,floppy,scanner
    >
    > As far as i understand, 12.0 recommends to use also the plugdev
    > group for automatic mounting of removable media.
    >
    > Are the other groups still OK? What would you recommend for a
    > normal desktop user?
    >
    > Niki


    From /etc/login.defs

    # Note that users are added to these default groups only when
    # logging into a shell with /bin/login, not when using a login
    # manager such as kdm. In that case, users who should have
    # hardware access must be added to the appropriate groups
    # when the user is added with adduser or useradd, or by editing
    # /etc/group directly.
    #
    CONSOLE_GROUPS floppy:audio:cdrom:videolugdev

    See also Robin Workman's post "Slackware 12.0 and HAL usage - Read
    this!" on this issue.

    HTH
    Joerg
    --
    For email use g m x d o t n e t

  3. Re: Additional groups for users on a desktop system

    Niki Kovacs (mickey@mouse.com) writes:
    > Hi,
    >
    > When adding users to the system with 'adduser', until recently, I've been
    > using these groups:
    >
    > audio,video,cdrom,floppy,scanner
    >
    > As far as i understand, 12.0 recommends to use also the plugdev group for
    > automatic mounting of removable media.
    >
    > Are the other groups still OK? What would you recommend for a normal
    > desktop user?
    >
    > Niki



    You do realize that the groups are merely administrative issues.

    When you've got a Big System, some users may require more capability
    than you want to give every user, so you can put them in a group.

    And since you don't want to hand out everything to everyone, you can
    use multiple groups to be selective, so user A can get access to the floppy
    drive (which isn't a great example since on Big Systems the users would
    never have access to the hardware), while user B can have access to the
    CDROM, while user C can have access to both by adding them to both groups,
    while all the rest of the users have no access at all to these things.

    It's different with a single user system. But for the potential danger,
    you could run as root, but being a user makes it that much harder for
    you to do damage. But a single user likely wants access to that hardware,
    and there is no conflict in letting yourself have that access.

    Hence the multiple groups on that single system aren't really needed.
    You could just cook up a new group that does everything but the dangerous
    stuff, and put yourself in that group. It makes it all easier to keep
    track, since you don't have to wonder if access to the CDROM should be
    in this group or that group.

    The only reason to use multiple groups on that single user system is
    convention.

    Michael


+ Reply to Thread