Chapter 49. Root, Group, and User Management

49.1. Unix User/Group Infrastructure

Unix users are given unique usernames and also added to one or more Unix groups (Section 49.7). Both a user and a group own all content within a system. If you list information about a file, you'll see both user and group ownership:

> ls -l
-rw-r--r--  1 root      weblog.burningbi  32230 May 22 13:58 access_log
-rw-r-----  1 shelleyp  weblog.burningbi   3995 May 12 11:08 analog.cfg
-rw-r--r--  1 root      weblog.burningbi      0 May 22 12:01 error_log

In this listing, the users are root and shelleyp, and the group (truncated) is weblog.burningbird.net.

You're assigned a primary group when you're added to a system. In addition, you can also be assigned to one or more secondary groups. Depending on the type of Unix system, you can either work with files that are owned by any one of the groups you belong to or you can work with files of your primary group only.

BSD-based Unix systems allow you to work with files from primary and secondary groups; this includes Darwin as well as the popular PC-based BSD systems, FreeBSD, and OpenBSD. System V systems restrict you to working with a primary group only.

For the majority of Unix systems, user and group membership is controlled through a couple of files, passwd and group, stored in the /etc directory. This directory has root write access only, but read and execute access by all users.

-- SP