It would appear that on Nov 26, nrickert did say:
> jtwdyp;2506518 Wrote:
> > But that doesn’t mean I know which groups are used by what system
> > processes etc…
>
> Most of the time, there isn’t much that it is important to know.
Yeah, most of the time…
> I added myself to the “root” group, so that I can read
> “/var/log/messages” without being root.
>
> The “tty” group traditionally has permissions to write to tty devices.
> The “write” command runs with membership in the tty group. So you don’t
> have to add yourself to the “tty” group to use that ability.
Which is obviously not the same as typing text into a bash prompt on one of
them… Didn’t think I’d need that one much anyway.
> Some of the groups are there so that software can run with restricted
> permissions. Allowing “write” to run with group membership of the tty
> group is safer than allowing it to run as root.
Which is what I was getting at. I know they do that. But I’ve never been sure
which ones.
> I hope that helps.
>
> Audio works for me without adding myself to the audio group. But
> perhaps I would need to be in that group to do audio from a tty login.
> I’m pretty sure that an X login already provides needed permissions.
> Maybe running “startx” from a terminal, instead of logging in at the X
> screen, would require additional group memberships.
Which is part of why I want to know… I do use X. But I absolutely abhor
every single Display Manager I’ve ever encountered. I’ve been using startx for
a long time. Unfortunately the devs at most of the Linux distributions I’m
familiar with are not updating the startx scripts to do all the latest
initialization steps that they make sure happens when the Display Manager logs
a user in… This didn’t used to be as much of a concern. I didn’t need to know
which groups I needed, I simply replicated in my actual user account, whatever
group memberships the installer thought the initial user account needed. But
lately the said initial user hasn’t been being added to very many groups.
> In short, stuff mostly works without worrying about groups.
But a startx user sometimes needs more. I just recently went a little nuts
trying to get a non-root user to be able to play music in Bodhi Linux…
That computer has an built in nvidia card with a sound chip. If I used the DM
my user got sound, E17’s mixer gadget/module recognized the nvidia sound and
gave my user access to more sound channels than I knew what to do with…
When I disabled the DM so that I could boot to console, and use startx when/if
I’m ready for the GUI, that same E17 mixer was regulated to a dummy output
device. Yet if the root account ran startx it got full access to the sound,
which indicated that it wasn’t a runlevel thing…
It took me way too long to realize that all I had to do was to add my user
accounts to the audio group for it to work…
It would appear that on Nov 26, Carlos E. R. did say:
> On 2012-11-25 22:47, JtWdyP wrote:
>
> > I could go on & on about several groups. But I’m hoping there is a list
> > somewhere of what each one is for,
>
> AFAIK, no.
>
>
> We try to guess what they are for. Some we do know.
That was what I was afraid of… I guess I’ll have to go back to guessing myself.
I just wish I knew which ones {besides root} are too dangerous to add to regular
user accounts. {sigh}
–
JtWdyP
