I compile and install into root many software packages. At times, I have trouble getting them running until I stumble upon the need to become a member of a certain usergroup in order for the software to start. This is very frustrating as you are shooting in the dark to find a solution.
I am conversant with permissions and ownerships. Perhaps I need a better understanding of usergroups.
Some questions are:
How does one even know that you need to be in some obtuse usergroup to run
software? As an example I would use boinc.
What creates these usergroups; the software? Why is there even a boinc usergroup.
I am in ârootâ usergroup. Shouldnât that get me into all usergroups?
Any info or pointer to a good doc appreciated. tom kosvic
@tckosvic remove yourself from root user group, that is just a recipe for disaster and add to the appropriate user group, via YaST or usermod -a -G <some_group> <username> When you add your user to a group, logout/login is required.
Please, please, please, place yourself in the âusersâ user group.
Yes, there are certain applications such as âWiresharkâ which require that, the users of this application are members of the âwiresharkâ group â the same applies for the Oracle VirtualBox application â the VM users have to be members of the âvboxusersâ group.
There are good security reasons for this practice â not every user should be allowed to sniff ALL the Ethernet/Network packets and, not every user should be allowed to run a Virtual Machine âŚ
Try to find a document that explains user, group and world permissions.
No idea what you mean with this, but when you create software to be used by all your users, you should install it in correct places (like /usr/local/) and give it the correct owner and group (often root:root) and correct permissions so that owner root can change the software (e.g. install new version) and that other users can read and execute, but not write, etc.
Many example in your system, juts have a look in e.g. /usr/bin/
You need to take a look in the file â/etc/groupâ â if you grep for your username in that file and the group âlibvirtâ is present there then, youâre a member of that group.
@hcvv,
I did use confusing terminology âinstall into rootâ.
I meant install into system directory (/). The locations of the installed software are selected by the software âmakeâ process as implemented by âsudo make installâ. I have been through /usr/bin/ hundreds of times.
Then you will have seen who there are owners, group and what the permissions for an executable (available to all users) are. So it is not even needed to understand these things when you put your own executable there, just to do likewise. So what is the question then?
Theyâre rarely âobtuseâ and itâs just a permissions. If a application is configured to read or write to a location the user doesnât have access to, it wonât launch.
@tckosvic if itâs a daemon of some kind running from a systemd service and needs to run as user X, then user X should be created with nologin or false, and a respective group, then you as the user if need access then adding your user to the group will suffice.
I do not find references to the need to join a user group as part of the software documentation. Have a look at my example boinc.
To @dcurtisfra, How did you know that the wireshark and vmbox user group even existed? Do you go to yast âuser and group managementâ and search there for a usergroup for every piece of software that you install? What created those usergroups?
No, I am not interested in boinc (whatever it may be) and I am not going to check what you should check. And when indeed part of using boinc by a user incorporates adding a secondary group to that user, but that is not documented, it is you that should start a bug report against documentation with the boinc developers. Not me.
But I note we are now far off your original question. That was about software you created and not about third party software.
When you compile other ones software, that has normally no influence on itâs functionality. Thus your remark about âusers that must be added to a groupâ has nothing to do with the fact that you compile. Just a confusing introduction to your problem description.
Again, when software (compiled by you or from e.g. a ready to use RPM) creates a special group (or maybe even a special user) at installation and the users of it should know about that, that should be in either the management documentation, or in the user documentation (or both, or maybe in the combined docs).
At times, I have trouble getting them running until I stumble upon the need to become a member of a certain usergroup in order for the software to start.
I do not see this problem on âyast/zypperâ installed software. I see it on software I compile and install myself.
Oh, you mean the Berkeley Open Infrastructure for Network Computing (BOINC) âŚ
A Client-Server technology for distributed computing â it attempts to use unused CPU cycles on various systems connected to the (private) network âŚ
