Predefined users and groups
From Mandriva Community Wiki
Introduction
Page under construction.
This page describes the use and the rights of predefined users and groups in Mandriva. Thus if you set a user (for exemple yourself) as a member of a predefined group, this user will get the rights given to the members of that group. Be carefull then, about the rights you give to the users, not to compromise the security of your system.
To understand well this page, you better have an idea of what are the Rights in a linux system. The fact that a user is a member of a group gives him the rights of this group. For instance, the right to read or to write specific files of the system. Also note that the informations of this page are really usefull for a Mandriva system that has a security level defined to at least "high" (see Msec).
Servers that runs on a computer are often executed under the name of a specified user with restricted rights, thus limiting any security issue or possible crash (see Being root). In that way a server won't be able to access or modify an important file of the system. It is the case for instance of the users: "apache", "sshd" and "ftp".
(The given UID and GID are only indicative. They can be different from one installation to another, for exemple depending on the order of package installation. Nontheless thoses with tiny numbers (less than 100 ?) might be the same on every Mandriva system.)
Predefined users
| User name | UID (default) | Explanation |
|---|---|---|
| Utilisateurs liés au système | ||
| root | 0 | The user that has every rights on the system |
| Utilisateurs liés aux servers | ||
| apache | 70 | User under which the Apache server is executed. |
| sshd | 74 | User under which the sshd deamon, which receives the ssh connections, server is executed. |
| ftp | 75 | User under which the FTP server is executed. |
- bin 1
- daemon 2
- adm 3
- lp 4
- sync 5
- shutdown 6
- halt 7
- mail 8
- news 9
- uucp 10
- operator 11
- games 12
- nobody 65534
- rpm 13
- messagebus 14
- avahi 15
- haldaemon 16
- vcsa 69
- rpc 71
- gdm 72
- rpcuser 73
- ntp 76
Predefined groups
| Group name | GID (default) | Explanation |
|---|---|---|
| Groupes that are used to give rights to member users. | ||
| root | 0 | The group that has all rights on the system. |
| wheel | 10 | Only members of this group can use the su command, if option enable_pam_wheel_for_su from Msec is enabled. |
| audio | 81 | The "nice" priority can go to -10. The real-time priority can go to 50. (info from: /etc/security/limits.conf). |
| Groups under which specific programs are executed | ||
| apache | 70 | The group of the apache user. (See apache in Predefined users, ci-dessus) |
| sshd | 74 | The group of the sshd user. (See sshd in Predefined users, ci-dessus) |
| ftp | 75 | The group of the ftp user. (See ftp in Predefined users, ci-dessus) |
- bin (gid = 1)
- daemon (gid = 2)
- sys (gid = 3)
- adm (gid = 4)
- tty (gid = 5)
- disk (gid = 6)
- lp (gid = 7)
- mem (gid = 8)
- kmem (gid = 9)
- mail (gid = 12)
- news (gid = 13)
- uucp (gid = 14)
- man (gid = 15)
- floppy (gid = 19)
- games (gid = 20)
- tape (gid = 21)
- cdrom (gid = 22)
- utmp (gid = 24)
- usb (gid = 43)
- cdwriter (gid = 80)
- video (gid = 82)
- users (gid = 100)
- nogroup (gid = 65534)
- rpm (gid = 101)
- xgrp (gid = 102)
- ntools (gid = 103)
- ctools (gid = 104)
- messagebus (gid = 105)
- avahi (gid = 106)
- haldaemon (gid = 16)
- vcsa (gid = 69)
- rpc (gid = 71)
- gdm (gid = 72)
- rpcuser (gid = 73)
- slocate (gid = 107)
- machines (gid = 421)
- ntp (gid = 76)
- lpadmin (gid = 480)
