分类: LINUX
2011-02-22 10:08:04
The security of a file on Linux is managed very well using the concept of and permissions. There can be three kind of permissions - read, write and execute and similary the ownership is divided into three kinds too - a user, group and others. Groups are a great way to share your work or work in collaboration with others by defining a group, whose members have the write to contribute/modify/see the work.
In order to understand the group divisions, lets first start with the command id that shows the user and group information about the logged in user. If you type the commad id on your terminal, it will show you a similar output.
[chia]$ id
uid=1000(chia) gid=1000(chia) groups=4(adm),20(dialout),119(admin),1000(chia)
As you can see, it shows your user name and ID, groups you can belong to and the group you are currently active with. Yes, on most Linux systems, you can be a member of only one group at a time. So, when you login, you should be assigned a group by default, that group is known as Primary Group.
This primary group is what shows up in the 4th field of /etc/passwd user entry.
[chia]$ grep chia /etc/passwd
chia:x:1000:1000:chia,,,:/home/chia:/bin/bash
And the rest of the groups that you can possibly belong to are termed as Secondary Groups.
Here comes an interesting point, if you look at the above output, the userID and the currently active groupID are same. What does this mean?
This is actually part of a user private group scheme. As the name suggests, it is used to improve the privacy of a user files. According to the scheme, a new user is assigned to his/her own group which contains only him, hence its called private group. So, until a user deliberately changes the group ownership of a file, it will belong to the user as owner and private group as group owner.
Now, you would ask, "what if I want to change my group? To be assigned a private group as default sounds like a good scheme, but how do I change my currently active group?"
The answer is below.
This can be done using the newgrp command.
[chia]$ newgrp admin
[chia]$ id
uid=1000(chia) gid=119(admin) groups=4(adm),20(dialout),119(admin),1000(chia)
As you can see, the group has changed.