GROUPS(7) NetBSD Miscellaneous Information Manual GROUPS(7)
NAME
groups -- standard group names
DESCRIPTION
A standard NetBSD installation has the following user group names: wheel Users authorized to elevate themselves to the super-user privi- leges of the root user, meaning uid 0. Normally the wheel group has gid 0. Users who are not in the group wheel are never allowed by su(1) to gain root privileges. daemon Used by the set-group-id (setuid(7)) programs lpq(1), lpr(1), and lprm(1). sys Historic group. Unused in modern NetBSD. tty Used by the set-group-id (setuid(7)) programs wall(1) and write(1) to allow users to send messages to another tty even if they don't own it. Static tty device nodes in /dev are all in the group tty, and the mount_ptyfs(8) program passes the gid of the tty group to the kernel so that all nodes in /dev/pts or equivalent are in the group too. operator Users authorized to take backups of disk devices and shut down the machine. The disk device nodes in /dev such as /dev/rwd0a are in the group operator and group-readable so users in the group can read from disk devices, for example with dump(8). The tape device nodes in /dev such as /dev/rst0 are in the group operator and are both group-readable and group-writable so users in the group can write to tape devices. The shutdown(8) program is executable only by root and members of the operator group. mail Historic group. Unused in modern NetBSD. bin Historic group. Unused in modern NetBSD. wsrc Historic group. Unused in modern NetBSD. maildrop Used by the set-group-id (setuid(7)) programs postdrop(1) and postqueue(1) to submit to and examine the postfix(1) mail queue at /var/spool/postfix/maildrop and /var/spool/postfix/public. postfix Primary group for the postfix pseudo-user used by the postfix(1) mail transfer agent. games Used by various set-group-id (setuid(7)) games to maintain high-scores files and other common files in /var/games. named Primary group for the named pseudo-user used by the named(8) DNS nameserver daemon. ntpd Primary group for the ntpd pseudo-user used by the ntpd(8) net- work time protocol daemon. sshd Primary group for the sshd pseudo-user used by the sshd(8) secure shell daemon. _pflogd Primary group for the _pflogd pseudo-user used by the pflogd(8) log daemon with the pf(4) packet filter. _rwhod Primary group for the _rwhod pseudo-user used by the rwhod(8) system status daemon. staff Staff users, in contrast to regular or guest users. Not used by NetBSD; available for the administrator's interpretation. _proxy Primary group for the _proxy pseudo-user used by the ftp-proxy(8) and tftp-proxy(8) proxy daemons with packet fil- ters such as pf(4) or ipnat(4). _timedc Primary group for the _timedc pseudo-user used by the timedc(8) tool to communicate with the timed(8) time server daemon. _sdpd Primary group for the _sdpd pseudo-user used by the sdpd(8) Bluetooth service discovery protocol daemon. _httpd Primary group for the _httpd pseudo-user used by the httpd(8) (bozohttpd) web server. _mdnsd Primary group for the _mdnsd pseudo-user used by the mdnsd(8) multicast DNS and DNS service discovery daemon. _tests Primary group for the _tests pseudo-user used by atf(7) auto- matic tests that request to run unprivileged. _tcpdump Primary group for the _tcpdump pseudo-user used by the tcpdump(8) network traffic dumper and analyzer. _tss Primary group for the _tss pseudo-user used by the tcsd(8) `Trusted Computing' daemon to manage a TPM. _gpio Users authorized to read and write GPIO pins; see gpio(4) and gpioctl(8). _dhcpcd Primary group for the _dhcpcd pseudo-user used by the dhcpcd(8) DHCP Client Daemon. _rtadvd Primary group for the _rtadvd pseudo-user used by the rtadvd(8) IPv6 network router advertisement daemon. guest Guest users, in contrast to staff or regular users. Not used by NetBSD; available for the administrator's interpretation. _unbound Primary group for the _unbound pseudo-user used by the unbound(8) recursive DNS resolver. _nsd Primary group for the _nsd pseudo-user used by the nsd(8) authoritative DNS nameserver. nvmm Users authorized to use the nvmm(4) NetBSD Virtual Machine Mon- itor. nobody Primary group for the traditional nobody pseudo-user. Modern practice is to assign to each different daemon its own separate pseudo-user account and group so that if one daemon is compro- mised it does not compromise all the other daemons. utmp Group of utmp(5) login records. authpf Used by the set-group-id (setuid(7)) program authpf(8) to con- figure authenticated gateways. users Regular users, in contrast to staff or guest users. Default primary group for new users, as set in the default usermgmt.conf(5) file. Some administrators may instead prefer to assign to each user a unique group with the same name as the user by passing the `-g =uid' option to useradd(8). dialer Users authorized to make outgoing modem calls. Unused in mod- ern NetBSD. nogroup Pseudo-group.
SEE ALSO
users(7) NetBSD 10.99 April 2, 2020 NetBSD 10.99
Powered by man-cgi (2024-08-26). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.