groups.7: New manual page of standard group names
Import groups(7) from NetBSD, with tweaks for our system. The group list is sorted by GID. All the group names from /usr/src/etc/group are described, except "uucp". The FILES section was added on top of the original manual page. PR: 264966 Relnotes: yes MFC after: 3 days Obtained from: NetBSD Reviewed by: des, ziaee Differential Revision: https://reviews.freebsd.org/D54114
This commit is contained in:
committed by
Alexander Ziaee
parent
bea1c2fcd7
commit
e09104dfb7
@@ -25,7 +25,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd August 29, 2025
|
||||
.Dd April 19, 2026
|
||||
.Dt GROUP 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -152,6 +152,7 @@ may still have this limit.
|
||||
.Xr initgroups 3 ,
|
||||
.Xr nsswitch.conf 5 ,
|
||||
.Xr passwd 5 ,
|
||||
.Xr groups 7 ,
|
||||
.Xr chkgrp 8 ,
|
||||
.Xr pw 8 ,
|
||||
.Xr yp 8
|
||||
|
||||
@@ -28,7 +28,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd May 16, 2023
|
||||
.Dd April 19, 2026
|
||||
.Dt PASSWD 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@@ -425,6 +425,7 @@ BEGIN { FS = ":"}
|
||||
.Xr login.conf 5 ,
|
||||
.Xr netgroup 5 ,
|
||||
.Xr nsswitch.conf 5 ,
|
||||
.Xr groups 7 ,
|
||||
.Xr adduser 8 ,
|
||||
.Xr nologin 8 ,
|
||||
.Xr pw 8 ,
|
||||
|
||||
@@ -14,6 +14,7 @@ MAN= arch.7 \
|
||||
development.7 \
|
||||
environ.7 \
|
||||
firewall.7 \
|
||||
groups.7 \
|
||||
growfs.7 \
|
||||
hier.7 \
|
||||
hostname.7 \
|
||||
@@ -50,6 +51,7 @@ MLINKS+= c.7 c11.7
|
||||
MLINKS+= c.7 c17.7
|
||||
MLINKS+= c.7 c23.7
|
||||
MLINKS+= c.7 c2y.7
|
||||
MLINKS+= groups.7 wheel.7
|
||||
|
||||
.if ${MK_INET} != "no"
|
||||
MAN+= networking.7
|
||||
|
||||
@@ -0,0 +1,345 @@
|
||||
.\" $NetBSD: groups.7,v 1.8 2020/04/02 20:57:20 roy Exp $
|
||||
.\"
|
||||
.\" SPDX-License-Identifier: BSD-2-Clause
|
||||
.\"
|
||||
.\" Copyright (c) 2020 The NetBSD Foundation, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd April 19, 2026
|
||||
.Dt GROUPS 7
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm groups
|
||||
.Nd standard group names
|
||||
.Sh DESCRIPTION
|
||||
A standard
|
||||
.Fx
|
||||
installation has the following user group names:
|
||||
.Bl -tag -width "realtime"
|
||||
.It Em wheel
|
||||
Users authorized to elevate themselves to the super-user privileges of
|
||||
the root user, meaning uid\~0.
|
||||
Normally the
|
||||
.Em wheel
|
||||
group has gid\~0.
|
||||
.Pp
|
||||
Users who are not in the group
|
||||
.Em wheel
|
||||
are never allowed by
|
||||
.Xr su 1
|
||||
to gain root privileges.
|
||||
.It Em daemon
|
||||
Used by the set-group-id programs
|
||||
.Xr lpr 1
|
||||
and
|
||||
.Xr rwho 1 .
|
||||
.It Em kmem
|
||||
Used by the set-group-id programs (like
|
||||
.Xr ktrdump 8 )
|
||||
that need to access kernel memory
|
||||
.Po Pa /dev/mem
|
||||
and
|
||||
.Pa /dev/kmem
|
||||
are in the group
|
||||
.Em kmem
|
||||
.Pc .
|
||||
See
|
||||
.Xr mem 4 .
|
||||
.It Em sys
|
||||
Historic group.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em tty
|
||||
Used by the set-group-id programs
|
||||
.Xr wall 1
|
||||
and
|
||||
.Xr write 1
|
||||
to allow users to send messages to another tty even if they don't own
|
||||
it (static tty device nodes
|
||||
.Pa /dev/pts/*
|
||||
are all in the group
|
||||
.Em tty ) .
|
||||
See
|
||||
.Xr tty 4 .
|
||||
.It Em operator
|
||||
Users authorized to take backups of disk devices and shut down the
|
||||
machine.
|
||||
.Pp
|
||||
The disk device nodes
|
||||
(such as
|
||||
.Pa /dev/ada0 )
|
||||
are in the group
|
||||
.Em operator
|
||||
and group-readable so users in the group can read from disk devices,
|
||||
for example with
|
||||
.Xr dump 8 .
|
||||
The tape device nodes
|
||||
(such as
|
||||
.Pa /dev/sa0 )
|
||||
are in the group
|
||||
.Em operator
|
||||
and are both group-readable and group-writable so users in the group
|
||||
can write to tape devices.
|
||||
.Pp
|
||||
The
|
||||
.Xr shutdown 8
|
||||
program is executable only by root and members of the
|
||||
.Em operator
|
||||
group.
|
||||
.It Em mail
|
||||
Used by mail agents (like
|
||||
.Xr dma 8 ) .
|
||||
.Pp
|
||||
By default, root mail
|
||||
.Pq Pa /var/mail/root
|
||||
is in the
|
||||
.Em mail
|
||||
group.
|
||||
.It Em bin
|
||||
Historic group.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em news
|
||||
Historic group.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em man
|
||||
Historic group; used to be used for managing manual pages (see
|
||||
.Xr man 1 ) .
|
||||
.It Em games
|
||||
Used by various set-group-id games to maintain high-scores files
|
||||
and other common files in
|
||||
.Pa /var/games .
|
||||
The members of this group are also allowed to access
|
||||
.Pa /dev/input/event*
|
||||
device nodes (see
|
||||
.Xr hgame 4 ) .
|
||||
See also
|
||||
.Xr intro 6 .
|
||||
.It Em ftp
|
||||
Used to be used by
|
||||
.Xr sysinstall 8
|
||||
(which is now replaced with
|
||||
.Xr bsdinstall 8 )
|
||||
for setting up anonymous FTP.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em staff
|
||||
Staff users, in contrast to guest users (see
|
||||
.Em guest
|
||||
group).
|
||||
Not used by
|
||||
.Fx ;
|
||||
available for the administrator's interpretation.
|
||||
See
|
||||
.Xr security 7
|
||||
for some recommendations on managing accounts in
|
||||
.Em staff
|
||||
group.
|
||||
.It Em sshd
|
||||
Primary group for the
|
||||
.Em sshd
|
||||
pseudo-user used by the
|
||||
.Xr sshd 8
|
||||
secure shell daemon.
|
||||
.It Em smmsp
|
||||
Primary group for user
|
||||
.Em smmsp ,
|
||||
which is used by
|
||||
.Xr sendmail 8
|
||||
if no non-root users were configured for running it.
|
||||
.Pp
|
||||
The name of the group means "SendMail Message Submission Program".
|
||||
.It Em mailnull
|
||||
Used by electronic mail transport agent
|
||||
.Xr sendmail 8
|
||||
as group for its default user
|
||||
.Em mailnull .
|
||||
.It Em guest
|
||||
Guest users, in contrast to staff users (see
|
||||
.Em staff
|
||||
group).
|
||||
Not used by
|
||||
.Fx ;
|
||||
available for the administrator's interpretation.
|
||||
.It Em video
|
||||
Used for access to
|
||||
.Pa /dev/drm/*
|
||||
devices, which are used for GPU hardware acceleration.
|
||||
See
|
||||
.Xr drm 7 .
|
||||
.It Em realtime
|
||||
Used by
|
||||
.Xr mac_priotiry 4
|
||||
to allow members of this group to run threads and processes with
|
||||
realtime scheduling priority.
|
||||
See also
|
||||
.Xr rtprio 1 .
|
||||
.It Em idletime
|
||||
Used by
|
||||
.Xr mac_priority 4
|
||||
to allow members of this group to run processes with idle scheduling
|
||||
priority.
|
||||
See also
|
||||
.Xr idprio 1 .
|
||||
.It Em bind
|
||||
Used to be used as primary group for the
|
||||
.Em bind
|
||||
pseudo-user used by
|
||||
.Xr named 8
|
||||
Internet domain name server, which has been removed from the base system in
|
||||
.Fx 10.0 .
|
||||
.It Em unbound
|
||||
Primary group for the
|
||||
.Em unbound
|
||||
pseudo-user used by the
|
||||
.Xr local-unbound 8
|
||||
recursive DNS resolver.
|
||||
.It Em proxy
|
||||
Primary group for the
|
||||
.Em proxy
|
||||
pseudo-user used by the
|
||||
.Xr ftp-proxy 8
|
||||
proxy daemon with packet filters such as
|
||||
.Xr pf 4 .
|
||||
.It Em authpf
|
||||
Used by the set-group-id program
|
||||
.Xr authpf 8
|
||||
to configure authenticated gateways.
|
||||
.It Em _pflogd
|
||||
Primary group for the
|
||||
.Em _pflogd
|
||||
pseudo-user used by the
|
||||
.Xr pflogd 8
|
||||
log daemon with the
|
||||
.Xr pf 4
|
||||
packet filter.
|
||||
.It Em _dhcp
|
||||
Primary group for the
|
||||
.Em _dhcp
|
||||
pseudo-user used by the
|
||||
.Xr dhclient 8
|
||||
DHCP Client.
|
||||
.It Em dialer
|
||||
Users authorized to make outgoing modem calls (see
|
||||
.Xr cu 1
|
||||
and
|
||||
.Pa /dev/cuauN
|
||||
devices).
|
||||
.It Em network
|
||||
Historic group.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em audit
|
||||
Primary group for the
|
||||
.Em auditdistd
|
||||
pseudo-user used by
|
||||
.Xr auditd 8
|
||||
and
|
||||
.Xr auditdistd 8
|
||||
audit daemons.
|
||||
.It Em www
|
||||
Historic group for accessing World Wide Web.
|
||||
Unused in modern
|
||||
.Fx .
|
||||
.It Em u2f
|
||||
Used for users who need to access
|
||||
.Pa /dev/u2f/*
|
||||
devices (see
|
||||
.Xr u2f 4 ) .
|
||||
.It Em ntpd
|
||||
Primary group for the
|
||||
.Em ntpd
|
||||
pseudo-user used by the
|
||||
.Xr ntpd 8
|
||||
network time protocol daemon.
|
||||
.It Em _ypldap
|
||||
Primary group for the
|
||||
.Em _ypldap
|
||||
pseudo-user used by
|
||||
.Xr ypldap 8
|
||||
daemon.
|
||||
.It Em hast
|
||||
Primary group for the
|
||||
.Em hast
|
||||
pseudo-user used by
|
||||
Highly Available Storage daemon
|
||||
.Xr hastd 8 .
|
||||
.It Em tests
|
||||
Primary group for the
|
||||
.Em tests
|
||||
pseudo-user used by
|
||||
automatic tests that request to run unprivileged.
|
||||
See
|
||||
.Xr tests 7 .
|
||||
.It Em nogroup
|
||||
Pseudo-group (fake group).
|
||||
It differs from group
|
||||
.Em nobody
|
||||
in way that
|
||||
.Em nogroup
|
||||
doesn't have a dedicated user for it.
|
||||
For instance, this group is used for users
|
||||
.Em tty
|
||||
and
|
||||
.Em kmem .
|
||||
.It Em nobody
|
||||
Primary group for the traditional
|
||||
.Em nobody
|
||||
pseudo-user.
|
||||
Modern practice is to assign to each different daemon its own separate
|
||||
pseudo-user account and group so that if one daemon is compromised it
|
||||
does not compromise all the other daemons.
|
||||
.Pp
|
||||
See also group
|
||||
.Em nogroup .
|
||||
.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width "/usr/src/etc/group" -compact
|
||||
.It Pa /etc/group
|
||||
Main group permissions file.
|
||||
.It Pa /usr/src/etc/group
|
||||
Group permissions file for the base system.
|
||||
.It Pa /usr/ports/GIDs
|
||||
A list of GIDs (group IDs) reserved for ports (see
|
||||
.Xr ports 7 ) .
|
||||
.El
|
||||
.Pp
|
||||
See
|
||||
.Xr group 5
|
||||
for the format of abovementioned files.
|
||||
.Sh SEE ALSO
|
||||
.Xr chgrp 1 ,
|
||||
.Xr groups 1 ,
|
||||
.Xr id 1 ,
|
||||
.Xr newgrp 1 ,
|
||||
.Xr group 5 ,
|
||||
.Xr pw 8
|
||||
.Sh HISTORY
|
||||
The
|
||||
.Nm
|
||||
manual page appeared in
|
||||
.Nx 10.0
|
||||
and
|
||||
.Fx 15.1 .
|
||||
Reference in New Issue
Block a user