Using User Private Groups

by Chris Tyler

Red Hat and Fedora distributions of Linux create a separate user group for each user on the system. To someone coming from another distribution, such as SUSE (which puts all users in the group "users" by default), this may seem bizarre -- but there's a good reason for this often-ignored feature.

5 Comments

jhdlstn
2006-09-29 11:10:57
Could you elaborate on this technique vs. acls
Chris Tyler
2006-09-29 15:58:58
You can do very similar things with ACLs using the default ACL for a directory. I really like ACLs, but they're not as widely deployed, which leads to a few small differences:


- UPG works on filesystems that support traditional mode semantics but not file attributes.


- It's enabled by default (ACLs require a change in mount options from the installation defaults, for example).


Better to have two tools in the toolbox than one :-)


2006-10-02 09:46:59
Better to have two tools in the toolbox than one :-)


Didn't your dad ever tell you to use the right tool for a job? Our toolboxes should be filled with the right tools.

Chris Tyler
2006-10-02 20:08:04
I agree that we need to fill our toolboxes with the right tools. The right tool for Ext3 or ReiserFS is not the right tool for NFS, so it's worthwhile learning both approaches -- UPG works everywhere that ACLs work, plus many places where ACLs will not work. It's also worthwhile knowing why distributions are configured in the way that they are.
Fajar
2006-10-24 10:29:08
I still don't see the real reason why Suse put user into the user group. Doesn't it make that other user can read files in other's home directory?