[techtalk] Users, groups, admins, roots...

Ian Phillips ianp at tibco.com
Wed Apr 19 15:31:52 EST 2000 

Hi Brian,

Basically, the terms "root" "superuser" "administrator" are all identical, you'll also quite often see the term "priveledged user" quite a bit. root seems to be the most common, and since this is also usually the actual user account name this makes sense.

The priveledged granted to the root account by the system are nothing to do with the account name. The operating system uses a unique number (the "User Identifier", or uid) for each account to identify them, the name of the account is simply to make them easy for humans to work with. The operating system gives special priveledges to the account with uid = 0. There is nothing to stop you creating more than 1 account with a different name and the same uid. It's generally a bad idea though.

To get the effect you want with respect to administering Apache/WU-FTP/whatever, you should create a group for this and add all the users you want to be able to admin this stuff to the group. Without looking at you system setup, this could be accomplished by:

Command:					Explanation:
---------------------------------	---------------------------------
groupadd webadmin				Create a groupfor the administrators to have, you
						can use any name you want to here.
vim /etc/group				This is the group defenitions file, you can see
						how it's formatted: the last field on each line is
						a comma seperated list of users in each group.
						Simply add all the users you want to the end of
						the line starting with webadmin.
cd /apache/install/point		Go to where you installed Apache to
chgrp -R webadmin *			Make all of the files members of the webadmin
						group
chmod -R g+wrx *				Grant full permissions on those files, to any user
						in the same group as the files (webadmin here)

Repeat the last 3 steps for each peice of software you want to be admin'ed in this way.

IMPORTANT NOTE: This isn't secure, it's a quick and dirty fix. In particular, granting full permissions like that is bad form, you should go through all of the files and change group membership and permissions to only allow the users to do what it required, but without more info about your system I can't do this. The above solution will work.

Yours,
Ian.

#ifndef  __COMMON_SENSE__ | Ian Phillips
#include <std_disclaimer> | TIBCO Software Inc.
#endif                    | www.TIBCO.com

More information about the Techtalk mailing list