[Techtalk] Users and Groups GUI in FC3

Conor Daly conor.daly-linuxchix at cod.homelinux.org
Wed Jun 8 17:16:04 EST 2005 

On Mon, Jun 06, 2005 at 10:02:48PM -0400 or so it is rumoured hereabouts, 
mkhayes thought:
> I've been running Linux (FC3) for 3 weeks and will soon be stripping 
> everything but Photoshop out of Windows.

Don't forget to check out GIMP for a replacement for photoshop.  It should
be already installed, otherwise do 'yum install gimp' as root.

> When I installed FC3, the only group I was in was mk.  This allowed me 
> to do nothing much at all.  Goal was to rip cds to the server 
> downstairs. (Nascent HTPC)  I couldn't access the drive to play a cd.  
> While now I might go to a command line, the gui gave me this wonderful 
> option, and it worked.  I made myself a member of just about every group 
> except root.  My hardware was my own again. 

Nope, it's not the best setup.  The 'pam' system should assign ownership
of various hardware devices to the first logged in (at the console) user
such that you get at all the sound stuff etc.  This is controlled in
/etc/security/console.perms .  First thing to check is are you the only
user logged in?  Have you logged in as root on a text console before you
logged in as mk?  Try 'w' to find out who's logged in now.

Check the current ownership of various things:

ls -l /dev/dsp

This is required for sound and should be owned by mk when you're logged
in.  I found that sometimes (using RH9 (or am I up to FC2 yet?)) the
permissions would not get reassigned, often after one of the kids had
powered off the machine without shutting down (they're learning but, since
we have one MS Windows machine in the house, they've gotten used to having
to power off at times...).  I can't remember what I did to get the
permissions back.  Maybe it was a matter of logging in as that user,
logging out again and rebooting but that's only surmise.

One other option is to take devices out of the console.perms file and give
them 666 or 777 permissions.  That makes them available to all users.
 
> I suspect this isn't the best setup, but I can't find anywhere what 
> these mean/do/should-be, and since there are 45 of them, unchecking and 

You shouldn't be a member of these groups.  It makes your account that
much less secure since, once cracked, your account has much more privilege
than it needs.

Conor
-- 
Conor Daly <conor.daly at oceanfree.net>

Domestic Sysadmin :-)
---------------------
Hobbiton.cod.ie
 08:05:33  up 67 days, 16:22,  1 user,  load average: 0.00, 0.07, 0.19

More information about the Techtalk mailing list