what is operator group for?
Hi all can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? Thanks Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
On Fri, 29 Dec 2006 23:30:49 + Chris Whitehouse [EMAIL PROTECTED] wrote: Hi Chris You could run a: find / -type f -group operator to see all files where operator is the group. Forgive me if I am wrong but I actually think this is the best way to find out. Hi all can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? Thanks Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fwd: what is operator group for?
Jeff Rollin wrote: -- Forwarded message -- From: Jeff Rollin [EMAIL PROTECTED] Date: 31-Dec-2006 19:43 Subject: Re: what is operator group for? To: Chris Whitehouse [EMAIL PROTECTED] On 31/12/06, Chris Whitehouse [EMAIL PROTECTED] wrote: Hi all I sent this once already but didn't see it come back, sorry if it has appeared twice. AFAIK it has only come up once, so that's OK. can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. Originally things were set up that way so that people in the operator group could mount disks and tapes, shut the machine off, etc. root would do the system administration itself (removing rootkits, etc.) Well, when I say originally I mean when the operator group was added to the system. I don't think it existed in early versions of UNIX. Jeff Sorry for all the random appearances of this post, I posted once and it didn't appear, so I posted again a couple of days later, then my posts plus replies plus an offline reply and so recursively came at various times. Summary of replies in case anyone else is looking: [EMAIL PROTECTED] My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. One alternative is sudo. [EMAIL PROTECTED] My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. The answer above is correct. I found the operator group described in Essential System Administration by AEleen Frisch which is published by O'Reilly Associates, Inc. Thanks everybody for answers Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fwd: what is operator group for?
On 03/01/07, Chris Whitehouse [EMAIL PROTECTED] wrote: Jeff Rollin wrote: -- Forwarded message -- Sorry for all the random appearances of this post, I posted once and it didn't appear, so I posted again a couple of days later, then my posts plus replies plus an offline reply and so recursively came at various times. Actually that was my fault and I ought to have replied with an explanation; the first time I replied to you, I replied to your email address (directly), though meaning to reply to freebsd - something about the way this mailinglist and/or Gmail works means that it doesn't deal with the list correctly, i.e. send replies to the list. Instead, when you click reply it sends replies to the person posting the inquiry/comment. Annoying. Anyway, hope that's all cleared up. Jeff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
[EMAIL PROTECTED] wrote: can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. (snip) The answer above is correct. I found the operator group described in Essential System Administration by AEleen Frisch which is published by O'Reilly Associates, Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Thanks for the pointer, excellent book, I believe I have a copy somewhere, I will have read. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: what is operator group for?
-- Forwarded message -- From: Jeff Rollin [EMAIL PROTECTED] Date: 31-Dec-2006 19:43 Subject: Re: what is operator group for? To: Chris Whitehouse [EMAIL PROTECTED] On 31/12/06, Chris Whitehouse [EMAIL PROTECTED] wrote: Hi all I sent this once already but didn't see it come back, sorry if it has appeared twice. AFAIK it has only come up once, so that's OK. can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. Originally things were set up that way so that people in the operator group could mount disks and tapes, shut the machine off, etc. root would do the system administration itself (removing rootkits, etc.) Well, when I say originally I mean when the operator group was added to the system. I don't think it existed in early versions of UNIX. Jeff -- Now, did you hear the news today? They say the danger's gone away But I can hear the marching feet Moving into the street Adapted from Genesis, Land of Confusion http://latedeveloperbasketcase.blogspot.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
[EMAIL PROTECTED] wrote: I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. Good point, thanks One alternative is sudo. There are some notes somewhere about setting up a group and setting permissions in devfs.conf and devfs.rules which I have been using. I thought maybe using operator would be more convenient. Doing my own setup is fiddly but I know what they are allowed. And sudo for shutting down works fine. Thanks for the reply. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. (snip) The answer above is correct. I found the operator group described in Essential System Administration by AEleen Frisch which is published by O'Reilly Associates, Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
what is operator group for?
Hi all I sent this once already but didn't see it come back, sorry if it has appeared twice. can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? Thanks Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. One alternative is sudo. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
