Re: what is operator group for?
On Fri, 29 Dec 2006 23:30:49 + Chris Whitehouse [EMAIL PROTECTED] wrote: Hi Chris You could run a: find / -type f -group operator to see all files where operator is the group. Forgive me if I am wrong but I actually think this is the best way to find out. Hi all can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? Thanks Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
[EMAIL PROTECTED] wrote: can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. (snip) The answer above is correct. I found the operator group described in Essential System Administration by AEleen Frisch which is published by O'Reilly Associates, Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Thanks for the pointer, excellent book, I believe I have a copy somewhere, I will have read. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
[EMAIL PROTECTED] wrote: I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. Good point, thanks One alternative is sudo. There are some notes somewhere about setting up a group and setting permissions in devfs.conf and devfs.rules which I have been using. I thought maybe using operator would be more convenient. Doing my own setup is fiddly but I know what they are allowed. And sudo for shutting down works fine. Thanks for the reply. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. (snip) The answer above is correct. I found the operator group described in Essential System Administration by AEleen Frisch which is published by O'Reilly Associates, Inc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: what is operator group for?
can anyone tell me what the operator group is for, or docs where I can read about it? I see that /sbin/shutdown and /sbin/mk_snap_ffs are both executable by members and various things in /dev/ are mountable by them. My understanding is that group operator is intended for those who deal with devices, e.g. running backups and monitoring printers. I want a regular user to be able to mount removeable media and shutdown the computer. If I make them a member of operator group what else am I allowing them to do? With the usual permission settings, you are also allowing them to read disks directly (e.g. with dump(8)), and thus to read any file on the system -- including the system's and other users' private key files. One alternative is sudo. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]