# User groups



## Miax (Nov 8, 2010)

I have made a user account, but I don't know which default group gives which permissions except wheel. Is there a document about this?


----------



## Jaax (Nov 10, 2010)

Hi,

On my servers my admin account is in wheel group, and on my laptop my account is in news, games.

All depend of what do you want to do.


----------



## sk8harddiefast (Nov 10, 2010)

Also to see on witch group you are:

```
group user
```
(Where user is the name you set)
or

```
id -Gn user
```
 (Where user is the name you set)

To add user to a group:

just modify /etc/group


----------



## graudeejs (Nov 10, 2010)

sk8harddiefast said:
			
		

> Also to see on witch group you are:
> 
> ```
> group user
> ...



or use pw(8)


----------



## sk8harddiefast (Nov 10, 2010)

I think that once I had use pw to remove a user and create a new one 
I think that it was pw command


----------



## noz (Nov 11, 2010)

Miax said:
			
		

> I have made a user account, but I don't know which default group gives which permissions except wheel. Is there a document about this?



Groups themselves don't give any permissions, it only puts users into a particular category.  Permissions are set on files which you can see using:
`$ ls -l`


```
$ ls -l su*
-r-sr-xr-x  1 root  wheel  14500 Jul 18 22:24 su*
-r-xr-xr-x  2 root  wheel   8860 Jul 18 22:24 sum*
$
```

From the above code, it shows that you can run su or sum if you are root or in the wheel group.

You can see a list of all groups on the system with:
`$ cat /etc/group`

Related stuff from the handbook:
Groups
Permissions
User Management


----------



## SirDice (Nov 11, 2010)

noz said:
			
		

> ```
> $ ls -l su*
> -r-sr-xr-x  1 root  wheel  14500 Jul 18 22:24 su*
> -r-xr-xr-x  2 root  wheel   8860 Jul 18 22:24 sum*
> ...


Errmm. No, it also shows that the 'other' group has read and execute access. The 'other' group means everyone. Hence, everyone can read or execute those files.


----------



## noz (Nov 11, 2010)

Thanks, I missed that.


----------



## DutchDaemon (Nov 11, 2010)

OP, is your query answered?


----------



## Miax (Nov 12, 2010)

Thank you. But I have one more question. I have copied a directory from usb stick and cause of permission, i used the root account. Now the directory is owned by root. But it has nothing more than pdf files. So, can I change the owner of the directory with a non-root user account?


----------



## sk8harddiefast (Nov 12, 2010)

```
chown -R [B]user file[/B]
```
 Where *user* is that you set as user and *file* is the file you want to change permissions. Example: 
	
	



```
chown -R emberdaemon skate/
```


----------



## quicktrick (Jan 23, 2019)

Old question, but if you are using _zsh_ you may add to _.zshrc_ the following functions:

```
usergroups() { for user in $(awk -F: '/^[[:space:]]*#/ {NR--; next} {print $1}' /etc/passwd); do echo "$user: $(groups $user)"; done; }
groupusers() { cat /etc/group | awk -F: '/^[[:space:]]*#/ {NR--; next} {print $1, $3, $4}' | while read group gid members; do
        members=$members,$(awk -F: "/^[[:space:]]*#/ {NR--; next} \$4 == $gid {print \",\" \$1}" /etc/passwd);
        echo "$group: $members" | sed 's/,,*/ /g';
    done; }
```
Then from the command line:

```
➜ ~ # usergroups
root: wheel operator
toor: wheel
daemon: daemon
operator: operator
bin: bin
tty: nogroup
kmem: nogroup
games: games
news: news
man: man
sshd: sshd
smmsp: smmsp
mailnull: mailnull
bind: bind
unbound: unbound
proxy: proxy
_pflogd: _pflogd
_dhcp: _dhcp
uucp: uucp
pop: mail
auditdistd: audit
www: www
_ypldap: _ypldap
hast: hast
nobody: nobody
git_daemon: git_daemon

➜ ~ # groupusers
wheel: root root toor
daemon:  daemon
kmem:
sys:
tty:
operator: root operator
mail:  pop
bin:  bin
news:  news
man:  man
games:  games
ftp:
staff:
sshd:  sshd
smmsp:  smmsp
mailnull:  mailnull
guest:
video:
bind:  bind
unbound:  unbound
proxy:  proxy
authpf:
_pflogd:  _pflogd
_dhcp:  _dhcp
uucp:  uucp
dialer:
network:
audit:  auditdistd
www:  www
_ypldap:  _ypldap
hast:  hast
nogroup:  tty kmem
nobody:  nobody
git_daemon:  git_daemon
```


----------

