[TUHS] historical users and groups

Robert Harker harker at harker.com
Wed Jan 14 17:28:02 AEST 2009

My knowledge comes from my early days at Sun in 84-85 as a rock-n-roll roadie 
turned into a UNIX sysadmin.  It was passed to me as I was learning how to 
take care of trade show Sun Workstations.  So take it with a grain of salt.

> daemon user

daemon was for daemon processes that ran in the background but did not want to 
run as root.  I believe it was used by inetd when it spawned a process but an 
not sure.  It was also used by sendmail when it gave up its SUID root privileges.

> operator user

operator was a normal user that had privilege to read the raw file systems 
through group membership.  Sysadmins who did backups would also be a member of 
this group.  The group I recall in the early days was "kmem" although now 
there is a separate group "disk".

> bin user

A user to go with group bin.  Typically would be the "proper" owner of all the 
binaries and libraries on a system.  It has lingered on for far to long 
because, IMHO, the vendors had no clue as to why everything was owned by bin 
and just kept it that way since "thats the way it's always been".

> bin group

I was told that group bin came from UCB to allow semi-trusted staff to replace 
binaries in the file system without giving them the root password.

> staff group

My recollection is that staff was for group read/write permissions for home 
directories, separate from group wheel which granted extra privileges

> nobody group versus nogroup group

The nobody group was a group to go with the nobody user introduced with NFS.
nogroup may have been someone's attempt to make the name more obvious, or it 
may have been for non-privileged account.  But the second case weakens the 
protection of a non-privileged account

More information about the TUHS mailing list