I'm (finally, I hope) setting up a couple of true multi-user, multi-application,
multi-purpose machines (in the general style of the mainframes of old), but more along a
thin client (actually a so-called 'fat' client) model. One machine is a centos5 box,
the other is an ubuntu 9.04 box.
To this end, I'm trying to expand my knowledge of groups administration. There is not
much out there in google or the various SAGs on setting up and using groups beyond
adding the group name and the group permissions bits.
Scenario:
Given that there are an arbitrary number of users (user1-userx) that can be clustered
into a couple of different functional groups, say, database admins, oracle support,
accounting, administration, network admins, billing, and public relations. So the unix
groups are:
dba
orasupp
accounting
admin
netadmin
billing
pr
An individual user may be a member of one or several of these groups.
Questions:
1. Where is the typical/conventional place in the directory structure to put the group
directories, that is, directories that items common to all members of a given group can
have access to? I know they can be 'anywhere', but surely there are some conventions or
common practices?
2. Can a group be a member of another group? That is, say all members of netadmin
should also be members of orasupp. Can I just make netadmin a member of orasupp so that
by reference each individual member of netadmin will also be a member of orasupp? Or do
a have to add each member of netadmin individually to orasupp?
3. Where are group policies and environments set up? For global stuff there's
/etc/profile. For individual users there's the various .bashrc and .profile in the
individual user's home directory, but where is the 'group' .profile?
In the case of question 3, some google stuff said that the .bashrc set up from /etc/skel
should be used, but that doesn't seem right. First, it's only set up when the user's
home directory is created, so any additions or alterations to the group policies or
environments is not carried through. Second, the user can alter/delete it or otherwise
mess it up.
Any insights? I'm sure this is sort of muddled, so if clarifications are needed, don't
hesitate to ask.
Thanks!
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Fri Sep 18 05:46:44 2009
This archive was generated by hypermail 2.1.8 : Fri Sep 18 2009 - 05:46:44 AKDT