linux wheel用户组,Linux中的Wheel组的作用

(原文)

Wheel

The wheel group is a legacy from UNIX. When a server had to be maintained at a higher level than the day-to-day system administrator, root rights were often required. The 'wheel' group was used to create a pool of user accounts that were allowed to get that level of access to the server. If you weren't in the 'wheel' group, you were denied access to root. I'll show a couple of ways to use membership of 'wheel' to limit the amount of havoc you can wreck on your system.

Most modern-day Linux distro's still use this concept of grouping people to assign different levels of administrative access, but to my knowledge the 'wheel' group is not necessarily used to that purpose. I like to be old-fashioned from time to time, and so I resurrected the use of 'wheel'. Add yourself to wheel when creating your account (use 'wheel' as your primary group) or use vigr to edit the file /etc/group and put your name to the end of the line starting with wheel - like this:

wheel::10:root,alien

The vigr command is a safe way of editing the group file in a multi-user environment. Of course, if there's no one working on your box except yourself, you might just as well use plain vi.

======================================================

(KC的译文)

Wheel组

Wheel组是Unix系统一个遗留物。当服务器需要做比日常例行维护更高级的工作的时候,就经常需要用到root根权限了。而这个wheel组就是建立用来归纳一些特殊的系统用户用的,这其中的用户都或多或少地拥有root的部分功能和权限。也就是说如果你不是wheel组成员,那就没有root身上任何的特权。也因为这样,使用wheel组成员用户的话,会尽量减少对系统“摧毁性”破坏的概率和风险。如今大多数的Linux发行版本中,仍然保留了wheel这个组,虽然它已经不像当初设计出来的那样必要了,但是有些老玩家还是忠于这种旧式经典风格的,所以他们经常还是依旧让wheel组发挥着以往的作用。他们是这样做的:在建立他们自己的用户时,将其添加入wheel组中(用wheel组作为用户的主组),或者使用vigr来编辑/etc/group文件,将他们的用户名追加到wheel组那行的末尾,就像这样:

wheel::10:root,kc

在多用户环境中编辑组配置文件时,vigr是一种较为妥当安全的这个命令工具。当然,当然,如果除了你自己之外没有其它人共用主机时,也可用直接用vi编辑器来做啦。

你可能感兴趣的:(linux,wheel用户组)