58 lines
3.1 KiB
Markdown
58 lines
3.1 KiB
Markdown
# Understanding UserID (UID) and GroupID (GID)
|
|
|
|
## 1. Introduction to UIDs and GIDs:
|
|
In Linux, every user and group is assigned a unique numerical identifier. For users, this is called the User ID (UID), and for groups, it's the Group ID (GID). These IDs are fundamental to the Linux security model and permission system.
|
|
|
|
## 2. User IDs (UIDs):
|
|
- A UID is a positive integer assigned to each user on a Linux system.
|
|
- UIDs are used internally by the system to identify users and determine their access rights.
|
|
- The root user always has a UID of 0.
|
|
- Traditional Linux systems reserved UIDs 1-99 for system accounts, 100-999 for system applications, and 1000+ for regular users.
|
|
- Modern systems often start regular user UIDs at 1000 or higher.
|
|
|
|
## 3. Group IDs (GIDs):
|
|
- Similar to UIDs, GIDs are positive integers assigned to each group on the system.
|
|
- Groups are used to organize users and manage permissions collectively.
|
|
- The root group typically has a GID of 0.
|
|
- Like UIDs, GIDs below 1000 are often reserved for system groups, while 1000+ are for user-created groups.
|
|
- Each user has a primary group (primary GID) and can be a member of multiple secondary groups.
|
|
|
|
## 4. How UIDs and GIDs are stored:
|
|
- User information, including UIDs, is stored in the /etc/passwd file.
|
|
- Group information, including GIDs, is stored in the /etc/group file.
|
|
- Encrypted passwords are typically stored in /etc/shadow (for users) and /etc/gshadow (for groups).
|
|
|
|
## 5. Special UIDs and GIDs:
|
|
- UID 0 (root): Has full system access and privileges.
|
|
- UID 65534 (nobody): Often used for unprivileged processes or NFS access.
|
|
- GID 0 (root): The primary group for the root user.
|
|
- GID 65534 (nogroup): Often used for unprivileged processes.
|
|
|
|
## 6. Viewing and modifying UIDs and GIDs:
|
|
- View current user and group: `id $USER`
|
|
- View all users: cat /etc/passwd
|
|
- View all groups: cat /etc/group
|
|
- Change a user's UID: `sudo usermod -u NEW_UID USERNAME`
|
|
- Change a group's GID: `sudo groupmod -g NEW_GID GROUPNAME`
|
|
- Add a user to a group: `sudo usermod -aG GROUPNAME USERNAME`
|
|
|
|
## 7. UIDs, GIDs, and file permissions:
|
|
- Each file and directory in Linux has an owner (UID) and a group (GID).
|
|
- File permissions are based on these ownership attributes.
|
|
- The `ls -l` command shows file ownership and permissions.
|
|
- Changing file ownership: chown USER:GROUP FILENAME
|
|
|
|
## 8. Security implications:
|
|
- UIDs and GIDs are crucial for access control and privilege separation.
|
|
- Duplicate UIDs or GIDs can lead to security vulnerabilities.
|
|
- UID 0 (root) has unrestricted access, so it should be protected and used sparingly.
|
|
- SUID and SGID bits on executables can elevate privileges, potentially causing security risks if misused.
|
|
|
|
## 9. Best practices:
|
|
- Regularly audit user and group assignments.
|
|
- Use unique UIDs and GIDs for each user and group.
|
|
- Implement the principle of least privilege: give users only the access they need.
|
|
- Be cautious when changing UIDs or GIDs of existing users, as it may affect file ownership.
|
|
- Use groups effectively to manage permissions for multiple users.
|
|
- Regularly review and update access rights, especially for sensitive system areas.
|