Users - Groups : The Basics for New To Linux
For my sistaution the server has 1 site and I am going to be the only one running / administering it. So to get started I just logged in @root to do everything to set up the server. I am by trade a designer so i simply save / upload on save thru Dreamweaver so I need and ftp or sftp account that should not be root for obvious reasons.
But what is that User to Group relation?
Are there reserved names? Bad choice names / groups?
Should I belong to a specific Group? What Group should that be?
Are there naming standards so if website "abc" create Group "abc" and add users to group abc that have access to it?
During setup i had to change the www/site folder to www-data so do I NEED to belong to that group? So when Dreamweaver saves the files on the server they all belong to the same group / user?
Rather confusing for a new user. I understand the concept…its using it in a real world example thats troubling me. Where to start?
SUDO user? Same rights as root so why not just run as root? I do not get that part.
Any and all help / info / tips / guidance will greatly be appreciated.
Laugh after
Thanks,
Dave
2 Replies
Security-wise, you shouldn't be logged in as root for your day-to-day tasks. In fact on my node, I haven't ever logged in as root except technically when the stackscript I used was logged in as root during the initial setup.
I have a "normal" user account who is a member of my sudoers group so I can use that account for admin stuff and have no need to be root.
See these articles too:
I'm sure others will have more input.
Might be a dumb question / concern but so far all i have done is set up the server (in root so i might re-build just to get more expereince with procedures) but i want to put a dummy site on the server so in a step by step process should i add Admin group? Add myself to that group? Is Admin already a group? Are there preset standard groups already set up? How do you know who to add to what? Its only me and i want access to everything no?
In a large scale / multi user environment sure let Jeff manage email Tom does database stuff and they each have sub users who can do specific operations only.
But as a single user small scale setup like mine i am the only user. I take care of setting up my email, my database and all that so maybe thats why it makes no sense to me to make various groups and users only to add myself to these groups giving myself permission to do things i already have. Thats where i leave puzzled.
Pages uploaded by me would then show Admin Admin does that make a difference on http server who read / process the files?
Maybe I'm confusing myself with web permissions for websites thur ACL…
Do applications (php, nginx, ftp….so on have preset users / groups)? I think thats also a bit confusing.
I see it as i have to add "dave" to "ftpgroup" to be able to use ftp? Add "dave" to nginx in order to have files uploaded by "dave" work with xginx?
Sorry i know it sounds dumb….im new.
Thanks again.