1e09104dfSArtem Bunichev.\" $NetBSD: groups.7,v 1.8 2020/04/02 20:57:20 roy Exp $ 2e09104dfSArtem Bunichev.\" 3e09104dfSArtem Bunichev.\" SPDX-License-Identifier: BSD-2-Clause 4e09104dfSArtem Bunichev.\" 5e09104dfSArtem Bunichev.\" Copyright (c) 2020 The NetBSD Foundation, Inc. 6e09104dfSArtem Bunichev.\" All rights reserved. 7e09104dfSArtem Bunichev.\" 8e09104dfSArtem Bunichev.\" Redistribution and use in source and binary forms, with or without 9e09104dfSArtem Bunichev.\" modification, are permitted provided that the following conditions 10e09104dfSArtem Bunichev.\" are met: 11e09104dfSArtem Bunichev.\" 1. Redistributions of source code must retain the above copyright 12e09104dfSArtem Bunichev.\" notice, this list of conditions and the following disclaimer. 13e09104dfSArtem Bunichev.\" 2. Redistributions in binary form must reproduce the above copyright 14e09104dfSArtem Bunichev.\" notice, this list of conditions and the following disclaimer in the 15e09104dfSArtem Bunichev.\" documentation and/or other materials provided with the distribution. 16e09104dfSArtem Bunichev.\" 17e09104dfSArtem Bunichev.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 18e09104dfSArtem Bunichev.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 19e09104dfSArtem Bunichev.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 20e09104dfSArtem Bunichev.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 21e09104dfSArtem Bunichev.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22e09104dfSArtem Bunichev.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23e09104dfSArtem Bunichev.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24e09104dfSArtem Bunichev.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25e09104dfSArtem Bunichev.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26e09104dfSArtem Bunichev.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27e09104dfSArtem Bunichev.\" POSSIBILITY OF SUCH DAMAGE. 28e09104dfSArtem Bunichev.\" 29e09104dfSArtem Bunichev.Dd April 19, 2026 30e09104dfSArtem Bunichev.Dt GROUPS 7 31e09104dfSArtem Bunichev.Os 32e09104dfSArtem Bunichev.Sh NAME 33e09104dfSArtem Bunichev.Nm groups 34e09104dfSArtem Bunichev.Nd standard group names 35e09104dfSArtem Bunichev.Sh DESCRIPTION 36e09104dfSArtem BunichevA standard 37e09104dfSArtem Bunichev.Fx 38e09104dfSArtem Bunichevinstallation has the following user group names: 39e09104dfSArtem Bunichev.Bl -tag -width "realtime" 40e09104dfSArtem Bunichev.It Em wheel 41e09104dfSArtem BunichevUsers authorized to elevate themselves to the super-user privileges of 42e09104dfSArtem Bunichevthe root user, meaning uid\~0. 43e09104dfSArtem BunichevNormally the 44e09104dfSArtem Bunichev.Em wheel 45e09104dfSArtem Bunichevgroup has gid\~0. 46e09104dfSArtem Bunichev.Pp 47e09104dfSArtem BunichevUsers who are not in the group 48e09104dfSArtem Bunichev.Em wheel 49e09104dfSArtem Bunichevare never allowed by 50e09104dfSArtem Bunichev.Xr su 1 51e09104dfSArtem Bunichevto gain root privileges. 52e09104dfSArtem Bunichev.It Em daemon 53e09104dfSArtem BunichevUsed by the set-group-id programs 54e09104dfSArtem Bunichev.Xr lpr 1 55e09104dfSArtem Bunichevand 56e09104dfSArtem Bunichev.Xr rwho 1 . 57e09104dfSArtem Bunichev.It Em kmem 58e09104dfSArtem BunichevUsed by the set-group-id programs (like 59e09104dfSArtem Bunichev.Xr ktrdump 8 ) 60e09104dfSArtem Bunichevthat need to access kernel memory 61e09104dfSArtem Bunichev.Po Pa /dev/mem 62e09104dfSArtem Bunichevand 63e09104dfSArtem Bunichev.Pa /dev/kmem 64e09104dfSArtem Bunichevare in the group 65e09104dfSArtem Bunichev.Em kmem 66e09104dfSArtem Bunichev.Pc . 67e09104dfSArtem BunichevSee 68e09104dfSArtem Bunichev.Xr mem 4 . 69e09104dfSArtem Bunichev.It Em sys 70e09104dfSArtem BunichevHistoric group. 71e09104dfSArtem BunichevUnused in modern 72e09104dfSArtem Bunichev.Fx . 73e09104dfSArtem Bunichev.It Em tty 74e09104dfSArtem BunichevUsed by the set-group-id programs 75e09104dfSArtem Bunichev.Xr wall 1 76e09104dfSArtem Bunichevand 77e09104dfSArtem Bunichev.Xr write 1 78e09104dfSArtem Bunichevto allow users to send messages to another tty even if they don't own 79e09104dfSArtem Bunichevit (static tty device nodes 80e09104dfSArtem Bunichev.Pa /dev/pts/* 81e09104dfSArtem Bunichevare all in the group 82e09104dfSArtem Bunichev.Em tty ) . 83e09104dfSArtem BunichevSee 84e09104dfSArtem Bunichev.Xr tty 4 . 85e09104dfSArtem Bunichev.It Em operator 86e09104dfSArtem BunichevUsers authorized to take backups of disk devices and shut down the 87e09104dfSArtem Bunichevmachine. 88e09104dfSArtem Bunichev.Pp 89e09104dfSArtem BunichevThe disk device nodes 90e09104dfSArtem Bunichev(such as 91e09104dfSArtem Bunichev.Pa /dev/ada0 ) 92e09104dfSArtem Bunichevare in the group 93e09104dfSArtem Bunichev.Em operator 94e09104dfSArtem Bunichevand group-readable so users in the group can read from disk devices, 95e09104dfSArtem Bunichevfor example with 96e09104dfSArtem Bunichev.Xr dump 8 . 97e09104dfSArtem BunichevThe tape device nodes 98e09104dfSArtem Bunichev(such as 99e09104dfSArtem Bunichev.Pa /dev/sa0 ) 100e09104dfSArtem Bunichevare in the group 101e09104dfSArtem Bunichev.Em operator 102e09104dfSArtem Bunichevand are both group-readable and group-writable so users in the group 103e09104dfSArtem Bunichevcan write to tape devices. 104e09104dfSArtem Bunichev.Pp 105e09104dfSArtem BunichevThe 106e09104dfSArtem Bunichev.Xr shutdown 8 107e09104dfSArtem Bunichevprogram is executable only by root and members of the 108e09104dfSArtem Bunichev.Em operator 109e09104dfSArtem Bunichevgroup. 110e09104dfSArtem Bunichev.It Em mail 111e09104dfSArtem BunichevUsed by mail agents (like 112e09104dfSArtem Bunichev.Xr dma 8 ) . 113e09104dfSArtem Bunichev.Pp 114e09104dfSArtem BunichevBy default, root mail 115e09104dfSArtem Bunichev.Pq Pa /var/mail/root 116e09104dfSArtem Bunichevis in the 117e09104dfSArtem Bunichev.Em mail 118e09104dfSArtem Bunichevgroup. 119e09104dfSArtem Bunichev.It Em bin 120e09104dfSArtem BunichevHistoric group. 121e09104dfSArtem BunichevUnused in modern 122e09104dfSArtem Bunichev.Fx . 123e09104dfSArtem Bunichev.It Em news 124e09104dfSArtem BunichevHistoric group. 125e09104dfSArtem BunichevUnused in modern 126e09104dfSArtem Bunichev.Fx . 127e09104dfSArtem Bunichev.It Em man 128e09104dfSArtem BunichevHistoric group; used to be used for managing manual pages (see 129e09104dfSArtem Bunichev.Xr man 1 ) . 130e09104dfSArtem Bunichev.It Em games 131e09104dfSArtem BunichevUsed by various set-group-id games to maintain high-scores files 132e09104dfSArtem Bunichevand other common files in 133e09104dfSArtem Bunichev.Pa /var/games . 134e09104dfSArtem BunichevThe members of this group are also allowed to access 135e09104dfSArtem Bunichev.Pa /dev/input/event* 136e09104dfSArtem Bunichevdevice nodes (see 137e09104dfSArtem Bunichev.Xr hgame 4 ) . 138e09104dfSArtem BunichevSee also 139e09104dfSArtem Bunichev.Xr intro 6 . 140e09104dfSArtem Bunichev.It Em ftp 141e09104dfSArtem BunichevUsed to be used by 142e09104dfSArtem Bunichev.Xr sysinstall 8 143e09104dfSArtem Bunichev(which is now replaced with 144e09104dfSArtem Bunichev.Xr bsdinstall 8 ) 145e09104dfSArtem Bunichevfor setting up anonymous FTP. 146e09104dfSArtem BunichevUnused in modern 147e09104dfSArtem Bunichev.Fx . 148e09104dfSArtem Bunichev.It Em staff 149e09104dfSArtem BunichevStaff users, in contrast to guest users (see 150e09104dfSArtem Bunichev.Em guest 151e09104dfSArtem Bunichevgroup). 152e09104dfSArtem BunichevNot used by 153e09104dfSArtem Bunichev.Fx ; 154e09104dfSArtem Bunichevavailable for the administrator's interpretation. 155e09104dfSArtem BunichevSee 156e09104dfSArtem Bunichev.Xr security 7 157e09104dfSArtem Bunichevfor some recommendations on managing accounts in 158e09104dfSArtem Bunichev.Em staff 159e09104dfSArtem Bunichevgroup. 160e09104dfSArtem Bunichev.It Em sshd 161e09104dfSArtem BunichevPrimary group for the 162e09104dfSArtem Bunichev.Em sshd 163e09104dfSArtem Bunichevpseudo-user used by the 164e09104dfSArtem Bunichev.Xr sshd 8 165e09104dfSArtem Bunichevsecure shell daemon. 166e09104dfSArtem Bunichev.It Em smmsp 167e09104dfSArtem BunichevPrimary group for user 168e09104dfSArtem Bunichev.Em smmsp , 169e09104dfSArtem Bunichevwhich is used by 170e09104dfSArtem Bunichev.Xr sendmail 8 171e09104dfSArtem Bunichevif no non-root users were configured for running it. 172e09104dfSArtem Bunichev.Pp 173e09104dfSArtem BunichevThe name of the group means "SendMail Message Submission Program". 174e09104dfSArtem Bunichev.It Em mailnull 175e09104dfSArtem BunichevUsed by electronic mail transport agent 176e09104dfSArtem Bunichev.Xr sendmail 8 177e09104dfSArtem Bunichevas group for its default user 178e09104dfSArtem Bunichev.Em mailnull . 179e09104dfSArtem Bunichev.It Em guest 180e09104dfSArtem BunichevGuest users, in contrast to staff users (see 181e09104dfSArtem Bunichev.Em staff 182e09104dfSArtem Bunichevgroup). 183e09104dfSArtem BunichevNot used by 184e09104dfSArtem Bunichev.Fx ; 185e09104dfSArtem Bunichevavailable for the administrator's interpretation. 186e09104dfSArtem Bunichev.It Em video 187e09104dfSArtem BunichevUsed for access to 188e09104dfSArtem Bunichev.Pa /dev/drm/* 189e09104dfSArtem Bunichevdevices, which are used for GPU hardware acceleration. 190e09104dfSArtem BunichevSee 191e09104dfSArtem Bunichev.Xr drm 7 . 192e09104dfSArtem Bunichev.It Em realtime 193e09104dfSArtem BunichevUsed by 194*d5db883aSMaxim Konovalov.Xr mac_priority 4 195e09104dfSArtem Bunichevto allow members of this group to run threads and processes with 196e09104dfSArtem Bunichevrealtime scheduling priority. 197e09104dfSArtem BunichevSee also 198e09104dfSArtem Bunichev.Xr rtprio 1 . 199e09104dfSArtem Bunichev.It Em idletime 200e09104dfSArtem BunichevUsed by 201e09104dfSArtem Bunichev.Xr mac_priority 4 202e09104dfSArtem Bunichevto allow members of this group to run processes with idle scheduling 203e09104dfSArtem Bunichevpriority. 204e09104dfSArtem BunichevSee also 205e09104dfSArtem Bunichev.Xr idprio 1 . 206e09104dfSArtem Bunichev.It Em bind 207e09104dfSArtem BunichevUsed to be used as primary group for the 208e09104dfSArtem Bunichev.Em bind 209e09104dfSArtem Bunichevpseudo-user used by 210e09104dfSArtem Bunichev.Xr named 8 211e09104dfSArtem BunichevInternet domain name server, which has been removed from the base system in 212e09104dfSArtem Bunichev.Fx 10.0 . 213e09104dfSArtem Bunichev.It Em unbound 214e09104dfSArtem BunichevPrimary group for the 215e09104dfSArtem Bunichev.Em unbound 216e09104dfSArtem Bunichevpseudo-user used by the 217e09104dfSArtem Bunichev.Xr local-unbound 8 218e09104dfSArtem Bunichevrecursive DNS resolver. 219e09104dfSArtem Bunichev.It Em proxy 220e09104dfSArtem BunichevPrimary group for the 221e09104dfSArtem Bunichev.Em proxy 222e09104dfSArtem Bunichevpseudo-user used by the 223e09104dfSArtem Bunichev.Xr ftp-proxy 8 224e09104dfSArtem Bunichevproxy daemon with packet filters such as 225e09104dfSArtem Bunichev.Xr pf 4 . 226e09104dfSArtem Bunichev.It Em authpf 227e09104dfSArtem BunichevUsed by the set-group-id program 228e09104dfSArtem Bunichev.Xr authpf 8 229e09104dfSArtem Bunichevto configure authenticated gateways. 230e09104dfSArtem Bunichev.It Em _pflogd 231e09104dfSArtem BunichevPrimary group for the 232e09104dfSArtem Bunichev.Em _pflogd 233e09104dfSArtem Bunichevpseudo-user used by the 234e09104dfSArtem Bunichev.Xr pflogd 8 235e09104dfSArtem Bunichevlog daemon with the 236e09104dfSArtem Bunichev.Xr pf 4 237e09104dfSArtem Bunichevpacket filter. 238e09104dfSArtem Bunichev.It Em _dhcp 239e09104dfSArtem BunichevPrimary group for the 240e09104dfSArtem Bunichev.Em _dhcp 241e09104dfSArtem Bunichevpseudo-user used by the 242e09104dfSArtem Bunichev.Xr dhclient 8 243e09104dfSArtem BunichevDHCP Client. 244e09104dfSArtem Bunichev.It Em dialer 245e09104dfSArtem BunichevUsers authorized to make outgoing modem calls (see 246e09104dfSArtem Bunichev.Xr cu 1 247e09104dfSArtem Bunichevand 248e09104dfSArtem Bunichev.Pa /dev/cuauN 249e09104dfSArtem Bunichevdevices). 250e09104dfSArtem Bunichev.It Em network 251e09104dfSArtem BunichevHistoric group. 252e09104dfSArtem BunichevUnused in modern 253e09104dfSArtem Bunichev.Fx . 254e09104dfSArtem Bunichev.It Em audit 255e09104dfSArtem BunichevPrimary group for the 256e09104dfSArtem Bunichev.Em auditdistd 257e09104dfSArtem Bunichevpseudo-user used by 258e09104dfSArtem Bunichev.Xr auditd 8 259e09104dfSArtem Bunichevand 260e09104dfSArtem Bunichev.Xr auditdistd 8 261e09104dfSArtem Bunichevaudit daemons. 262e09104dfSArtem Bunichev.It Em www 263e09104dfSArtem BunichevHistoric group for accessing World Wide Web. 264e09104dfSArtem BunichevUnused in modern 265e09104dfSArtem Bunichev.Fx . 266e09104dfSArtem Bunichev.It Em u2f 267e09104dfSArtem BunichevUsed for users who need to access 268e09104dfSArtem Bunichev.Pa /dev/u2f/* 269e09104dfSArtem Bunichevdevices (see 270e09104dfSArtem Bunichev.Xr u2f 4 ) . 271e09104dfSArtem Bunichev.It Em ntpd 272e09104dfSArtem BunichevPrimary group for the 273e09104dfSArtem Bunichev.Em ntpd 274e09104dfSArtem Bunichevpseudo-user used by the 275e09104dfSArtem Bunichev.Xr ntpd 8 276e09104dfSArtem Bunichevnetwork time protocol daemon. 277e09104dfSArtem Bunichev.It Em _ypldap 278e09104dfSArtem BunichevPrimary group for the 279e09104dfSArtem Bunichev.Em _ypldap 280e09104dfSArtem Bunichevpseudo-user used by 281e09104dfSArtem Bunichev.Xr ypldap 8 282e09104dfSArtem Bunichevdaemon. 283e09104dfSArtem Bunichev.It Em hast 284e09104dfSArtem BunichevPrimary group for the 285e09104dfSArtem Bunichev.Em hast 286e09104dfSArtem Bunichevpseudo-user used by 287e09104dfSArtem BunichevHighly Available Storage daemon 288e09104dfSArtem Bunichev.Xr hastd 8 . 289e09104dfSArtem Bunichev.It Em tests 290e09104dfSArtem BunichevPrimary group for the 291e09104dfSArtem Bunichev.Em tests 292e09104dfSArtem Bunichevpseudo-user used by 293e09104dfSArtem Bunichevautomatic tests that request to run unprivileged. 294e09104dfSArtem BunichevSee 295e09104dfSArtem Bunichev.Xr tests 7 . 296e09104dfSArtem Bunichev.It Em nogroup 297e09104dfSArtem BunichevPseudo-group (fake group). 298e09104dfSArtem BunichevIt differs from group 299e09104dfSArtem Bunichev.Em nobody 300e09104dfSArtem Bunichevin way that 301e09104dfSArtem Bunichev.Em nogroup 302e09104dfSArtem Bunichevdoesn't have a dedicated user for it. 303e09104dfSArtem BunichevFor instance, this group is used for users 304e09104dfSArtem Bunichev.Em tty 305e09104dfSArtem Bunichevand 306e09104dfSArtem Bunichev.Em kmem . 307e09104dfSArtem Bunichev.It Em nobody 308e09104dfSArtem BunichevPrimary group for the traditional 309e09104dfSArtem Bunichev.Em nobody 310e09104dfSArtem Bunichevpseudo-user. 311e09104dfSArtem BunichevModern practice is to assign to each different daemon its own separate 312e09104dfSArtem Bunichevpseudo-user account and group so that if one daemon is compromised it 313e09104dfSArtem Bunichevdoes not compromise all the other daemons. 314e09104dfSArtem Bunichev.Pp 315e09104dfSArtem BunichevSee also group 316e09104dfSArtem Bunichev.Em nogroup . 317e09104dfSArtem Bunichev.El 318e09104dfSArtem Bunichev.Sh FILES 319e09104dfSArtem Bunichev.Bl -tag -width "/usr/src/etc/group" -compact 320e09104dfSArtem Bunichev.It Pa /etc/group 321e09104dfSArtem BunichevMain group permissions file. 322e09104dfSArtem Bunichev.It Pa /usr/src/etc/group 323e09104dfSArtem BunichevGroup permissions file for the base system. 324e09104dfSArtem Bunichev.It Pa /usr/ports/GIDs 325e09104dfSArtem BunichevA list of GIDs (group IDs) reserved for ports (see 326e09104dfSArtem Bunichev.Xr ports 7 ) . 327e09104dfSArtem Bunichev.El 328e09104dfSArtem Bunichev.Pp 329e09104dfSArtem BunichevSee 330e09104dfSArtem Bunichev.Xr group 5 331e09104dfSArtem Bunichevfor the format of abovementioned files. 332e09104dfSArtem Bunichev.Sh SEE ALSO 333e09104dfSArtem Bunichev.Xr chgrp 1 , 334e09104dfSArtem Bunichev.Xr groups 1 , 335e09104dfSArtem Bunichev.Xr id 1 , 336e09104dfSArtem Bunichev.Xr newgrp 1 , 337e09104dfSArtem Bunichev.Xr group 5 , 338e09104dfSArtem Bunichev.Xr pw 8 339e09104dfSArtem Bunichev.Sh HISTORY 340e09104dfSArtem BunichevThe 341e09104dfSArtem Bunichev.Nm 342e09104dfSArtem Bunichevmanual page appeared in 343e09104dfSArtem Bunichev.Nx 10.0 344e09104dfSArtem Bunichevand 345e09104dfSArtem Bunichev.Fx 15.1 . 346