This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Fri, 17 Nov 2000 19:03:46 -0800 (PST) From: Dave Zarzycki <dave@thor.sbay.org> To: Todd Lyons <todd@mrball.net> Subject: [svlug] Re: Wheel On Fri, 17 Nov 2000, Todd Lyons wrote: > I've looked around a bit and can't find any definitive answer. Of what > historical importance is the wheel group? A URL would be perfect. The wheel group is used by most Unix systems to control who can su. FYI - Richard Stallman is philosophically opposed to the concept, so this is why the GNU sh-utils doesn't support the "feature." If you search Google for "Richard Stallman wheel group", you'll find a longer explaination of why RMS doesn't like the wheel group. davez -- Dave Zarzycki http://thor.sbay.org/~dave/ === Date: Fri, 17 Nov 2000 19:24:03 -0800 (PST) From: Anmol Khirbat <anmol@teknema.com> To: World Domination <svlug@svlug.org> Subject: Re: [svlug] Wheel Hi This is from the PAM docs. http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.28 This is from the jargon file. http://www.tuxedo.org/~esr/jargon/html/entry/wheel.html Also check out wheel-bit while you are there. bye :) Anmol On Fri, 17 Nov 2000, Todd Lyons wrote: > I've looked around a bit and can't find any definitive answer. Of what > historical importance is the wheel group? A URL would be perfect. > > Blue skies... Todd > -- > Most traditional Pee-Cee user groups, I've noticed, function mainly as > commiseration societies for people who've bought lousy hardware, are > struggling and wasting time trying to deal with it, and want to exchange > coping-strategy tips with others in the same boat. -- Rick Moen === Date: Fri, 17 Nov 2000 22:24:00 -0800 To: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel From: Rick Moen <rick@linuxmafia.com> begin Dave Zarzycki quotation: > FYI - Richard Stallman is philosophically opposed to the concept, so this > is why the GNU sh-utils doesn't support the "feature." I read someone's remark, recently, that using the wheel group just means you have to worry about sgid-related exploits, instead of suid ones. Interesting observation, and worth considering. -- Cheers, "Reality is not optional." Rick Moen -- Thomas Sowell rick@linuxmafia.com === From: kmself@ix.netcom.com Date: Sat, 18 Nov 2000 02:13:55 -0800 To: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel --ZfOjI3PrQbgiZnxM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable on Fri, Nov 17, 2000 at 10:24:00PM -0800, Rick Moen (rick@linuxmafia.com) w= rote: > begin Dave Zarzycki quotation: >=20 > > FYI - Richard Stallman is philosophically opposed to the concept, so th= is > > is why the GNU sh-utils doesn't support the "feature." >=20 > I read someone's remark, recently, that using the wheel group just means > you have to worry about sgid-related exploits, instead of suid ones. > Interesting observation, and worth considering. Note, though, that under GNU/Linux, sudo apparently uses membership in the group 'sudo' as an indication that a user need not supply a password to gain root status. I don't find this documented in the 'sudo' man page, though I've observed the behavior myself. === Date: Sat, 18 Nov 2000 07:27:37 -0800 From: Bill Schoolcraft <bill@wiliweld.com> To: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel Rick Moen wrote: > I read someone's remark, recently, that using the wheel group just means > you have to worry about sgid-related exploits, instead of suid ones. > Interesting observation, and worth considering. Thanks for that bit of info but that brings up a question, where did the 'wheel' concept begin ? I have 'wheel' on my *BSD systems, but not here on my Solaris system, at least this version of Solaris-8 anyway. Was it there back in 1969 or whos idea was it ? Does the group _adm_ seems to be a close cousin to wheel ? [/etc/group] root::0:root other::1: bin::2:root,bin,daemon sys::3:root,bin,sys,adm adm::4:root,adm,daemon uucp::5:root,uucp mail::6:root tty::7:root,tty,adm lp::8:root,lp,adm nuucp::9:root,nuucp staff::10: daemon::12:root,daemon sysadmin::14: nobody::60001: noaccess::60002: nogroup::65534: === Cc: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel On Sat, Nov 18, 2000 at 07:27:37AM -0800, Bill Schoolcraft wrote: > > Thanks for that bit of info but that brings up a question, where did > the 'wheel' concept begin ? I have 'wheel' on my *BSD systems, but > not here on my Solaris system, at least this version of Solaris-8 > anyway. Was it there back in 1969 or whos idea was it ? Does the > group _adm_ seems to be a close cousin to wheel ? The wheel group was a BSD invention. === Date: Sat, 18 Nov 2000 11:36:05 -0800 (PST) From: Rafael <raffi@linwin.com> To: Bill Schoolcraft <bill@wiliweld.com> Subject: Re: [svlug] Re: Wheel Turning to good books and search engines when not knowing out my head: '"whell" was analogous to the root account in TOPS-20' page 89, UNIX System Administration Handbook (2nd Ed.) See also page 52 of that book. I believe there is a History of Unix which was written by one of the early users some time back. Don't remember exact title or publisher. I'm sure there is history of Unix somewhere on the net that goes into details 'why this or that' in Unix. The concept of wheel is arguably obsolete having sudo these days. The bad thing is that sudo is not made more visible in literature in my opinion. When you have more than one person "doing things" on the server it's safer to have them contained in their sand boxes than roaming around. Because there is one small group of priviledged functions they need acces to, being root is not necessary. Of course knowing too much about Unix history (including personal experience) one would need to admit advanced age and that might not be too geeky :-) Better to refer you to search engines and yes, they know where the history of Unix is: http://www.ee.byu.edu/unix-faq/subsection3_8_2.html http://virtual.park.uga.edu/hc/unixhistory.html Information and images taken from Peter H. Salus, A Quarter Century of UNIX; Reading, MA: Addison-Wesley, 1994. 1969 -- Bell Telephone Laboratories Ken Thompson (from UC Berkeley, at BTL since 1966) and Dennis Ritchie (from applied mathematics, Harvard See what happens when wife goes away for a month: "According to Thompson: It was the summer of '69. In fact, my wife went on vacation to my family's place in California.... I allocated a week each to the operating system, the shell, the editor, and the assembler, to reproduce itself, and during the month she was gone, it was totally rewritten in a form that looked like an operating system, with tools that were sort of known, you know, assembler, editor, and shell .... Yeh, essentially one person for a month." Interesting read and pointers for anybody especialy those who want to believe that "modern OS" was invented in Redmont. The tragedy of all is that MS has their hands on Xenix early on but don't know what to do with it. Instead, they introduced single user OS and keep upgrading it ever since. What can you expect from flunkies. === Date: Mon, 20 Nov 2000 11:43:03 -0800 (PST) From: Deirdre Saoirse <deirdre@deirdre.net> To: Bill Schoolcraft <bill@wiliweld.com> Subject: Re: [svlug] Re: Wheel On Sat, 18 Nov 2000, Bill Schoolcraft wrote: > Rick Moen wrote: > > > I read someone's remark, recently, that using the wheel group just means > > you have to worry about sgid-related exploits, instead of suid ones. > > Interesting observation, and worth considering. > > Thanks for that bit of info but that brings up a question, where did the > 'wheel' concept begin ? I have 'wheel' on my *BSD systems, but not here > on my Solaris system, at least this version of Solaris-8 anyway. Was it > there back in 1969 or whos idea was it ? Does the group _adm_ seems to > be a close cousin to wheel ? Well, in the classic sense, wheel is the oligarchy that does what is usually done by root on Linux. I *like* wheel, but perhaps that's my being contaminated with commercial unixen. :) === Date: Mon, 20 Nov 2000 12:51:33 -0800 From: Dan Copeland <dcopeland@linuxfan.com> To: kmself@ix.netcom.com Cc: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel On Sat, Nov 18, 2000 at 02:13:55AM -0800, kmself@ix.netcom.com wrote: > > Note, though, that under GNU/Linux, sudo apparently uses membership in > the group 'sudo' as an indication that a user need not supply a password > to gain root status. I don't find this documented in the 'sudo' man > page, though I've observed the behavior myself. I believe you're seeing the effects of the 'exempt_group' option. See http://www.courtesan.com/sudo/man/sudoers.html or the 'sudoers' man page. There are probably other ways to achieve the same effect, but in any case I think it's configuration and not inherent in sudo. - Dan === To: World Domination <svlug@svlug.org> Subject: Re: [svlug] Re: Wheel From: steve@theStarport.org (Stephen R. Savitzky) Date: 20 Nov 2000 22:43:08 -0800 Deirdre Saoirse <deirdre@deirdre.net> writes: > Well, in the classic sense, wheel is the oligarchy that does what is > usually done by root on Linux. I *like* wheel, but perhaps that's my being > contaminated with commercial unixen. :) I've always found it convenient to have a "staff" group that owns everything under /usr/local -- that way staff members can do local installs without having to become root. Since most Linux distros have "wheel" but not "staff" these days, I'm thinking of using it for the purpose. (I've been "contaminated" for a decade or so.) ===