Below is a table of required mnemonic user and group names. This specification makes no attempt to numerically assign uid or gid numbers. The exceptions are the uid and gid for "root" which is equal to 0, and the uid and gid for "bin" which is equal to 1.
Table 16-1. Required User & Group Names
User | Group | Comments |
root | root | Administrative user with no restrictions |
bin | bin | Administrative user with some restrictions |
daemon | daemon | Subprocess special privileges |
Below is a table of optional mnemonic user and group names. This specification makes no attempt to numerically assign uid or gid numbers. If the username exists on a system, then they should be in the suggested corresponding group.
Table 16-2. Optional User & Group Names
User | Group | Comments |
adm | adm | Administrative special privileges |
lp | lp | Printer special privileges |
sync | sync | Login to sync the system |
shutdown | shutdown | Login to shutdown the system |
halt | halt | Login to halt the system |
Mail special privileges | ||
news | news | News special privileges |
uucp | uucp | UUCP special privileges |
operator | root | Operator special privileges |
man | man | Man special privileges |
nobody | nobody | Used by NFS |
The differences in numeric values of the uids and gids between systems on a network can be reconciled via NIS, rdist(1), rsync(1), or ugidd(8). Only a minimum working set of "user names" and their corresponding "user groups" are required. Applications cannot assume non system user or group names will be defined.
Applications cannot assume any policy for the default umask or the default directory permissions a user may have. Applications should enforce user only file permissions on private files such as mailboxes. The location of the users home directory is also not defined by policy other than the recommendations of the FHS and must be obtained by the *pwnam(3) calls.