Wheel Group

Discussion in 'OS X El Capitan (10.11)' started by 1976pianoman, Nov 14, 2015.

  1. 1976pianoman macrumors newbie

    1976pianoman

    Joined:
    Jul 28, 2012
    #1
    Hi,

    Is it normal that files my home user account contains file permissions allowing the Wheel group? I noticed this when I happen to check the properties of a file I downloaded and saved to my desktop. I noticed the Wheel group have read permissions, then checked around some more and discovered wheel is all up in my business in home folder.

    Thanks.
     
  2. dsemf macrumors regular

    Joined:
    Jul 26, 2014
    #2
    Check the permissions for the Desktop itself. I suspect you will see that only you have access. Without access to the Desktop itself, other people cannot see the contents of the Desktop.

    If you look at other top level folders such as Documents, Photos, Music, etc., you will see the same situation. Library and Public have access at the top level, but will be restricted as necessary at lower levels.

    DS
     
  3. 1976pianoman thread starter macrumors newbie

    1976pianoman

    Joined:
    Jul 28, 2012
    #3
    So how does a saved file to the desktop end up with Wheel permissions? And if the desktop itself does not have Wheel permissions, can Wheel access the said desktop item?
     
  4. SlCKB0Y, Nov 14, 2015
    Last edited: Nov 14, 2015

    SlCKB0Y macrumors 68040

    SlCKB0Y

    Joined:
    Feb 25, 2012
    Location:
    Sydney, Australia
    #4
    This explains it pretty well:
    http://superuser.com/questions/191955/what-is-the-wheel-user-in-os-x

    In OS X, "wheel" is the default group for the root user.

     
  5. 1976pianoman thread starter macrumors newbie

    1976pianoman

    Joined:
    Jul 28, 2012
    #5
    Yes, I am aware of that. That is why I thought it was strange to see it where I am seeing it on desktop files, anything I download and many of the files in the home folder.
     
  6. SlCKB0Y macrumors 68040

    SlCKB0Y

    Joined:
    Feb 25, 2012
    Location:
    Sydney, Australia
    #6
    Well it is weird - I can't replicate the behaviour.

    Even weirder is that although the group wheel still exists in OS X, it is no longer used as it previously was. Previously only users in group wheel could su to root. Wheel has been replaced by group "admin" for this function (su and sudo).

    Source: https://developer.apple.com/library...uide/FileSystemDetails/FileSystemDetails.html

     
  7. dsemf macrumors regular

    Joined:
    Jul 26, 2014
    #7
    Open a terminal window and run the id command.

    This is what I get:
    Code:
    uid=502(xyz) gid=20(staff) groups=20(staff),12(everyone),61(localaccounts),701(com.apple.sharepoint.group.1),100(_lpoperator)
    This means that any file or directory that I create will have xyz as the owner and staff as the group.

    Here is a partial output from the ls -l command:
    Code:
    drwx------+  12 xyz   staff    408 Nov 14 12:35 Desktop/
    drwx------+  22 xyz   staff    748 Oct 24 12:14 Documents/
    drwx------+  10 xyz   staff    340 Nov  7 08:18 Downloads/
    
    As you can see, staff does not have any access to these top level directories and will not be able to traverse the directory trees.

    Here is a top level directory that I created:
    Code:
    drwxr-xr-x   31 xyz   staff   1054 Aug 17 08:06 W7/
    In this case I did not restrict the permissions so anyone in the staff group can traverse this directory.

    DS
     
  8. dogslobber macrumors 68020

    dogslobber

    Joined:
    Oct 19, 2014
    Location:
    Apple Campus, Cupertino CA
    #8
    Possibly the group setting for the folder is wheel. If you then create files in that directory then it'll make those files owned by wheel too.

    If that's the issue then you'd need to change the group owner to say "staff" then recursively change all the files to "staff" group too.

    E.g. if your $USER dir is the wrong group then do

    chgrp -R staff $USER

    Don't try that without a backup mind!
     

Share This Page