I just noticed on my FreeBSD machine that root is in wheel and operator. I'm trying to think of a situation where UID 0 being in a group would have any effect on… well… anything, and I'm coming up blank. For that matter, does root even need a primary login group in /etc/passwd? Or does login(3) choke and die if the user has a blank primary group field?
(To clarify: I understand the purpose of the "root" group's existence, since files need a group owner. I'm not understanding how it matters that the user root/toor/whatever has that group membership.)
Is this just cruft from decades ago, or is there a real reason for it?
Best Answer
In short: no. Having root on
wheel
andoperator
group change nothing.But you are also questioning 2 other things:
root group id is (by default) set to 0, which is closest thing to a empty value you can get.
As said, every user has to have a group, so you cannot set root group id (nor any user gid) to a void or blank value. If you try to set a user gid to blank, you will be warned by
pwd_mkdb
:So the fact that root is defined is more about having it properly named instead of just a dumb number. You can change root gid to any meaningless number (gid not within
/etc/group
). Your root user would still be able to log in,su
or whatever else root can do. You will just end up have something like that:about why some users are in the wheel group that is a totally different story, as FreeBSD, like OpenBSD or NetBSD, users have to be part of the
wheel
in order tosu
root.From FreeBSD documentation (chapter 9.4):
But you are right, removing the root user from the wheel would not change things. This is purely formal, as much as the toor user is nor part of wheel or root is part of operator group.
The operator group is however, purely formal, without any special meanings in itself.
Here is also what Richard Stallman think about the wheel group (from gnu su manual):