How does group 'wheel' get on my files?

Question

My MacOS non-admin account is not a member of group 'wheel.' But any file I create in /tmp from Terminal commands is always group wheel.

There is no sticky bit nor ACL nor extended attribute to explain this on the symlink /tmp or on /private/tmp which it points to.

I like to use /tmp as a scratchpad because the system cleans it up for me on every boot.

Answer 1

By default, new files inherit the group assigned to the directory they're created in. /tmp (actually /private/tmp) is assigned to the wheel group, therefore your new files created there get assigned to the wheel group.

BTW, if you're worried that this assignment is going to cause problems, don't. The default permissions on new files in macOS gives the group and everyone else read-only access, meaning that the wheel group gets ... exactly the same access that everyone else does. Also, the wheel group itself is sort of a nothing. In traditional unixes, it's sort of the group for computer administrators; in macOS, that function is taken over by the "admin" group. The only remaining member of the wheel group on macOS is the root user, which has full access to everything anyway, so its group membership doesn't really matter. Actually, the way wheel gets used in macOS is more-or-less as a placeholder; there has to be some group assigned, but it's not actually going to do anything... I know, just use "wheel".

Answer 2

The group classification is inherited from the directory in which the file is created in.