What is the "wheel" user in macOS/OS X?

Question

I recently reinstalled iTunes and I noticed something peculiar.

The original version of iTunes has a user in the permissions known as wheel that is set to "Read Only".

I dragged this version of iTunes to the trash and installed a new copy, and when I look at the properties for iTunes it no longer says wheel, but rather just admin.

Here is a screenshot with the new version (left) and the old version (right):

What is the wheel user? How is it set (I can't seem to set it in the GUI)? Why would the permissions be different now?

It's not a problem, I'm just terribly curious.

Answer 1

Some color:

Mac OS X has roots in BSD UNIX, a.k.a. the UNIX that came out of UC Berkeley. They had a group of trusted people that could become superuser by using the su command. So they coded their UNIX to only allow people in this specific group to become superuser using su. They chose the groupname 'wheel', supposedly reference to other systems that had WHEEL, possibly a reference to being a 'big wheel'

It's less important now that you have the GUI authorization popups and sudo. You can use sudo without being in wheel group I believe.

As far as how to change to wheel, chgrp should be your friend, once you're root.

Answer 2

wheel is the system administrator group in BSD, much like root is the system administrator user.

It is common to add sudo permissions to users in the wheel group.

Answer 3

wheel is the group used by OSX for the 'system' /Applications. It was present since at least 1989-03-13 in the source of BSD Unix.

Whether the connotation is 'big wheel' or 'wheel of fortune' is unclear from my sources, but membership of wheel is special.

In OS X PAM is used to set the policy that su(1) will use. In particular, by default only users in the admin or wheel groups can switch to UID 0 (root). This group requirement may be changed by modifying the pam_group section of /etc/pam.d/su. See pam_group(8) for details on how to modify this setting.