Context Navigation

source: BOOK/boot/common/pwdgroup.xml@ 5d01446

Visit:

clfs-1.2 clfs-2.1 clfs-3.0.0-systemd clfs-3.0.0-sysvinit systemd sysvinit

Last change on this file since 5d01446 was f5df137, checked in by Jim Gifford <clfs@…>, 16 years ago
Updated Udev to 137. Fixed nagging uucp group issue for udev
Property mode set to `100644`
File size: 7.7 KB

Rev	Line
[3f8be484]	1	<?xml version="1.0" encoding="ISO-8859-1"?>
[aa18ac0]	2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[3f8be484]	4	<!ENTITY % general-entities SYSTEM "../../general.ent">
	5	%general-entities;
	6	]>
	7
	8	<sect1 id="ch-boot-pwdgroup">
	9	<?dbhtml filename="pwdgroup.html"?>
	10
	11	<title>Creating the passwd, group, and log Files</title>
	12
	13	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	14	<primary sortas="e-/etc/passwd">/etc/passwd</primary>
[3f8be484]	15	</indexterm>
	16
	17	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	18	<primary sortas="e-/etc/group">/etc/group</primary>
[3f8be484]	19	</indexterm>
	20
	21	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	22	<primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
[3f8be484]	23	</indexterm>
	24
	25	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	26	<primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
[3f8be484]	27	</indexterm>
	28
	29	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	30	<primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
[3f8be484]	31	</indexterm>
	32
	33	<indexterm zone="ch-boot-pwdgroup">
[91ad4a4]	34	<primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
[3f8be484]	35	</indexterm>
	36
[934e597]	37	<para os="a">In order for user <systemitem class="username">root</systemitem> to
[3f8be484]	38	be able to login and for the name <quote>root</quote> to be recognized,
[91ad4a4]	39	there must be relevant entries in the <filename>/etc/passwd</filename>
	40	and <filename>/etc/group</filename> files.</para>
[3f8be484]	41
[3f76cac]	42	<para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
[3f8be484]	43	the following command:</para>
	44
[3f76cac]	45	<screen><userinput>cat > ${CLFS}/etc/passwd << "EOF"
[ee02460]	46	<literal>root::0:0:root:/root:/bin/bash</literal>
[65018363]	47	EOF</userinput></screen>
	48
[934e597]	49	<para os="b">The actual password for <systemitem class="username">root</systemitem>
[d1ff581]	50	(the <quote>::</quote> used here is just a placeholder and allows you to login
[b2011e5]	51	with no password) will be set later.</para>
[3f8be484]	52
[934e597]	53	<variablelist os="c">
[04fe8e5]	54
	55	<title>Additional users you may want to add:</title>
	56
	57	<varlistentry>
	58	<term><literal>bin:x:1:1:bin:/bin:/bin/false</literal></term>
	59	<listitem>
[9b020e6]	60	<para>Can be useful for compatibility with legacy applications.</para>
[04fe8e5]	61	</listitem>
	62	</varlistentry>
	63	<varlistentry>
	64	<term><literal>daemon:x:2:6:daemon:/sbin:/bin/false</literal></term>
	65	<listitem>
[9b020e6]	66	<para>It is often recommended to use an unprivileged User ID/Group ID
	67	for daemons to run as, in order to limit their access to the system.</para>
[04fe8e5]	68	</listitem>
	69	</varlistentry>
	70	<varlistentry>
	71	<term><literal>adm:x:3:16:adm:/var/adm:/bin/false</literal></term>
	72	<listitem>
[292da92]	73	<para>Was used for programs that performed administrative tasks.</para>
[04fe8e5]	74	</listitem>
	75	</varlistentry>
	76	<varlistentry>
	77	<term><literal>lp:x:10:9:lp:/var/spool/lp:/bin/false</literal></term>
	78	<listitem>
[b2011e5]	79	<para>Used by programs for printing</para>
[04fe8e5]	80	</listitem>
	81	</varlistentry>
	82	<varlistentry>
	83	<term><literal>mail:x:30:30:mail:/var/mail:/bin/false</literal></term>
	84	<listitem>
[b2011e5]	85	<para>Often used by email programs</para>
[04fe8e5]	86	</listitem>
	87	</varlistentry>
	88	<varlistentry>
	89	<term><literal>news:x:31:31:news:/var/spool/news:/bin/false</literal></term>
	90	<listitem>
[292da92]	91	<para>Often used for network news servers</para>
[04fe8e5]	92	</listitem>
	93	</varlistentry>
	94	<varlistentry>
	95	<term><literal>uucp:x:32:32:uucp:/var/spool/uucp:/bin/false</literal></term>
	96	<listitem>
[9b020e6]	97	<para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
[04fe8e5]	98	</listitem>
	99	</varlistentry>
	100	<varlistentry>
	101	<term><literal>operator:x:50:0:operator:/root:/bin/bash</literal></term>
	102	<listitem>
[292da92]	103	<para>Often used to allow system operators to access the system</para>
[04fe8e5]	104	</listitem>
	105	</varlistentry>
	106	<varlistentry>
	107	<term><literal>postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false</literal></term>
	108	<listitem>
[9b020e6]	109	<para>Generally used as an account that receives all the information of troubles with the mail server</para>
[04fe8e5]	110	</listitem>
	111	</varlistentry>
	112	<varlistentry>
	113	<term><literal>nobody:x:65534:65534:nobody:/:/bin/false</literal></term>
	114	<listitem>
[9b020e6]	115	<para>Used by NFS</para>
[04fe8e5]	116	</listitem>
	117	</varlistentry>
	118	</variablelist>
	119
[ca77da8]	120	<para>Create the <filename>${CLFS}/etc/group</filename> file by running
[3f8be484]	121	the following command:</para>
	122
[3f76cac]	123	<screen><userinput>cat > ${CLFS}/etc/group << "EOF"
[65018363]	124	<literal>root:x:0:
	125	bin:x:1:
	126	sys:x:2:
	127	kmem:x:3:
	128	tty:x:4:
	129	tape:x:5:
	130	daemon:x:6:
	131	floppy:x:7:
	132	disk:x:8:
	133	lp:x:9:
	134	dialout:x:10:
	135	audio:x:11:
	136	video:x:12:
	137	utmp:x:13:
	138	usb:x:14:
[f5df137]	139	cdrom:x:15:
	140	uucp:x:32:</literal>
[65018363]	141	EOF</userinput></screen>
	142
[934e597]	143	<variablelist os="d">
[8300133]	144
	145	<title>Additional groups you may want to add</title>
	146
	147	<varlistentry>
	148	<term><literal>adm:x:16:root,adm,daemon</literal></term>
	149	<listitem>
[292da92]	150	<para>All users in this group are allowed to do administrative tasks</para>
[8300133]	151	</listitem>
	152	</varlistentry>
	153	<varlistentry>
	154	<term><literal>console:x:17:</literal></term>
	155	<listitem>
[292da92]	156	<para>This group has direct access to the console</para>
[8300133]	157	</listitem>
	158	</varlistentry>
	159	<varlistentry>
	160	<term><literal>cdrw:x:18:</literal></term>
	161	<listitem>
[292da92]	162	<para>This group is allowed to use the CDRW drive</para>
[8300133]	163	</listitem>
	164	</varlistentry>
	165	<varlistentry>
	166	<term><literal>mail:x:30:mail</literal></term>
	167	<listitem>
	168	<para>Used by MTAs (Mail Transport Agents)</para>
	169	</listitem>
	170	</varlistentry>
	171	<varlistentry>
	172	<term><literal>news:x:31:news</literal></term>
	173	<listitem>
[292da92]	174	<para>Used by Network News Servers</para>
[8300133]	175	</listitem>
	176	</varlistentry>
	177	<varlistentry>
[b2011e5]	178	<term><literal>users:x:1000:</literal></term>
[8300133]	179	<listitem>
[b2011e5]	180	<para>The default GID used by shadow for new users</para>
[8300133]	181	</listitem>
	182	</varlistentry>
	183	<varlistentry>
	184	<term><literal>nogroup:x:65533:</literal></term>
	185	<listitem>
[292da92]	186	<para>This is a default group used by some programs that do not
	187	require a group</para>
[8300133]	188	</listitem>
	189	</varlistentry>
	190	<varlistentry>
	191	<term><literal>nobody:x:65534:</literal></term>
	192	<listitem>
[9b020e6]	193	<para>This is used by NFS</para>
[8300133]	194	</listitem>
	195	</varlistentry>
[a90a072]	196	</variablelist>
[3f8be484]	197
[934e597]	198	<para os="e">The created groups are not part of any standard—they are
[3f8be484]	199	groups decided on in part by the requirements of the Udev configuration
	200	in the final system, and in part by common convention employed by a
	201	number of existing Linux distributions. The Linux Standard Base (LSB,
	202	available at <ulink url="http://www.linuxbase.org"/>) recommends only
	203	that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
	204	a group <quote>bin</quote> with a GID of 1 be present. All other group
	205	names and GIDs can be chosen freely by the system administrator since
	206	well-written programs do not depend on GID numbers, but rather use the
	207	group's name.</para>
	208
[934e597]	209	<para os="f">The <command>login</command>, <command>agetty</command>, and
[3f8be484]	210	<command>init</command> programs (and others) use a number of log
	211	files to record information such as who was logged into the system and
	212	when. However, these programs will not write to the log files if they
	213	do not already exist. Initialize the log files and give them
	214	proper permissions:</para>
	215
[3f76cac]	216	<screen><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
	217	chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog
	218	chmod -v 600 ${CLFS}/var/log/btmp</userinput></screen>
[3f8be484]	219
[91ad4a4]	220	<para>The <filename>/var/run/utmp</filename> file records the users
	221	that are currently logged in. The <filename>/var/log/wtmp</filename>
[3f8be484]	222	file records all logins and logouts. The
[91ad4a4]	223	<filename>/var/log/lastlog</filename> file records when
	224	each user last logged in. The <filename>/var/log/btmp</filename> file
[3f8be484]	225	records the bad login attempts.</para>
	226
	227	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: