source: BOOK/boot/common/pwdgroup.xml@ c5c09e6

sysvinit
Last change on this file since c5c09e6 was f5a4dd3, checked in by Chris Staub <chris@…>, 9 years ago

Create /var/log/faillog

  • Property mode set to 100644
File size: 7.2 KB
RevLine 
[3f8be484]1<?xml version="1.0" encoding="ISO-8859-1"?>
[aa18ac0]2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[3f8be484]4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-boot-pwdgroup">
9 <?dbhtml filename="pwdgroup.html"?>
10
[2b15ca5]11 <title>Creating the passwd, group, and log Files</title>
[3f8be484]12
13 <indexterm zone="ch-boot-pwdgroup">
[91ad4a4]14 <primary sortas="e-/etc/passwd">/etc/passwd</primary>
[2ba92901]15 <secondary>boot</secondary>
[3f8be484]16 </indexterm>
17
18 <indexterm zone="ch-boot-pwdgroup">
[91ad4a4]19 <primary sortas="e-/etc/group">/etc/group</primary>
[2ba92901]20 <secondary>boot</secondary>
[3f8be484]21 </indexterm>
22
[2b15ca5]23 <indexterm zone="ch-boot-pwdgroup">
24 <primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
25 <secondary>boot</secondary>
26 </indexterm>
27
28 <indexterm zone="ch-boot-pwdgroup">
29 <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
30 <secondary>boot</secondary>
31 </indexterm>
32
33 <indexterm zone="ch-boot-pwdgroup">
34 <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35 <secondary>boot</secondary>
36 </indexterm>
37
[934e597]38 <para os="a">In order for user <systemitem class="username">root</systemitem> to
[3f8be484]39 be able to login and for the name <quote>root</quote> to be recognized,
[91ad4a4]40 there must be relevant entries in the <filename>/etc/passwd</filename>
41 and <filename>/etc/group</filename> files.</para>
[3f8be484]42
[3f76cac]43 <para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
[3f8be484]44 the following command:</para>
45
[3f76cac]46<screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
[a49b75d]47<literal>root::&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
[c3b54fac]48<literal>bin:x:&uid-bin;:&gid-bin;:/bin:/bin/false</literal>
49<literal>daemon:x:&uid-daemon;:&gid-daemon;:/sbin:/bin/false</literal>
[43748ab]50<literal>nobody:x:&uid-nobody;:&gid-nogroup;:Unprivileged User:/dev/null:/bin/false</literal>
[65018363]51EOF</userinput></screen>
52
[934e597]53 <para os="b">The actual password for <systemitem class="username">root</systemitem>
[d1ff581]54 (the <quote>::</quote> used here is just a placeholder and allows you to login
[b2011e5]55 with no password) will be set later.</para>
[3f8be484]56
[934e597]57 <variablelist os="c">
[24b004c]58
[a709a94]59 <title>Additional users you may want to add if not already included:</title>
[04fe8e5]60
61 <varlistentry>
[8f1ae86]62 <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
[04fe8e5]63 <listitem>
[292da92]64 <para>Was used for programs that performed administrative tasks.</para>
[04fe8e5]65 </listitem>
66 </varlistentry>
67 <varlistentry>
[8f1ae86]68 <term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
[04fe8e5]69 <listitem>
[b2011e5]70 <para>Used by programs for printing</para>
[04fe8e5]71 </listitem>
72 </varlistentry>
73 <varlistentry>
[8f1ae86]74 <term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
[04fe8e5]75 <listitem>
[b2011e5]76 <para>Often used by email programs</para>
[04fe8e5]77 </listitem>
78 </varlistentry>
[82fc053]79 <varlistentry>
80 <term><literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal></term>
81 <listitem>
82 <para>User for D-Bus</para>
83 </listitem>
84 </varlistentry>
[04fe8e5]85 <varlistentry>
[8f1ae86]86 <term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
[04fe8e5]87 <listitem>
[292da92]88 <para>Often used for network news servers</para>
[04fe8e5]89 </listitem>
90 </varlistentry>
91 <varlistentry>
[8f1ae86]92 <term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
[04fe8e5]93 <listitem>
[292da92]94 <para>Often used to allow system operators to access the system</para>
[04fe8e5]95 </listitem>
96 </varlistentry>
97 <varlistentry>
[8f1ae86]98 <term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
[04fe8e5]99 <listitem>
[9b020e6]100 <para>Generally used as an account that receives all the information of troubles with the mail server</para>
[04fe8e5]101 </listitem>
102 </varlistentry>
103 </variablelist>
104
[ca77da8]105 <para>Create the <filename>${CLFS}/etc/group</filename> file by running
[3f8be484]106 the following command:</para>
107
[3f76cac]108<screen><userinput>cat &gt; ${CLFS}/etc/group &lt;&lt; "EOF"
[65018363]109<literal>root:x:0:
[8f1ae86]110bin:x:&gid-bin;:
111sys:x:&gid-sys;:
112kmem:x:&gid-kmem;:
113tty:x:&gid-tty;:
114tape:x:&gid-tape;:
115daemon:x:&gid-daemon;:
116floppy:x:&gid-floppy;:
117disk:x:&gid-disk;:
118lp:x:&gid-lp;:
119dialout:x:&gid-dialout;:
120audio:x:&gid-audio;:
121video:x:&gid-video;:
122utmp:x:&gid-utmp;:
123usb:x:&gid-usb;:
[27f57ec]124cdrom:x:&gid-cdrom;:
[43748ab]125adm:x:&gid-adm;:
126mail:x:&gid-mail;:
127wheel:x:&gid-wheel;:
128nogroup:x:&gid-nogroup;:</literal>
[65018363]129EOF</userinput></screen>
130
[934e597]131 <variablelist os="d">
[8300133]132
[a709a94]133 <title>Additional groups you may want to add if not already included:</title>
[8300133]134
135 <varlistentry>
[8f1ae86]136 <term><literal>console:x:&gid-console;:</literal></term>
[8300133]137 <listitem>
[292da92]138 <para>This group has direct access to the console</para>
[8300133]139 </listitem>
140 </varlistentry>
141 <varlistentry>
[8f1ae86]142 <term><literal>cdrw:x:&gid-cdrw;:</literal></term>
[8300133]143 <listitem>
[292da92]144 <para>This group is allowed to use the CDRW drive</para>
[8300133]145 </listitem>
146 </varlistentry>
[82fc053]147 <varlistentry>
148 <term><literal>messagebus:x:&gid-messagebus;:</literal></term>
149 <listitem>
150 <para>User for D-Bus</para>
151 </listitem>
152 </varlistentry>
[8300133]153 <varlistentry>
[8f1ae86]154 <term><literal>news:x:&gid-news;:news</literal></term>
[8300133]155 <listitem>
[292da92]156 <para>Used by Network News Servers</para>
[8300133]157 </listitem>
158 </varlistentry>
159 <varlistentry>
[8f1ae86]160 <term><literal>users:x:&gid-users;:</literal></term>
[8300133]161 <listitem>
[b2011e5]162 <para>The default GID used by shadow for new users</para>
[8300133]163 </listitem>
164 </varlistentry>
165 <varlistentry>
[ef54ce8]166 <term><literal>nobody:x:&gid-nogroup;:</literal></term>
[8300133]167 <listitem>
[9b020e6]168 <para>This is used by NFS</para>
[8300133]169 </listitem>
170 </varlistentry>
[a90a072]171 </variablelist>
[3f8be484]172
[934e597]173 <para os="e">The created groups are not part of any standard&mdash;they are
[eb39137]174 groups decided on in part by the requirements of the Systemd configuration
[3f8be484]175 in the final system, and in part by common convention employed by a
176 number of existing Linux distributions. The Linux Standard Base (LSB,
[a4615d8]177 available at
178 <ulink url="http://www.linuxfoundation.org/collaborate/workgroups/lsb"/>)
179 recommends only that, besides the group <quote>root</quote> with a Group ID
180 (GID) of 0, a group <quote>bin</quote> with a GID of 1 be present. All other
181 group names and GIDs can be chosen freely by the system administrator since
[3f8be484]182 well-written programs do not depend on GID numbers, but rather use the
183 group's name.</para>
184
[2b15ca5]185 <para os="f">The <command>login</command>, <command>agetty</command>, and
186 <command>init</command> programs (and others) use a number of log
187 files to record information such as who was logged into the system and
188 when. However, these programs will not write to the log files if they
189 do not already exist. Initialize the log files and give them
190 proper permissions:</para>
191
[f5a4dd3]192<screen os="g"><userinput>touch ${CLFS}/var/log/{btmp,faillog,lastlog,wtmp}
193chgrp -v &gid-utmp; ${CLFS}/var/log/{faillog,lastlog}
194chmod -v 664 ${CLFS}/var/log/{faillog,lastlog}
[2b15ca5]195chmod -v 600 ${CLFS}/var/log/btmp</userinput></screen>
196
[1e08a9b]197 <para os="h">The <filename>/var/log/wtmp</filename>
[2b15ca5]198 file records all logins and logouts. The
199 <filename>/var/log/lastlog</filename> file records when
200 each user last logged in. The <filename>/var/log/btmp</filename> file
201 records the bad login attempts.</para>
202
[3f8be484]203</sect1>
Note: See TracBrowser for help on using the repository browser.