source: BOOK/boot/common/pwdgroup.xml@ 0832e23

clfs-3.0.0-systemd clfs-3.0.0-sysvinit systemd sysvinit
Last change on this file since 0832e23 was 2be952c, checked in by Chris Staub <chris@…>, 11 years ago

Commands to create log files are no longer needed

  • Property mode set to 100644
File size: 7.1 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-boot-pwdgroup">
9 <?dbhtml filename="pwdgroup.html"?>
10
11 <title>Creating the passwd, group, and log Files</title>
12
13 <indexterm zone="ch-boot-pwdgroup">
14 <primary sortas="e-/etc/passwd">/etc/passwd</primary>
15 </indexterm>
16
17 <indexterm zone="ch-boot-pwdgroup">
18 <primary sortas="e-/etc/group">/etc/group</primary>
19 </indexterm>
20
21 <indexterm zone="ch-boot-pwdgroup">
22 <primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
23 </indexterm>
24
25 <indexterm zone="ch-boot-pwdgroup">
26 <primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
27 </indexterm>
28
29 <indexterm zone="ch-boot-pwdgroup">
30 <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
31 </indexterm>
32
33 <indexterm zone="ch-boot-pwdgroup">
34 <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35 </indexterm>
36
37 <para os="a">In order for user <systemitem class="username">root</systemitem> to
38 be able to login and for the name <quote>root</quote> to be recognized,
39 there must be relevant entries in the <filename>/etc/passwd</filename>
40 and <filename>/etc/group</filename> files.</para>
41
42 <para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
43 the following command:</para>
44
45<screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
46<literal>root:x:&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
47<literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal>
48EOF</userinput></screen>
49
50 <para os="b">The actual password for <systemitem class="username">root</systemitem>
51 (the <quote>::</quote> used here is just a placeholder and allows you to login
52 with no password) will be set later.</para>
53
54 <variablelist os="c">
55
56 <title>Additional users you may want to add:</title>
57
58 <varlistentry>
59 <term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
60 <listitem>
61 <para>Can be useful for compatibility with legacy applications.</para>
62 </listitem>
63 </varlistentry>
64 <varlistentry>
65 <term><literal>daemon:x:&uid-daemon;:&gid-daemon;:daemon:/sbin:/bin/false</literal></term>
66 <listitem>
67 <para>It is often recommended to use an unprivileged User ID/Group ID
68 for daemons to run as, in order to limit their access to the system.</para>
69 </listitem>
70 </varlistentry>
71 <varlistentry>
72 <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
73 <listitem>
74 <para>Was used for programs that performed administrative tasks.</para>
75 </listitem>
76 </varlistentry>
77 <varlistentry>
78 <term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
79 <listitem>
80 <para>Used by programs for printing</para>
81 </listitem>
82 </varlistentry>
83 <varlistentry>
84 <term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
85 <listitem>
86 <para>Often used by email programs</para>
87 </listitem>
88 </varlistentry>
89 <varlistentry>
90 <term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
91 <listitem>
92 <para>Often used for network news servers</para>
93 </listitem>
94 </varlistentry>
95 <varlistentry>
96 <term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
97 <listitem>
98 <para>Often used to allow system operators to access the system</para>
99 </listitem>
100 </varlistentry>
101 <varlistentry>
102 <term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
103 <listitem>
104 <para>Generally used as an account that receives all the information of troubles with the mail server</para>
105 </listitem>
106 </varlistentry>
107 <varlistentry>
108 <term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
109 <listitem>
110 <para>Used by NFS</para>
111 </listitem>
112 </varlistentry>
113 </variablelist>
114
115 <para>Create the <filename>${CLFS}/etc/group</filename> file by running
116 the following command:</para>
117
118<screen><userinput>cat &gt; ${CLFS}/etc/group &lt;&lt; "EOF"
119<literal>root:x:0:
120bin:x:&gid-bin;:
121sys:x:&gid-sys;:
122kmem:x:&gid-kmem;:
123tty:x:&gid-tty;:
124tape:x:&gid-tape;:
125daemon:x:&gid-daemon;:
126floppy:x:&gid-floppy;:
127disk:x:&gid-disk;:
128lp:x:&gid-lp;:
129dialout:x:&gid-dialout;:
130audio:x:&gid-audio;:
131video:x:&gid-video;:
132utmp:x:&gid-utmp;:
133usb:x:&gid-usb;:
134cdrom:x:&gid-cdrom;:
135messagebus:x:&gid-messagebus;:</literal>
136EOF</userinput></screen>
137
138 <variablelist os="d">
139
140 <title>Additional groups you may want to add</title>
141
142 <varlistentry>
143 <term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
144 <listitem>
145 <para>All users in this group are allowed to do administrative tasks</para>
146 </listitem>
147 </varlistentry>
148 <varlistentry>
149 <term><literal>console:x:&gid-console;:</literal></term>
150 <listitem>
151 <para>This group has direct access to the console</para>
152 </listitem>
153 </varlistentry>
154 <varlistentry>
155 <term><literal>cdrw:x:&gid-cdrw;:</literal></term>
156 <listitem>
157 <para>This group is allowed to use the CDRW drive</para>
158 </listitem>
159 </varlistentry>
160 <varlistentry>
161 <term><literal>mail:x:&gid-mail;:mail</literal></term>
162 <listitem>
163 <para>Used by MTAs (Mail Transport Agents)</para>
164 </listitem>
165 </varlistentry>
166 <varlistentry>
167 <term><literal>news:x:&gid-news;:news</literal></term>
168 <listitem>
169 <para>Used by Network News Servers</para>
170 </listitem>
171 </varlistentry>
172 <varlistentry>
173 <term><literal>users:x:&gid-users;:</literal></term>
174 <listitem>
175 <para>The default GID used by shadow for new users</para>
176 </listitem>
177 </varlistentry>
178 <varlistentry>
179 <term><literal>nogroup:x:&gid-nogroup;:</literal></term>
180 <listitem>
181 <para>This is a default group used by some programs that do not
182 require a group</para>
183 </listitem>
184 </varlistentry>
185 <varlistentry>
186 <term><literal>nobody:x:&gid-nobody;:</literal></term>
187 <listitem>
188 <para>This is used by NFS</para>
189 </listitem>
190 </varlistentry>
191 </variablelist>
192
193 <para os="e">The created groups are not part of any standard&mdash;they are
194 groups decided on in part by the requirements of the Eudev configuration
195 in the final system, and in part by common convention employed by a
196 number of existing Linux distributions. The Linux Standard Base (LSB,
197 available at <ulink url="http://www.linuxbase.org"/>) recommends only
198 that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
199 a group <quote>bin</quote> with a GID of 1 be present. All other group
200 names and GIDs can be chosen freely by the system administrator since
201 well-written programs do not depend on GID numbers, but rather use the
202 group's name.</para>
203
204</sect1>
Note: See TracBrowser for help on using the repository browser.