Context Navigation

source: BOOK/boot/common/pwdgroup.xml @ 2b15ca5

clfs-3.0.0-sysvinitsysvinit

Last change on this file since 2b15ca5 was 2b15ca5, checked in by Chris Staub <chris@…>, 10 years ago
Added log file creation
Property mode set to `100644`
File size: 7.5 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6	]>
7
8	<sect1 id="ch-boot-pwdgroup">
9	<?dbhtml filename="pwdgroup.html"?>
10
11	<title>Creating the passwd, group, and log Files</title>
12
13	<indexterm zone="ch-boot-pwdgroup">
14	<primary sortas="e-/etc/passwd">/etc/passwd</primary>
15	<secondary>boot</secondary>
16	</indexterm>
17
18	<indexterm zone="ch-boot-pwdgroup">
19	<primary sortas="e-/etc/group">/etc/group</primary>
20	<secondary>boot</secondary>
21	</indexterm>
22
23	<indexterm zone="ch-boot-pwdgroup">
24	<primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
25	<secondary>boot</secondary>
26	</indexterm>
27
28	<indexterm zone="ch-boot-pwdgroup">
29	<primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
30	<secondary>boot</secondary>
31	</indexterm>
32
33	<indexterm zone="ch-boot-pwdgroup">
34	<primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
35	<secondary>boot</secondary>
36	</indexterm>
37
38	<indexterm zone="ch-boot-pwdgroup">
39	<primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
40	<secondary>boot</secondary>
41	</indexterm>
42
43	<para os="a">In order for user <systemitem class="username">root</systemitem> to
44	be able to login and for the name <quote>root</quote> to be recognized,
45	there must be relevant entries in the <filename>/etc/passwd</filename>
46	and <filename>/etc/group</filename> files.</para>
47
48	<para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
49	the following command:</para>
50
51	<screen><userinput>cat > ${CLFS}/etc/passwd << "EOF"
52	<literal>root::&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
53	<literal>bin:x:&uid-bin;:&gid-bin;:/bin:/bin/false</literal>
54	<literal>daemon:x:&uid-daemon;:&gid-daemon;:/sbin:/bin/false</literal>
55	<literal>nobody:x:&uid-nobody;:&gid-nogroup;:Unprivileged User:/dev/null:/bin/false</literal>
56	EOF</userinput></screen>
57
58	<para os="b">The actual password for <systemitem class="username">root</systemitem>
59	(the <quote>::</quote> used here is just a placeholder and allows you to login
60	with no password) will be set later.</para>
61
62	<variablelist os="c">
63
64	<title>Additional users you may want to add if not already included:</title>
65
66	<varlistentry>
67	<term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
68	<listitem>
69	<para>Was used for programs that performed administrative tasks.</para>
70	</listitem>
71	</varlistentry>
72	<varlistentry>
73	<term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
74	<listitem>
75	<para>Used by programs for printing</para>
76	</listitem>
77	</varlistentry>
78	<varlistentry>
79	<term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
80	<listitem>
81	<para>Often used by email programs</para>
82	</listitem>
83	</varlistentry>
84	<varlistentry>
85	<term><literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal></term>
86	<listitem>
87	<para>User for D-Bus</para>
88	</listitem>
89	</varlistentry>
90	<varlistentry>
91	<term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
92	<listitem>
93	<para>Often used for network news servers</para>
94	</listitem>
95	</varlistentry>
96	<varlistentry>
97	<term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
98	<listitem>
99	<para>Often used to allow system operators to access the system</para>
100	</listitem>
101	</varlistentry>
102	<varlistentry>
103	<term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
104	<listitem>
105	<para>Generally used as an account that receives all the information of troubles with the mail server</para>
106	</listitem>
107	</varlistentry>
108	</variablelist>
109
110	<para>Create the <filename>${CLFS}/etc/group</filename> file by running
111	the following command:</para>
112
113	<screen><userinput>cat > ${CLFS}/etc/group << "EOF"
114	<literal>root:x:0:
115	bin:x:&gid-bin;:
116	sys:x:&gid-sys;:
117	kmem:x:&gid-kmem;:
118	tty:x:&gid-tty;:
119	tape:x:&gid-tape;:
120	daemon:x:&gid-daemon;:
121	floppy:x:&gid-floppy;:
122	disk:x:&gid-disk;:
123	lp:x:&gid-lp;:
124	dialout:x:&gid-dialout;:
125	audio:x:&gid-audio;:
126	video:x:&gid-video;:
127	utmp:x:&gid-utmp;:
128	usb:x:&gid-usb;:
129	cdrom:x:&gid-cdrom;:
130	adm:x:&gid-adm;:
131	mail:x:&gid-mail;:
132	wheel:x:&gid-wheel;:
133	nogroup:x:&gid-nogroup;:</literal>
134	EOF</userinput></screen>
135
136	<variablelist os="d">
137
138	<title>Additional groups you may want to add if not already included:</title>
139
140	<varlistentry>
141	<term><literal>console:x:&gid-console;:</literal></term>
142	<listitem>
143	<para>This group has direct access to the console</para>
144	</listitem>
145	</varlistentry>
146	<varlistentry>
147	<term><literal>cdrw:x:&gid-cdrw;:</literal></term>
148	<listitem>
149	<para>This group is allowed to use the CDRW drive</para>
150	</listitem>
151	</varlistentry>
152	<varlistentry>
153	<term><literal>messagebus:x:&gid-messagebus;:</literal></term>
154	<listitem>
155	<para>User for D-Bus</para>
156	</listitem>
157	</varlistentry>
158	<varlistentry>
159	<term><literal>news:x:&gid-news;:news</literal></term>
160	<listitem>
161	<para>Used by Network News Servers</para>
162	</listitem>
163	</varlistentry>
164	<varlistentry>
165	<term><literal>users:x:&gid-users;:</literal></term>
166	<listitem>
167	<para>The default GID used by shadow for new users</para>
168	</listitem>
169	</varlistentry>
170	<varlistentry>
171	<term><literal>nobody:x:&gid-nogroup;:</literal></term>
172	<listitem>
173	<para>This is used by NFS</para>
174	</listitem>
175	</varlistentry>
176	</variablelist>
177
178	<para os="e">The created groups are not part of any standard—they are
179	groups decided on in part by the requirements of the Systemd configuration
180	in the final system, and in part by common convention employed by a
181	number of existing Linux distributions. The Linux Standard Base (LSB,
182	available at <ulink url="http://www.linuxbase.org"/>) recommends only
183	that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
184	a group <quote>bin</quote> with a GID of 1 be present. All other group
185	names and GIDs can be chosen freely by the system administrator since
186	well-written programs do not depend on GID numbers, but rather use the
187	group's name.</para>
188
189	<para os="f">The <command>login</command>, <command>agetty</command>, and
190	<command>init</command> programs (and others) use a number of log
191	files to record information such as who was logged into the system and
192	when. However, these programs will not write to the log files if they
193	do not already exist. Initialize the log files and give them
194	proper permissions:</para>
195
196	<screen os="g"><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
197	chgrp -v &gid-utmp; ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog
198	chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog
199	chmod -v 600 ${CLFS}/var/log/btmp</userinput></screen>
200
201	<para os="h">The <filename>/var/run/utmp</filename> file records the users
202	that are currently logged in. The <filename>/var/log/wtmp</filename>
203	file records all logins and logouts. The
204	<filename>/var/log/lastlog</filename> file records when
205	each user last logged in. The <filename>/var/log/btmp</filename> file
206	records the bad login attempts.</para>
207
208	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: