Context Navigation

source: BOOK/boot/common/pwdgroup.xml @ 2be952c

clfs-3.0.0-systemdclfs-3.0.0-sysvinitsystemdsysvinit

Last change on this file since 2be952c was 2be952c, checked in by Chris Staub <chris@…>, 10 years ago
Commands to create log files are no longer needed
Property mode set to `100644`
File size: 7.1 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6	]>
7
8	<sect1 id="ch-boot-pwdgroup">
9	<?dbhtml filename="pwdgroup.html"?>
10
11	<title>Creating the passwd, group, and log Files</title>
12
13	<indexterm zone="ch-boot-pwdgroup">
14	<primary sortas="e-/etc/passwd">/etc/passwd</primary>
15	</indexterm>
16
17	<indexterm zone="ch-boot-pwdgroup">
18	<primary sortas="e-/etc/group">/etc/group</primary>
19	</indexterm>
20
21	<indexterm zone="ch-boot-pwdgroup">
22	<primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
23	</indexterm>
24
25	<indexterm zone="ch-boot-pwdgroup">
26	<primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
27	</indexterm>
28
29	<indexterm zone="ch-boot-pwdgroup">
30	<primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
31	</indexterm>
32
33	<indexterm zone="ch-boot-pwdgroup">
34	<primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35	</indexterm>
36
37	<para os="a">In order for user <systemitem class="username">root</systemitem> to
38	be able to login and for the name <quote>root</quote> to be recognized,
39	there must be relevant entries in the <filename>/etc/passwd</filename>
40	and <filename>/etc/group</filename> files.</para>
41
42	<para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
43	the following command:</para>
44
45	<screen><userinput>cat > ${CLFS}/etc/passwd << "EOF"
46	<literal>root:x:&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
47	<literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal>
48	EOF</userinput></screen>
49
50	<para os="b">The actual password for <systemitem class="username">root</systemitem>
51	(the <quote>::</quote> used here is just a placeholder and allows you to login
52	with no password) will be set later.</para>
53
54	<variablelist os="c">
55
56	<title>Additional users you may want to add:</title>
57
58	<varlistentry>
59	<term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
60	<listitem>
61	<para>Can be useful for compatibility with legacy applications.</para>
62	</listitem>
63	</varlistentry>
64	<varlistentry>
65	<term><literal>daemon:x:&uid-daemon;:&gid-daemon;:daemon:/sbin:/bin/false</literal></term>
66	<listitem>
67	<para>It is often recommended to use an unprivileged User ID/Group ID
68	for daemons to run as, in order to limit their access to the system.</para>
69	</listitem>
70	</varlistentry>
71	<varlistentry>
72	<term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
73	<listitem>
74	<para>Was used for programs that performed administrative tasks.</para>
75	</listitem>
76	</varlistentry>
77	<varlistentry>
78	<term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
79	<listitem>
80	<para>Used by programs for printing</para>
81	</listitem>
82	</varlistentry>
83	<varlistentry>
84	<term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
85	<listitem>
86	<para>Often used by email programs</para>
87	</listitem>
88	</varlistentry>
89	<varlistentry>
90	<term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
91	<listitem>
92	<para>Often used for network news servers</para>
93	</listitem>
94	</varlistentry>
95	<varlistentry>
96	<term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
97	<listitem>
98	<para>Often used to allow system operators to access the system</para>
99	</listitem>
100	</varlistentry>
101	<varlistentry>
102	<term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
103	<listitem>
104	<para>Generally used as an account that receives all the information of troubles with the mail server</para>
105	</listitem>
106	</varlistentry>
107	<varlistentry>
108	<term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
109	<listitem>
110	<para>Used by NFS</para>
111	</listitem>
112	</varlistentry>
113	</variablelist>
114
115	<para>Create the <filename>${CLFS}/etc/group</filename> file by running
116	the following command:</para>
117
118	<screen><userinput>cat > ${CLFS}/etc/group << "EOF"
119	<literal>root:x:0:
120	bin:x:&gid-bin;:
121	sys:x:&gid-sys;:
122	kmem:x:&gid-kmem;:
123	tty:x:&gid-tty;:
124	tape:x:&gid-tape;:
125	daemon:x:&gid-daemon;:
126	floppy:x:&gid-floppy;:
127	disk:x:&gid-disk;:
128	lp:x:&gid-lp;:
129	dialout:x:&gid-dialout;:
130	audio:x:&gid-audio;:
131	video:x:&gid-video;:
132	utmp:x:&gid-utmp;:
133	usb:x:&gid-usb;:
134	cdrom:x:&gid-cdrom;:
135	messagebus:x:&gid-messagebus;:</literal>
136	EOF</userinput></screen>
137
138	<variablelist os="d">
139
140	<title>Additional groups you may want to add</title>
141
142	<varlistentry>
143	<term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
144	<listitem>
145	<para>All users in this group are allowed to do administrative tasks</para>
146	</listitem>
147	</varlistentry>
148	<varlistentry>
149	<term><literal>console:x:&gid-console;:</literal></term>
150	<listitem>
151	<para>This group has direct access to the console</para>
152	</listitem>
153	</varlistentry>
154	<varlistentry>
155	<term><literal>cdrw:x:&gid-cdrw;:</literal></term>
156	<listitem>
157	<para>This group is allowed to use the CDRW drive</para>
158	</listitem>
159	</varlistentry>
160	<varlistentry>
161	<term><literal>mail:x:&gid-mail;:mail</literal></term>
162	<listitem>
163	<para>Used by MTAs (Mail Transport Agents)</para>
164	</listitem>
165	</varlistentry>
166	<varlistentry>
167	<term><literal>news:x:&gid-news;:news</literal></term>
168	<listitem>
169	<para>Used by Network News Servers</para>
170	</listitem>
171	</varlistentry>
172	<varlistentry>
173	<term><literal>users:x:&gid-users;:</literal></term>
174	<listitem>
175	<para>The default GID used by shadow for new users</para>
176	</listitem>
177	</varlistentry>
178	<varlistentry>
179	<term><literal>nogroup:x:&gid-nogroup;:</literal></term>
180	<listitem>
181	<para>This is a default group used by some programs that do not
182	require a group</para>
183	</listitem>
184	</varlistentry>
185	<varlistentry>
186	<term><literal>nobody:x:&gid-nobody;:</literal></term>
187	<listitem>
188	<para>This is used by NFS</para>
189	</listitem>
190	</varlistentry>
191	</variablelist>
192
193	<para os="e">The created groups are not part of any standard—they are
194	groups decided on in part by the requirements of the Eudev configuration
195	in the final system, and in part by common convention employed by a
196	number of existing Linux distributions. The Linux Standard Base (LSB,
197	available at <ulink url="http://www.linuxbase.org"/>) recommends only
198	that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
199	a group <quote>bin</quote> with a GID of 1 be present. All other group
200	names and GIDs can be chosen freely by the system administrator since
201	well-written programs do not depend on GID numbers, but rather use the
202	group's name.</para>
203
204	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: