source: BOOK/boot/common/pwdgroup.xml @ 2be952c

clfs-3.0.0-systemdclfs-3.0.0-sysvinitsystemdsysvinit
Last change on this file since 2be952c was 2be952c, checked in by Chris Staub <chris@…>, 9 years ago

Commands to create log files are no longer needed

  • Property mode set to 100644
File size: 7.1 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4  <!ENTITY % general-entities SYSTEM "../../general.ent">
5  %general-entities;
6]>
7
8<sect1 id="ch-boot-pwdgroup">
9  <?dbhtml filename="pwdgroup.html"?>
10
11  <title>Creating the passwd, group, and log Files</title>
12
13  <indexterm zone="ch-boot-pwdgroup">
14    <primary sortas="e-/etc/passwd">/etc/passwd</primary>
15  </indexterm>
16
17  <indexterm zone="ch-boot-pwdgroup">
18    <primary sortas="e-/etc/group">/etc/group</primary>
19  </indexterm>
20
21  <indexterm zone="ch-boot-pwdgroup">
22    <primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
23  </indexterm>
24
25  <indexterm zone="ch-boot-pwdgroup">
26    <primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
27  </indexterm>
28
29  <indexterm zone="ch-boot-pwdgroup">
30    <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
31  </indexterm>
32
33  <indexterm zone="ch-boot-pwdgroup">
34    <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35  </indexterm>
36
37  <para os="a">In order for user <systemitem class="username">root</systemitem> to
38  be able to login and for the name <quote>root</quote> to be recognized,
39  there must be relevant entries in the <filename>/etc/passwd</filename>
40  and <filename>/etc/group</filename> files.</para>
41
42  <para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
43  the following command:</para>
44
45<screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
46<literal>root:x:&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
47<literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal>
48EOF</userinput></screen>
49
50  <para os="b">The actual password for <systemitem class="username">root</systemitem>
51  (the <quote>::</quote> used here is just a placeholder and allows you to login
52  with no password) will be set later.</para>
53
54  <variablelist os="c">
55 
56    <title>Additional users you may want to add:</title>
57
58    <varlistentry>
59      <term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
60      <listitem>
61        <para>Can be useful for compatibility with legacy applications.</para>
62      </listitem>
63    </varlistentry>
64    <varlistentry>
65      <term><literal>daemon:x:&uid-daemon;:&gid-daemon;:daemon:/sbin:/bin/false</literal></term>
66      <listitem>
67        <para>It is often recommended to use an unprivileged User ID/Group ID
68        for daemons to run as, in order to limit their access to the system.</para>
69      </listitem>
70    </varlistentry>
71    <varlistentry>
72      <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
73      <listitem>
74        <para>Was used for programs that performed administrative tasks.</para>
75      </listitem>
76    </varlistentry>
77    <varlistentry>
78      <term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
79      <listitem>
80        <para>Used by programs for printing</para>
81      </listitem>
82    </varlistentry>
83    <varlistentry>
84      <term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
85      <listitem>
86        <para>Often used by email programs</para>
87      </listitem>
88    </varlistentry>
89    <varlistentry>
90      <term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
91      <listitem>
92        <para>Often used for network news servers</para>
93      </listitem>
94    </varlistentry>
95    <varlistentry>
96      <term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
97      <listitem>
98        <para>Often used to allow system operators to access the system</para>
99      </listitem>
100    </varlistentry>
101    <varlistentry>
102      <term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
103      <listitem>
104        <para>Generally used as an account that receives all the information of troubles with the mail server</para>
105      </listitem>
106    </varlistentry>
107    <varlistentry>
108      <term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
109      <listitem>
110        <para>Used by NFS</para>
111      </listitem>
112    </varlistentry>
113  </variablelist>
114
115  <para>Create the <filename>${CLFS}/etc/group</filename> file by running
116  the following command:</para>
117
118<screen><userinput>cat &gt; ${CLFS}/etc/group &lt;&lt; "EOF"
119<literal>root:x:0:
120bin:x:&gid-bin;:
121sys:x:&gid-sys;:
122kmem:x:&gid-kmem;:
123tty:x:&gid-tty;:
124tape:x:&gid-tape;:
125daemon:x:&gid-daemon;:
126floppy:x:&gid-floppy;:
127disk:x:&gid-disk;:
128lp:x:&gid-lp;:
129dialout:x:&gid-dialout;:
130audio:x:&gid-audio;:
131video:x:&gid-video;:
132utmp:x:&gid-utmp;:
133usb:x:&gid-usb;:
134cdrom:x:&gid-cdrom;:
135messagebus:x:&gid-messagebus;:</literal>
136EOF</userinput></screen>
137
138  <variablelist os="d">
139
140    <title>Additional groups you may want to add</title>
141
142    <varlistentry>
143      <term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
144      <listitem>
145        <para>All users in this group are allowed to do administrative tasks</para>
146      </listitem>
147    </varlistentry>
148    <varlistentry>
149      <term><literal>console:x:&gid-console;:</literal></term>
150      <listitem>
151        <para>This group has direct access to the console</para>
152      </listitem>
153    </varlistentry>
154    <varlistentry>
155      <term><literal>cdrw:x:&gid-cdrw;:</literal></term>
156      <listitem>
157        <para>This group is allowed to use the CDRW drive</para>
158      </listitem>
159    </varlistentry>
160    <varlistentry>
161      <term><literal>mail:x:&gid-mail;:mail</literal></term>
162      <listitem>
163        <para>Used by MTAs (Mail Transport Agents)</para>
164      </listitem>
165    </varlistentry>
166    <varlistentry>
167      <term><literal>news:x:&gid-news;:news</literal></term>
168      <listitem>
169        <para>Used by Network News Servers</para>
170      </listitem>
171    </varlistentry>
172    <varlistentry>
173      <term><literal>users:x:&gid-users;:</literal></term>
174      <listitem>
175        <para>The default GID used by shadow for new users</para>
176      </listitem>
177    </varlistentry>
178    <varlistentry>
179      <term><literal>nogroup:x:&gid-nogroup;:</literal></term>
180      <listitem>
181        <para>This is a default group used by some programs that do not
182        require a group</para>
183      </listitem>
184    </varlistentry>
185    <varlistentry>
186      <term><literal>nobody:x:&gid-nobody;:</literal></term>
187      <listitem>
188        <para>This is used by NFS</para>
189      </listitem>
190    </varlistentry>
191  </variablelist>
192
193  <para os="e">The created groups are not part of any standard&mdash;they are
194  groups decided on in part by the requirements of the Eudev configuration
195  in the final system, and in part by common convention employed by a
196  number of existing Linux distributions. The Linux Standard Base (LSB,
197  available at <ulink url="http://www.linuxbase.org"/>) recommends only
198  that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
199  a group <quote>bin</quote> with a GID of 1 be present. All other group
200  names and GIDs can be chosen freely by the system administrator since
201  well-written programs do not depend on GID numbers, but rather use the
202  group's name.</para>
203
204</sect1>
Note: See TracBrowser for help on using the repository browser.