source: BOOK/boot/common/pwdgroup.xml @ 8a62e94

clfs-3.0.0-systemdclfs-3.0.0-sysvinitsystemdsysvinit
Last change on this file since 8a62e94 was 8a62e94, checked in by Chris Staub <chris@…>, 10 years ago

Text updates to remove references to log files that are no longer created

  • Property mode set to 100644
File size: 6.6 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4  <!ENTITY % general-entities SYSTEM "../../general.ent">
5  %general-entities;
6]>
7
8<sect1 id="ch-boot-pwdgroup">
9  <?dbhtml filename="pwdgroup.html"?>
10
11  <title>Creating the passwd and group Files</title>
12
13  <indexterm zone="ch-boot-pwdgroup">
14    <primary sortas="e-/etc/passwd">/etc/passwd</primary>
15  </indexterm>
16
17  <indexterm zone="ch-boot-pwdgroup">
18    <primary sortas="e-/etc/group">/etc/group</primary>
19  </indexterm>
20
21  <para os="a">In order for user <systemitem class="username">root</systemitem> to
22  be able to login and for the name <quote>root</quote> to be recognized,
23  there must be relevant entries in the <filename>/etc/passwd</filename>
24  and <filename>/etc/group</filename> files.</para>
25
26  <para>Create the <filename>${CLFS}/etc/passwd</filename> file by running
27  the following command:</para>
28
29<screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
30<literal>root:x:&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
31<literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal>
32EOF</userinput></screen>
33
34  <para os="b">The actual password for <systemitem class="username">root</systemitem>
35  (the <quote>::</quote> used here is just a placeholder and allows you to login
36  with no password) will be set later.</para>
37
38  <variablelist os="c">
39 
40    <title>Additional users you may want to add:</title>
41
42    <varlistentry>
43      <term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
44      <listitem>
45        <para>Can be useful for compatibility with legacy applications.</para>
46      </listitem>
47    </varlistentry>
48    <varlistentry>
49      <term><literal>daemon:x:&uid-daemon;:&gid-daemon;:daemon:/sbin:/bin/false</literal></term>
50      <listitem>
51        <para>It is often recommended to use an unprivileged User ID/Group ID
52        for daemons to run as, in order to limit their access to the system.</para>
53      </listitem>
54    </varlistentry>
55    <varlistentry>
56      <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
57      <listitem>
58        <para>Was used for programs that performed administrative tasks.</para>
59      </listitem>
60    </varlistentry>
61    <varlistentry>
62      <term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
63      <listitem>
64        <para>Used by programs for printing</para>
65      </listitem>
66    </varlistentry>
67    <varlistentry>
68      <term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
69      <listitem>
70        <para>Often used by email programs</para>
71      </listitem>
72    </varlistentry>
73    <varlistentry>
74      <term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
75      <listitem>
76        <para>Often used for network news servers</para>
77      </listitem>
78    </varlistentry>
79    <varlistentry>
80      <term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
81      <listitem>
82        <para>Often used to allow system operators to access the system</para>
83      </listitem>
84    </varlistentry>
85    <varlistentry>
86      <term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
87      <listitem>
88        <para>Generally used as an account that receives all the information of troubles with the mail server</para>
89      </listitem>
90    </varlistentry>
91    <varlistentry>
92      <term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
93      <listitem>
94        <para>Used by NFS</para>
95      </listitem>
96    </varlistentry>
97  </variablelist>
98
99  <para>Create the <filename>${CLFS}/etc/group</filename> file by running
100  the following command:</para>
101
102<screen><userinput>cat &gt; ${CLFS}/etc/group &lt;&lt; "EOF"
103<literal>root:x:0:
104bin:x:&gid-bin;:
105sys:x:&gid-sys;:
106kmem:x:&gid-kmem;:
107tty:x:&gid-tty;:
108tape:x:&gid-tape;:
109daemon:x:&gid-daemon;:
110floppy:x:&gid-floppy;:
111disk:x:&gid-disk;:
112lp:x:&gid-lp;:
113dialout:x:&gid-dialout;:
114audio:x:&gid-audio;:
115video:x:&gid-video;:
116utmp:x:&gid-utmp;:
117usb:x:&gid-usb;:
118cdrom:x:&gid-cdrom;:
119messagebus:x:&gid-messagebus;:</literal>
120EOF</userinput></screen>
121
122  <variablelist os="d">
123
124    <title>Additional groups you may want to add</title>
125
126    <varlistentry>
127      <term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
128      <listitem>
129        <para>All users in this group are allowed to do administrative tasks</para>
130      </listitem>
131    </varlistentry>
132    <varlistentry>
133      <term><literal>console:x:&gid-console;:</literal></term>
134      <listitem>
135        <para>This group has direct access to the console</para>
136      </listitem>
137    </varlistentry>
138    <varlistentry>
139      <term><literal>cdrw:x:&gid-cdrw;:</literal></term>
140      <listitem>
141        <para>This group is allowed to use the CDRW drive</para>
142      </listitem>
143    </varlistentry>
144    <varlistentry>
145      <term><literal>mail:x:&gid-mail;:mail</literal></term>
146      <listitem>
147        <para>Used by MTAs (Mail Transport Agents)</para>
148      </listitem>
149    </varlistentry>
150    <varlistentry>
151      <term><literal>news:x:&gid-news;:news</literal></term>
152      <listitem>
153        <para>Used by Network News Servers</para>
154      </listitem>
155    </varlistentry>
156    <varlistentry>
157      <term><literal>users:x:&gid-users;:</literal></term>
158      <listitem>
159        <para>The default GID used by shadow for new users</para>
160      </listitem>
161    </varlistentry>
162    <varlistentry>
163      <term><literal>nogroup:x:&gid-nogroup;:</literal></term>
164      <listitem>
165        <para>This is a default group used by some programs that do not
166        require a group</para>
167      </listitem>
168    </varlistentry>
169    <varlistentry>
170      <term><literal>nobody:x:&gid-nobody;:</literal></term>
171      <listitem>
172        <para>This is used by NFS</para>
173      </listitem>
174    </varlistentry>
175  </variablelist>
176
177  <para os="e">The created groups are not part of any standard&mdash;they are
178  groups decided on in part by the requirements of the Eudev configuration
179  in the final system, and in part by common convention employed by a
180  number of existing Linux distributions. The Linux Standard Base (LSB,
181  available at <ulink url="http://www.linuxbase.org"/>) recommends only
182  that, besides the group <quote>root</quote> with a Group ID (GID) of 0,
183  a group <quote>bin</quote> with a GID of 1 be present. All other group
184  names and GIDs can be chosen freely by the system administrator since
185  well-written programs do not depend on GID numbers, but rather use the
186  group's name.</para>
187
188</sect1>
Note: See TracBrowser for help on using the repository browser.