Context Navigation

source: clfs-embedded/BOOK/final-preps/creatingfiles.xml@ 38e391a

Last change on this file since 38e391a was bd48e48, checked in by Manuel Canales Esparcia <manuel@…>, 18 years ago
Updated CLFS-Embedded book sources to use DocBook-XML DTD 4.5.
Property mode set to `100644`
File size: 8.3 KB

Rev	Line
[a9e389d]	1	<?xml version="1.0" encoding="ISO-8859-1"?>
[bd48e48]	2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[a9e389d]	4	<!ENTITY % general-entities SYSTEM "../general.ent">
	5	%general-entities;
	6	]>
	7
	8	<sect1 id="ch-final-preps-creatingfiles">
	9	<?dbhtml filename="creatingfiles.html"?>
	10
	11	<title>Creating the passwd, group, and log Files</title>
	12
	13	<indexterm zone="ch-final-preps-creatingfiles">
	14	<primary sortas="e-/etc/passwd">/etc/passwd</primary>
	15	</indexterm>
	16
	17	<indexterm zone="ch-final-preps-creatingfiles">
	18	<primary sortas="e-/etc/group">/etc/group</primary>
	19	</indexterm>
	20
	21	<indexterm zone="ch-final-preps-creatingfiles">
	22	<primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
	23	</indexterm>
	24
	25	<indexterm zone="ch-final-preps-creatingfiles">
	26	<primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
	27	</indexterm>
	28
	29	<indexterm zone="ch-final-preps-creatingfiles">
	30	<primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
	31	</indexterm>
	32
	33	<indexterm zone="ch-final-preps-creatingfiles">
	34	<primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
	35	</indexterm>
	36
[9b0a535]	37	<para>A proper Linux system maintains a list of the mounted file systems in
	38	the file <filename>/etc/mtab</filename>. With the way our embedded system is
	39	is designed, we will be using a symlink to <filename>/proc/mounts</filename>:</para>
	40
	41	<screen><userinput>ln -svf ../proc/mounts ${CLFS}/etc/mtab</userinput></screen>
	42
[a9e389d]	43	<para>In order for user <systemitem class="username">root</systemitem> to be
	44	able to login and for the name <quote>root</quote> to be recognized, there
	45	must be relevant entries in the <filename>/etc/passwd</filename> and
	46	<filename>/etc/group</filename> files.</para>
	47
	48	<para>Create the <filename>/etc/passwd</filename> file by running the following
	49	command:</para>
	50
	51	<screen><userinput>cat > ${CLFS}/etc/passwd << "EOF"
[1d67150]	52	<literal>root::0:0:root:/root:/bin/ash</literal>
[a9e389d]	53	EOF</userinput></screen>
	54
	55	<para>The actual password for <systemitem class="username">root</systemitem>
	56	(the <quote>::</quote> used here is just a placeholder and allow you to login
	57	with no password) will be set later.</para>
	58
	59	<variablelist os="b">
	60
	61	<title>Additional users you may want to add:</title>
	62
	63	<varlistentry>
	64	<term><literal>bin:x:1:1:bin:/bin:/bin/false</literal></term>
	65	<listitem>
	66	<para>Can be useful for compatibility with legacy applications.</para>
	67	</listitem>
	68	</varlistentry>
	69	<varlistentry>
	70	<term><literal>daemon:x:2:6:daemon:/sbin:/bin/false</literal></term>
	71	<listitem>
	72	<para>It is often recommended to use an unprivileged User ID/Group ID
	73	for daemons in order to limit their access to the system.</para>
	74	</listitem>
	75	</varlistentry>
	76	<varlistentry>
	77	<term><literal>adm:x:3:16:adm:/var/adm:/bin/false</literal></term>
	78	<listitem>
	79	<para>Was used for programs that performed administrative tasks.</para>
	80	</listitem>
	81	</varlistentry>
	82	<varlistentry>
	83	<term><literal>lp:x:10:9:lp:/var/spool/lp:/bin/false</literal></term>
	84	<listitem>
	85	<para>Used by programs for printing.</para>
	86	</listitem>
	87	</varlistentry>
	88	<varlistentry>
	89	<term><literal>mail:x:30:30:mail:/var/mail:/bin/false</literal></term>
	90	<listitem>
	91	<para>Often used by email programs.</para>
	92	</listitem>
	93	</varlistentry>
	94	<varlistentry>
	95	<term><literal>news:x:31:31:news:/var/spool/news:/bin/false</literal></term>
	96	<listitem>
	97	<para>Often used for network news servers.</para>
	98	</listitem>
	99	</varlistentry>
	100	<varlistentry>
	101	<term><literal>uucp:x:32:32:uucp:/var/spool/uucp:/bin/false</literal></term>
	102	<listitem>
	103	<para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
	104	</listitem>
	105	</varlistentry>
	106	<varlistentry>
[1d67150]	107	<term><literal>operator:x:50:0:operator:/root:/bin/ash</literal></term>
[a9e389d]	108	<listitem>
	109	<para>Often used to allow system operators to access the system.</para>
	110	</listitem>
	111	</varlistentry>
	112	<varlistentry>
	113	<term><literal>postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false</literal></term>
	114	<listitem>
	115	<para>Generally used as an account that receives all the information of troubles with the mail server.</para>
	116	</listitem>
	117	</varlistentry>
	118	<varlistentry>
	119	<term><literal>nobody:x:65534:65534:nobody:/:/bin/false</literal></term>
	120	<listitem>
	121	<para>Used by NFS.</para>
	122	</listitem>
	123	</varlistentry>
	124	</variablelist>
	125
	126	<para>Create the <filename>/etc/group</filename> file by running the following
	127	command:</para>
	128
	129	<screen><userinput>cat > ${CLFS}/etc/group << "EOF"
	130	<literal>root:x:0:
	131	bin:x:1:
	132	sys:x:2:
	133	kmem:x:3:
	134	tty:x:4:
	135	tape:x:5:
	136	daemon:x:6:
	137	floppy:x:7:
	138	disk:x:8:
	139	lp:x:9:
	140	dialout:x:10:
	141	audio:x:11:
	142	video:x:12:
	143	utmp:x:13:
	144	usb:x:14:
	145	cdrom:x:15:</literal>
	146	EOF</userinput></screen>
	147
	148	<variablelist os="c">
	149
	150	<title>Additional groups you may want to add</title>
	151
	152	<varlistentry>
	153	<term><literal>adm:x:16:root,adm,daemon</literal></term>
	154	<listitem>
	155	<para>All users in this group are allowed to do administrative tasks</para>
	156	</listitem>
	157	</varlistentry>
	158	<varlistentry>
	159	<term><literal>console:x:17:</literal></term>
	160	<listitem>
	161	<para>This group has direct access to the console</para>
	162	</listitem>
	163	</varlistentry>
	164	<varlistentry>
	165	<term><literal>cdrw:x:18:</literal></term>
	166	<listitem>
	167	<para>This group is allowed to use the CDRW drive</para>
	168	</listitem>
	169	</varlistentry>
	170	<varlistentry>
	171	<term><literal>mail:x:30:mail</literal></term>
	172	<listitem>
	173	<para>Used by MTAs (Mail Transport Agents)</para>
	174	</listitem>
	175	</varlistentry>
	176	<varlistentry>
	177	<term><literal>news:x:31:news</literal></term>
	178	<listitem>
	179	<para>Used by Network News Servers</para>
	180	</listitem>
	181	</varlistentry>
	182	<varlistentry>
	183	<term><literal>uucp:x:32:uucp</literal></term>
	184	<listitem>
	185	<para>Used by the Unix-to-Unix copy users</para>
	186	</listitem>
	187	</varlistentry>
	188	<varlistentry>
	189	<term><literal>users:x:100:</literal></term>
	190	<listitem>
	191	<para>The default GID used by shadow for new users</para>
	192	</listitem>
	193	</varlistentry>
	194	<varlistentry>
	195	<term><literal>nogroup:x:65533:</literal></term>
	196	<listitem>
	197	<para>This is a default group used by some programs that do not
	198	require a group</para>
	199	</listitem>
	200	</varlistentry>
	201	<varlistentry>
	202	<term><literal>nobody:x:65534:</literal></term>
	203	<listitem>
	204	<para>This is used by NFS</para>
	205	</listitem>
	206	</varlistentry>
	207	</variablelist>
	208
	209	<para>The created groups are not part of any standard—they are groups
	210	decided on in part by the requirements of the Udev configuration in this
	211	chapter, and in part by common convention employed by a number of existing
	212	Linux distributions. The Linux Standard Base (LSB, available at <ulink
	213	url="http://www.linuxbase.org"/>) recommends only that, besides the group
	214	<systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0,
	215	a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be
	216	present. All other group names and GIDs can be chosen freely by the system
	217	administrator since well-written programs do not depend on GID numbers, but
	218	rather use the group's name.</para>
	219
	220	<para>The <command>login</command>, <command>agetty</command>, and
	221	<command>init</command> programs (and others) use a number of log
	222	files to record information such as who was logged into the system and
	223	when. However, these programs will not write to the log files if they
	224	do not already exist. Initialize the log files and give them
	225	proper permissions:</para>
	226
	227	<screen><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
	228	chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog</userinput></screen>
	229
	230	<para>The <filename>/var/run/utmp</filename> file records the users
	231	that are currently logged in. The <filename>/var/log/wtmp</filename>
	232	file records all logins and logouts. The
	233	<filename>/var/log/lastlog</filename> file records when
	234	each user last logged in. The <filename>/var/log/btmp</filename> file
	235	records the bad login attempts.</para>
	236
	237	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: