1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
5 | %general-entities;
|
---|
6 | ]>
|
---|
7 |
|
---|
8 | <sect1 id="ch-final-system-creatingfiles">
|
---|
9 | <?dbhtml filename="creatingfiles.html"?>
|
---|
10 |
|
---|
11 | <title>Creating the passwd, group, and lastlog Files</title>
|
---|
12 |
|
---|
13 | <indexterm zone="ch-final-system-creatingfiles">
|
---|
14 | <primary sortas="e-/etc/passwd">/etc/passwd</primary>
|
---|
15 | </indexterm>
|
---|
16 |
|
---|
17 | <indexterm zone="ch-final-system-creatingfiles">
|
---|
18 | <primary sortas="e-/etc/group">/etc/group</primary>
|
---|
19 | </indexterm>
|
---|
20 |
|
---|
21 | <indexterm zone="ch-final-system-creatingfiles">
|
---|
22 | <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
|
---|
23 | </indexterm>
|
---|
24 |
|
---|
25 | <para>A proper Linux system maintains a list of the mounted file systems in
|
---|
26 | the file <filename>/etc/mtab</filename>. With the way our embedded system is
|
---|
27 | designed, we will be using a symlink to <filename>/proc/mounts</filename>:</para>
|
---|
28 |
|
---|
29 | <screen><userinput>ln -svf ../proc/mounts ${CLFS}/targetfs/etc/mtab</userinput></screen>
|
---|
30 |
|
---|
31 | <para>In order for user <systemitem class="username">root</systemitem> to be
|
---|
32 | able to login and for the name <quote>root</quote> to be recognized, there
|
---|
33 | must be relevant entries in the <filename>/etc/passwd</filename> and
|
---|
34 | <filename>/etc/group</filename> files.</para>
|
---|
35 |
|
---|
36 | <para>Create the <filename>/etc/passwd</filename> file by running the following
|
---|
37 | command:</para>
|
---|
38 |
|
---|
39 | <screen><userinput>cat > ${CLFS}/targetfs/etc/passwd << "EOF"
|
---|
40 | <literal>root::0:0:root:/root:/bin/ash</literal>
|
---|
41 | EOF</userinput></screen>
|
---|
42 |
|
---|
43 | <para>The actual password for <systemitem class="username">root</systemitem>
|
---|
44 | (the <quote>::</quote> used here is just a placeholder and allow you to login
|
---|
45 | with no password) will be set later.</para>
|
---|
46 |
|
---|
47 | <variablelist os="b">
|
---|
48 |
|
---|
49 | <title>Additional optional users you may want to add:</title>
|
---|
50 |
|
---|
51 | <varlistentry>
|
---|
52 | <term><literal>bin:x:1:1:bin:/bin:/bin/false</literal></term>
|
---|
53 | <listitem>
|
---|
54 | <para>Can be useful for compatibility with legacy applications.</para>
|
---|
55 | </listitem>
|
---|
56 | </varlistentry>
|
---|
57 | <varlistentry>
|
---|
58 | <term><literal>daemon:x:2:6:daemon:/sbin:/bin/false</literal></term>
|
---|
59 | <listitem>
|
---|
60 | <para>It is often recommended to use an unprivileged User ID/Group ID
|
---|
61 | for daemons in order to limit their access to the system.</para>
|
---|
62 | </listitem>
|
---|
63 | </varlistentry>
|
---|
64 | <varlistentry>
|
---|
65 | <term><literal>adm:x:3:16:adm:/var/adm:/bin/false</literal></term>
|
---|
66 | <listitem>
|
---|
67 | <para>Was used for programs that performed administrative tasks.</para>
|
---|
68 | </listitem>
|
---|
69 | </varlistentry>
|
---|
70 | <varlistentry>
|
---|
71 | <term><literal>lp:x:10:9:lp:/var/spool/lp:/bin/false</literal></term>
|
---|
72 | <listitem>
|
---|
73 | <para>Used by programs for printing.</para>
|
---|
74 | </listitem>
|
---|
75 | </varlistentry>
|
---|
76 | <varlistentry>
|
---|
77 | <term><literal>mail:x:30:30:mail:/var/mail:/bin/false</literal></term>
|
---|
78 | <listitem>
|
---|
79 | <para>Often used by email programs.</para>
|
---|
80 | </listitem>
|
---|
81 | </varlistentry>
|
---|
82 | <varlistentry>
|
---|
83 | <term><literal>news:x:31:31:news:/var/spool/news:/bin/false</literal></term>
|
---|
84 | <listitem>
|
---|
85 | <para>Often used for network news servers.</para>
|
---|
86 | </listitem>
|
---|
87 | </varlistentry>
|
---|
88 | <varlistentry>
|
---|
89 | <term><literal>uucp:x:32:32:uucp:/var/spool/uucp:/bin/false</literal></term>
|
---|
90 | <listitem>
|
---|
91 | <para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
|
---|
92 | </listitem>
|
---|
93 | </varlistentry>
|
---|
94 | <varlistentry>
|
---|
95 | <term><literal>operator:x:50:0:operator:/root:/bin/ash</literal></term>
|
---|
96 | <listitem>
|
---|
97 | <para>Often used to allow system operators to access the system.</para>
|
---|
98 | </listitem>
|
---|
99 | </varlistentry>
|
---|
100 | <varlistentry>
|
---|
101 | <term><literal>postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false</literal></term>
|
---|
102 | <listitem>
|
---|
103 | <para>Generally used as an account that receives all the information of troubles with the mail server.</para>
|
---|
104 | </listitem>
|
---|
105 | </varlistentry>
|
---|
106 | <varlistentry>
|
---|
107 | <term><literal>nobody:x:65534:65534:nobody:/:/bin/false</literal></term>
|
---|
108 | <listitem>
|
---|
109 | <para>Used by NFS.</para>
|
---|
110 | </listitem>
|
---|
111 | </varlistentry>
|
---|
112 | </variablelist>
|
---|
113 |
|
---|
114 | <para>Create the <filename>/etc/group</filename> file by running the following
|
---|
115 | command:</para>
|
---|
116 |
|
---|
117 | <screen><userinput>cat > ${CLFS}/targetfs/etc/group << "EOF"
|
---|
118 | <literal>root:x:0:
|
---|
119 | bin:x:1:
|
---|
120 | sys:x:2:
|
---|
121 | kmem:x:3:
|
---|
122 | tty:x:4:
|
---|
123 | tape:x:5:
|
---|
124 | daemon:x:6:
|
---|
125 | floppy:x:7:
|
---|
126 | disk:x:8:
|
---|
127 | lp:x:9:
|
---|
128 | dialout:x:10:
|
---|
129 | audio:x:11:
|
---|
130 | video:x:12:
|
---|
131 | utmp:x:13:
|
---|
132 | usb:x:14:
|
---|
133 | cdrom:x:15:</literal>
|
---|
134 | EOF</userinput></screen>
|
---|
135 |
|
---|
136 | <variablelist os="c">
|
---|
137 |
|
---|
138 | <title>Additional optional groups you may want to add</title>
|
---|
139 |
|
---|
140 | <varlistentry>
|
---|
141 | <term><literal>adm:x:16:root,adm,daemon</literal></term>
|
---|
142 | <listitem>
|
---|
143 | <para>All users in this group are allowed to do administrative tasks</para>
|
---|
144 | </listitem>
|
---|
145 | </varlistentry>
|
---|
146 | <varlistentry>
|
---|
147 | <term><literal>console:x:17:</literal></term>
|
---|
148 | <listitem>
|
---|
149 | <para>This group has direct access to the console</para>
|
---|
150 | </listitem>
|
---|
151 | </varlistentry>
|
---|
152 | <varlistentry>
|
---|
153 | <term><literal>cdrw:x:18:</literal></term>
|
---|
154 | <listitem>
|
---|
155 | <para>This group is allowed to use the CDRW drive</para>
|
---|
156 | </listitem>
|
---|
157 | </varlistentry>
|
---|
158 | <varlistentry>
|
---|
159 | <term><literal>mail:x:30:mail</literal></term>
|
---|
160 | <listitem>
|
---|
161 | <para>Used by MTAs (Mail Transport Agents)</para>
|
---|
162 | </listitem>
|
---|
163 | </varlistentry>
|
---|
164 | <varlistentry>
|
---|
165 | <term><literal>news:x:31:news</literal></term>
|
---|
166 | <listitem>
|
---|
167 | <para>Used by Network News Servers</para>
|
---|
168 | </listitem>
|
---|
169 | </varlistentry>
|
---|
170 | <varlistentry>
|
---|
171 | <term><literal>uucp:x:32:uucp</literal></term>
|
---|
172 | <listitem>
|
---|
173 | <para>Used by the Unix-to-Unix copy users</para>
|
---|
174 | </listitem>
|
---|
175 | </varlistentry>
|
---|
176 | <varlistentry>
|
---|
177 | <term><literal>users:x:100:</literal></term>
|
---|
178 | <listitem>
|
---|
179 | <para>The default GID used by shadow for new users</para>
|
---|
180 | </listitem>
|
---|
181 | </varlistentry>
|
---|
182 | <varlistentry>
|
---|
183 | <term><literal>nogroup:x:65533:</literal></term>
|
---|
184 | <listitem>
|
---|
185 | <para>This is a default group used by some programs that do not
|
---|
186 | require a group</para>
|
---|
187 | </listitem>
|
---|
188 | </varlistentry>
|
---|
189 | <varlistentry>
|
---|
190 | <term><literal>nobody:x:65534:</literal></term>
|
---|
191 | <listitem>
|
---|
192 | <para>This is used by NFS</para>
|
---|
193 | </listitem>
|
---|
194 | </varlistentry>
|
---|
195 | </variablelist>
|
---|
196 |
|
---|
197 | <para>The created groups are not part of any standard—they are groups
|
---|
198 | decided on in part by the requirements of BusyBox later in this
|
---|
199 | chapter, and in part by common convention employed by a number of existing
|
---|
200 | Linux distributions. The Linux Standard Base (LSB, available at <ulink
|
---|
201 | url="http://www.linuxbase.org"/>) recommends only that, besides the group
|
---|
202 | <systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0,
|
---|
203 | a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be
|
---|
204 | present. All other group names and GIDs can be chosen freely by the system
|
---|
205 | administrator since well-written programs do not depend on GID numbers, but
|
---|
206 | rather use the group's name.</para>
|
---|
207 |
|
---|
208 | <para>The <command>login</command>, <command>agetty</command>, and
|
---|
209 | <command>init</command> programs (and others) use the lastlog
|
---|
210 | file to record information such as who was logged into the system and
|
---|
211 | when. However, these programs will not write to the lastlog file if it
|
---|
212 | does not already exist. Initialize the lastlog file and give it
|
---|
213 | proper permissions:</para>
|
---|
214 |
|
---|
215 | <screen><userinput>touch ${CLFS}/targetfs/var/log/lastlog
|
---|
216 | chmod -v 664 ${CLFS}/targetfs/var/log/lastlog</userinput></screen>
|
---|
217 |
|
---|
218 | </sect1>
|
---|