source: clfs-embedded/BOOK/final-system/common/creatingfiles.xml@ faf50d8

Last change on this file since faf50d8 was 81b4464, checked in by Andrew Bradford <andrew@…>, 7 years ago

final-system/creatingfiles: Remove utmp, wtmp, and btmp creation

musl doesn't properly support these files and we take them out of the
busybox config when building it, so don't create the files in the first
place.

  • Property mode set to 100644
File size: 7.6 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-final-system-creatingfiles">
9 <?dbhtml filename="creatingfiles.html"?>
10
11 <title>Creating the passwd, group, and lastlog Files</title>
12
13 <indexterm zone="ch-final-system-creatingfiles">
14 <primary sortas="e-/etc/passwd">/etc/passwd</primary>
15 </indexterm>
16
17 <indexterm zone="ch-final-system-creatingfiles">
18 <primary sortas="e-/etc/group">/etc/group</primary>
19 </indexterm>
20
21 <indexterm zone="ch-final-system-creatingfiles">
22 <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
23 </indexterm>
24
25 <para>A proper Linux system maintains a list of the mounted file systems in
26 the file <filename>/etc/mtab</filename>. With the way our embedded system is
27 designed, we will be using a symlink to <filename>/proc/mounts</filename>:</para>
28
29<screen><userinput>ln -svf ../proc/mounts ${CLFS}/targetfs/etc/mtab</userinput></screen>
30
31 <para>In order for user <systemitem class="username">root</systemitem> to be
32 able to login and for the name <quote>root</quote> to be recognized, there
33 must be relevant entries in the <filename>/etc/passwd</filename> and
34 <filename>/etc/group</filename> files.</para>
35
36 <para>Create the <filename>/etc/passwd</filename> file by running the following
37 command:</para>
38
39<screen><userinput>cat &gt; ${CLFS}/targetfs/etc/passwd &lt;&lt; "EOF"
40<literal>root::0:0:root:/root:/bin/ash</literal>
41EOF</userinput></screen>
42
43 <para>The actual password for <systemitem class="username">root</systemitem>
44 (the <quote>::</quote> used here is just a placeholder and allow you to login
45 with no password) will be set later.</para>
46
47 <variablelist os="b">
48
49 <title>Additional optional users you may want to add:</title>
50
51 <varlistentry>
52 <term><literal>bin:x:1:1:bin:/bin:/bin/false</literal></term>
53 <listitem>
54 <para>Can be useful for compatibility with legacy applications.</para>
55 </listitem>
56 </varlistentry>
57 <varlistentry>
58 <term><literal>daemon:x:2:6:daemon:/sbin:/bin/false</literal></term>
59 <listitem>
60 <para>It is often recommended to use an unprivileged User ID/Group ID
61 for daemons in order to limit their access to the system.</para>
62 </listitem>
63 </varlistentry>
64 <varlistentry>
65 <term><literal>adm:x:3:16:adm:/var/adm:/bin/false</literal></term>
66 <listitem>
67 <para>Was used for programs that performed administrative tasks.</para>
68 </listitem>
69 </varlistentry>
70 <varlistentry>
71 <term><literal>lp:x:10:9:lp:/var/spool/lp:/bin/false</literal></term>
72 <listitem>
73 <para>Used by programs for printing.</para>
74 </listitem>
75 </varlistentry>
76 <varlistentry>
77 <term><literal>mail:x:30:30:mail:/var/mail:/bin/false</literal></term>
78 <listitem>
79 <para>Often used by email programs.</para>
80 </listitem>
81 </varlistentry>
82 <varlistentry>
83 <term><literal>news:x:31:31:news:/var/spool/news:/bin/false</literal></term>
84 <listitem>
85 <para>Often used for network news servers.</para>
86 </listitem>
87 </varlistentry>
88 <varlistentry>
89 <term><literal>uucp:x:32:32:uucp:/var/spool/uucp:/bin/false</literal></term>
90 <listitem>
91 <para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
92 </listitem>
93 </varlistentry>
94 <varlistentry>
95 <term><literal>operator:x:50:0:operator:/root:/bin/ash</literal></term>
96 <listitem>
97 <para>Often used to allow system operators to access the system.</para>
98 </listitem>
99 </varlistentry>
100 <varlistentry>
101 <term><literal>postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false</literal></term>
102 <listitem>
103 <para>Generally used as an account that receives all the information of troubles with the mail server.</para>
104 </listitem>
105 </varlistentry>
106 <varlistentry>
107 <term><literal>nobody:x:65534:65534:nobody:/:/bin/false</literal></term>
108 <listitem>
109 <para>Used by NFS.</para>
110 </listitem>
111 </varlistentry>
112 </variablelist>
113
114 <para>Create the <filename>/etc/group</filename> file by running the following
115 command:</para>
116
117<screen><userinput>cat &gt; ${CLFS}/targetfs/etc/group &lt;&lt; "EOF"
118<literal>root:x:0:
119bin:x:1:
120sys:x:2:
121kmem:x:3:
122tty:x:4:
123tape:x:5:
124daemon:x:6:
125floppy:x:7:
126disk:x:8:
127lp:x:9:
128dialout:x:10:
129audio:x:11:
130video:x:12:
131utmp:x:13:
132usb:x:14:
133cdrom:x:15:</literal>
134EOF</userinput></screen>
135
136 <variablelist os="c">
137
138 <title>Additional optional groups you may want to add</title>
139
140 <varlistentry>
141 <term><literal>adm:x:16:root,adm,daemon</literal></term>
142 <listitem>
143 <para>All users in this group are allowed to do administrative tasks</para>
144 </listitem>
145 </varlistentry>
146 <varlistentry>
147 <term><literal>console:x:17:</literal></term>
148 <listitem>
149 <para>This group has direct access to the console</para>
150 </listitem>
151 </varlistentry>
152 <varlistentry>
153 <term><literal>cdrw:x:18:</literal></term>
154 <listitem>
155 <para>This group is allowed to use the CDRW drive</para>
156 </listitem>
157 </varlistentry>
158 <varlistentry>
159 <term><literal>mail:x:30:mail</literal></term>
160 <listitem>
161 <para>Used by MTAs (Mail Transport Agents)</para>
162 </listitem>
163 </varlistentry>
164 <varlistentry>
165 <term><literal>news:x:31:news</literal></term>
166 <listitem>
167 <para>Used by Network News Servers</para>
168 </listitem>
169 </varlistentry>
170 <varlistentry>
171 <term><literal>uucp:x:32:uucp</literal></term>
172 <listitem>
173 <para>Used by the Unix-to-Unix copy users</para>
174 </listitem>
175 </varlistentry>
176 <varlistentry>
177 <term><literal>users:x:100:</literal></term>
178 <listitem>
179 <para>The default GID used by shadow for new users</para>
180 </listitem>
181 </varlistentry>
182 <varlistentry>
183 <term><literal>nogroup:x:65533:</literal></term>
184 <listitem>
185 <para>This is a default group used by some programs that do not
186 require a group</para>
187 </listitem>
188 </varlistentry>
189 <varlistentry>
190 <term><literal>nobody:x:65534:</literal></term>
191 <listitem>
192 <para>This is used by NFS</para>
193 </listitem>
194 </varlistentry>
195 </variablelist>
196
197 <para>The created groups are not part of any standard&mdash;they are groups
198 decided on in part by the requirements of BusyBox later in this
199 chapter, and in part by common convention employed by a number of existing
200 Linux distributions. The Linux Standard Base (LSB, available at <ulink
201 url="http://www.linuxbase.org"/>) recommends only that, besides the group
202 <systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0,
203 a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be
204 present. All other group names and GIDs can be chosen freely by the system
205 administrator since well-written programs do not depend on GID numbers, but
206 rather use the group's name.</para>
207
208 <para>The <command>login</command>, <command>agetty</command>, and
209 <command>init</command> programs (and others) use the lastlog
210 file to record information such as who was logged into the system and
211 when. However, these programs will not write to the lastlog file if it
212 does not already exist. Initialize the lastlog file and give it
213 proper permissions:</para>
214
215<screen><userinput>touch ${CLFS}/targetfs/var/log/lastlog
216chmod -v 664 ${CLFS}/targetfs/var/log/lastlog</userinput></screen>
217
218</sect1>
Note: See TracBrowser for help on using the repository browser.