source: clfs-sysroot/BOOK/final-preps/creatingfiles.xml @ 0566c2a

Last change on this file since 0566c2a was 0566c2a, checked in by Joe Ciccone <jciccone@…>, 15 years ago

Updated Udev to 136. Added uucp to the default group file. Fixed typo on the creating groups page.
  • Property mode set to 100644
File size: 8.2 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4  <!ENTITY % general-entities SYSTEM "../general.ent">
5  %general-entities;
6]>
7
8<sect1 id="ch-final-preps-creatingfiles">
9  <?dbhtml filename="creatingfiles.html"?>
10
11  <title>Creating the passwd, group, and log Files</title>
12
13  <indexterm zone="ch-final-preps-creatingfiles">
14    <primary sortas="e-/etc/passwd">/etc/passwd</primary>
15  </indexterm>
16
17  <indexterm zone="ch-final-preps-creatingfiles">
18    <primary sortas="e-/etc/group">/etc/group</primary>
19  </indexterm>
20
21  <indexterm zone="ch-final-preps-creatingfiles">
22    <primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
23  </indexterm>
24
25  <indexterm zone="ch-final-preps-creatingfiles">
26    <primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
27  </indexterm>
28
29  <indexterm zone="ch-final-preps-creatingfiles">
30    <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
31  </indexterm>
32
33  <indexterm zone="ch-final-preps-creatingfiles">
34    <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35  </indexterm>
36
37  <para>In order for user <systemitem class="username">root</systemitem> to be
38  able to login and for the name <quote>root</quote> to be recognized, there
39  must be relevant entries in the <filename>/etc/passwd</filename> and
40  <filename>/etc/group</filename> files.</para>
41
42  <para>Create the <filename>/etc/passwd</filename> file by running the following
43  command:</para>
44
45<screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
46<literal>root::&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
47EOF</userinput></screen>
48
49  <para>The actual password for <systemitem class="username">root</systemitem>
50  (the <quote>::</quote> used here is just a placeholder and allow you to login
51  with no password) will be set later.</para>
52
53  <variablelist os="b">
54
55    <title>Additional users you may want to add:</title>
56
57    <varlistentry>
58      <term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
59      <listitem>
60        <para>Can be useful for compatibility with legacy applications.</para>
61      </listitem>
62    </varlistentry>
63    <varlistentry>
64      <term><literal>daemon:x:&uid-daemon;:&uid-daemon;:daemon:/sbin:/bin/false</literal></term>
65      <listitem>
66        <para>It is often recommended to use an unprivileged User ID/Group ID
67        for daemons in order to limit their access to the system.</para>
68      </listitem>
69    </varlistentry>
70    <varlistentry>
71      <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
72      <listitem>
73        <para>Was used for programs that performed administrative tasks.</para>
74      </listitem>
75    </varlistentry>
76    <varlistentry>
77      <term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
78      <listitem>
79        <para>Used by programs for printing.</para>
80      </listitem>
81    </varlistentry>
82    <varlistentry>
83      <term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
84      <listitem>
85        <para>Often used by email programs.</para>
86      </listitem>
87    </varlistentry>
88    <varlistentry>
89      <term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
90      <listitem>
91        <para>Often used for network news servers.</para>
92      </listitem>
93    </varlistentry>
94    <varlistentry>
95      <term><literal>uucp:x:&uid-uucp;:&gid-uucp;:uucp:/var/spool/uucp:/bin/false</literal></term>
96      <listitem>
97        <para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
98      </listitem>
99    </varlistentry>
100    <varlistentry>
101      <term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
102      <listitem>
103        <para>Often used to allow system operators to access the system.</para>
104      </listitem>
105    </varlistentry>
106    <varlistentry>
107      <term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
108      <listitem>
109        <para>Generally used as an account that receives all the information of troubles with the mail server.</para>
110      </listitem>
111    </varlistentry>
112    <varlistentry>
113      <term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
114      <listitem>
115        <para>Used by NFS.</para>
116      </listitem>
117    </varlistentry>
118  </variablelist>
119
120  <para>Create the <filename>/etc/group</filename> file by running the following
121  command:</para>
122
123<screen><userinput>cat &gt; ${CLFS}/etc/group &lt;&lt; "EOF"
124<literal>root:x:&gid-root;:
125bin:x:&gid-bin;:
126sys:x:&gid-sys;:
127kmem:x:&gid-kmem;:
128tty:x:&gid-tty;:
129tape:x:&gid-tape;:
130daemon:x:&gid-daemon;:
131floppy:x:&gid-floppy;:
132disk:x:&gid-disk;:
133lp:x:&gid-lp;:
134dialout:x:&gid-dialout;:
135audio:x:&gid-audio;:
136video:x:&gid-video;:
137utmp:x:&gid-utmp;:
138usb:x:&gid-usb;:
139cdrom:x:&gid-cdrom;:
140uucp:x:&gid-uucp;:</literal>
141EOF</userinput></screen>
142
143  <variablelist os="c">
144
145    <title>Additional groups you may want to add</title>
146
147    <varlistentry>
148      <term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
149      <listitem>
150        <para>All users in this group are allowed to do administrative tasks</para>
151      </listitem>
152    </varlistentry>
153    <varlistentry>
154      <term><literal>console:x:&gid-console;:</literal></term>
155      <listitem>
156        <para>This group has direct access to the console</para>
157      </listitem>
158    </varlistentry>
159    <varlistentry>
160      <term><literal>cdrw:x:&gid-cdrw;:</literal></term>
161      <listitem>
162        <para>This group is allowed to use the CDRW drive</para>
163      </listitem>
164    </varlistentry>
165    <varlistentry>
166      <term><literal>mail:x:&gid-mail;:mail</literal></term>
167      <listitem>
168        <para>Used by MTAs (Mail Transport Agents)</para>
169      </listitem>
170    </varlistentry>
171    <varlistentry>
172      <term><literal>news:x:&gid-news;:news</literal></term>
173      <listitem>
174        <para>Used by Network News Servers</para>
175      </listitem>
176    </varlistentry>
177    <varlistentry>
178      <term><literal>users:x:&gid-users;:</literal></term>
179      <listitem>
180        <para>The default GID used by shadow for new users</para>
181      </listitem>
182    </varlistentry>
183    <varlistentry>
184      <term><literal>nogroup:x:&gid-nogroup;:</literal></term>
185      <listitem>
186        <para>This is a default group used by some programs that do not
187        require a group</para>
188      </listitem>
189    </varlistentry>
190    <varlistentry>
191      <term><literal>nobody:x:&gid-nobody;:</literal></term>
192      <listitem>
193        <para>This is used by NFS</para>
194      </listitem>
195    </varlistentry>
196  </variablelist>
197
198  <para>The created groups are not part of any standard&mdash;they are groups
199  decided on in part by the requirements of the Udev configuration in this
200  chapter, and in part by common convention employed by a number of existing
201  Linux distributions. The Linux Standard Base (LSB, available at <ulink
202  url="http://www.linuxbase.org"/>) recommends only that, besides the group
203  <systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0,
204  a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be
205  present. All other group names and GIDs can be chosen freely by the system
206  administrator since well-written programs do not depend on GID numbers, but
207  rather use the group's name.</para>
208
209  <para>The <command>login</command>, <command>agetty</command>, and
210  <command>init</command> programs (and others) use a number of log
211  files to record information such as who was logged into the system and
212  when. However, these programs will not write to the log files if they
213  do not already exist. Initialize the log files and give them
214  proper permissions:</para>
215
216<screen><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
217chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog
218chmod -v 600 ${CLFS}/var/log/btmp</userinput></screen>
219
220  <para>The <filename>/var/run/utmp</filename> file records the users
221  that are currently logged in. The <filename>/var/log/wtmp</filename>
222  file records all logins and logouts. The
223  <filename>/var/log/lastlog</filename> file records when
224  each user last logged in. The <filename>/var/log/btmp</filename> file
225  records the bad login attempts.</para>
226
227</sect1>
Note: See TracBrowser for help on using the repository browser.