Context Navigation

source: clfs-sysroot/BOOK/final-preps/creatingfiles.xml@ ed3a5a4

Last change on this file since ed3a5a4 was 846eed7, checked in by Joe Ciccone <jciccone@…>, 17 years ago
Create entities for each uid and gid and reference those entities throught the book instead of using user names and group names. prevent util-linux-ng from changing programs groups.
Property mode set to `100644`
File size: 8.4 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../general.ent">
5	%general-entities;
6	]>
7
8	<sect1 id="ch-final-preps-creatingfiles">
9	<?dbhtml filename="creatingfiles.html"?>
10
11	<title>Creating the passwd, group, and log Files</title>
12
13	<indexterm zone="ch-final-preps-creatingfiles">
14	<primary sortas="e-/etc/passwd">/etc/passwd</primary>
15	</indexterm>
16
17	<indexterm zone="ch-final-preps-creatingfiles">
18	<primary sortas="e-/etc/group">/etc/group</primary>
19	</indexterm>
20
21	<indexterm zone="ch-final-preps-creatingfiles">
22	<primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
23	</indexterm>
24
25	<indexterm zone="ch-final-preps-creatingfiles">
26	<primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
27	</indexterm>
28
29	<indexterm zone="ch-final-preps-creatingfiles">
30	<primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
31	</indexterm>
32
33	<indexterm zone="ch-final-preps-creatingfiles">
34	<primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
35	</indexterm>
36
37	<para>In order for user <systemitem class="username">root</systemitem> to be
38	able to login and for the name <quote>root</quote> to be recognized, there
39	must be relevant entries in the <filename>/etc/passwd</filename> and
40	<filename>/etc/group</filename> files.</para>
41
42	<para>Create the <filename>/etc/passwd</filename> file by running the following
43	command:</para>
44
45	<screen><userinput>cat > ${CLFS}/etc/passwd << "EOF"
46	<literal>root::&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
47	EOF</userinput></screen>
48
49	<para>The actual password for <systemitem class="username">root</systemitem>
50	(the <quote>::</quote> used here is just a placeholder and allow you to login
51	with no password) will be set later.</para>
52
53	<variablelist os="b">
54
55	<title>Additional users you may want to add:</title>
56
57	<varlistentry>
58	<term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
59	<listitem>
60	<para>Can be useful for compatibility with legacy applications.</para>
61	</listitem>
62	</varlistentry>
63	<varlistentry>
64	<term><literal>daemon:x:&uid-daemon;:&uid-daemon;:daemon:/sbin:/bin/false</literal></term>
65	<listitem>
66	<para>It is often recommended to use an unprivileged User ID/Group ID
67	for daemons in order to limit their access to the system.</para>
68	</listitem>
69	</varlistentry>
70	<varlistentry>
71	<term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
72	<listitem>
73	<para>Was used for programs that performed administrative tasks.</para>
74	</listitem>
75	</varlistentry>
76	<varlistentry>
77	<term><literal>lp:x:&uid-lp;:&gid-lp;:lp:/var/spool/lp:/bin/false</literal></term>
78	<listitem>
79	<para>Used by programs for printing.</para>
80	</listitem>
81	</varlistentry>
82	<varlistentry>
83	<term><literal>mail:x:&uid-mail;:&gid-mail;:mail:/var/mail:/bin/false</literal></term>
84	<listitem>
85	<para>Often used by email programs.</para>
86	</listitem>
87	</varlistentry>
88	<varlistentry>
89	<term><literal>news:x:&uid-news;:&gid-news;:news:/var/spool/news:/bin/false</literal></term>
90	<listitem>
91	<para>Often used for network news servers.</para>
92	</listitem>
93	</varlistentry>
94	<varlistentry>
95	<term><literal>uucp:x:&uid-uucp;:&gid-uucp;:uucp:/var/spool/uucp:/bin/false</literal></term>
96	<listitem>
97	<para>Often used for Unix-to-Unix Copy of files from one server to the next</para>
98	</listitem>
99	</varlistentry>
100	<varlistentry>
101	<term><literal>operator:x:&uid-operator;:&gid-root;:operator:/root:/bin/bash</literal></term>
102	<listitem>
103	<para>Often used to allow system operators to access the system.</para>
104	</listitem>
105	</varlistentry>
106	<varlistentry>
107	<term><literal>postmaster:x:&uid-postmaster;:&gid-mail;:postmaster:/var/spool/mail:/bin/false</literal></term>
108	<listitem>
109	<para>Generally used as an account that receives all the information of troubles with the mail server.</para>
110	</listitem>
111	</varlistentry>
112	<varlistentry>
113	<term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
114	<listitem>
115	<para>Used by NFS.</para>
116	</listitem>
117	</varlistentry>
118	</variablelist>
119
120	<para>Create the <filename>/etc/group</filename> file by running the following
121	command:</para>
122
123	<screen><userinput>cat > ${CLFS}/etc/group << "EOF"
124	<literal>root:x:&gid-root;:
125	bin:x:&gid-bin;:
126	sys:x:&gid-sys;:
127	kmem:x:&gid-kmem;:
128	tty:x:&gid-tty;:
129	tape:x:&gid-tape;:
130	daemon:x:&gid-daemon;:
131	floppy:x:&gid-floppy;:
132	disk:x:&gid-disk;:
133	lp:x:&gid-lp;:
134	dialout:x:&gid-dialout;:
135	audio:x:&gid-audio;:
136	video:x:&gid-video;:
137	utmp:x:&gid-utmp;:
138	usb:x:&gid-usb;:
139	cdrom:x:&gid-cdrom;:</literal>
140	EOF</userinput></screen>
141
142	<variablelist os="c">
143
144	<title>Additional groups you may want to add</title>
145
146	<varlistentry>
147	<term><literal>adm:x:&gid-adm;16:root,adm,daemon</literal></term>
148	<listitem>
149	<para>All users in this group are allowed to do administrative tasks</para>
150	</listitem>
151	</varlistentry>
152	<varlistentry>
153	<term><literal>console:x:&gid-console;:</literal></term>
154	<listitem>
155	<para>This group has direct access to the console</para>
156	</listitem>
157	</varlistentry>
158	<varlistentry>
159	<term><literal>cdrw:x:&gid-cdrw;:</literal></term>
160	<listitem>
161	<para>This group is allowed to use the CDRW drive</para>
162	</listitem>
163	</varlistentry>
164	<varlistentry>
165	<term><literal>mail:x:&gid-mail;:mail</literal></term>
166	<listitem>
167	<para>Used by MTAs (Mail Transport Agents)</para>
168	</listitem>
169	</varlistentry>
170	<varlistentry>
171	<term><literal>news:x:&gid-news;:news</literal></term>
172	<listitem>
173	<para>Used by Network News Servers</para>
174	</listitem>
175	</varlistentry>
176	<varlistentry>
177	<term><literal>uucp:x:&gid-uucp;:uucp</literal></term>
178	<listitem>
179	<para>Used by the Unix-to-Unix copy users</para>
180	</listitem>
181	</varlistentry>
182	<varlistentry>
183	<term><literal>users:&gid-users;:100:</literal></term>
184	<listitem>
185	<para>The default GID used by shadow for new users</para>
186	</listitem>
187	</varlistentry>
188	<varlistentry>
189	<term><literal>nogroup:&gid-nogroup;:65533:</literal></term>
190	<listitem>
191	<para>This is a default group used by some programs that do not
192	require a group</para>
193	</listitem>
194	</varlistentry>
195	<varlistentry>
196	<term><literal>nobody:x:&gid-nobody;:</literal></term>
197	<listitem>
198	<para>This is used by NFS</para>
199	</listitem>
200	</varlistentry>
201	</variablelist>
202
203	<para>The created groups are not part of any standard—they are groups
204	decided on in part by the requirements of the Udev configuration in this
205	chapter, and in part by common convention employed by a number of existing
206	Linux distributions. The Linux Standard Base (LSB, available at <ulink
207	url="http://www.linuxbase.org"/>) recommends only that, besides the group
208	<systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0,
209	a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be
210	present. All other group names and GIDs can be chosen freely by the system
211	administrator since well-written programs do not depend on GID numbers, but
212	rather use the group's name.</para>
213
214	<para>The <command>login</command>, <command>agetty</command>, and
215	<command>init</command> programs (and others) use a number of log
216	files to record information such as who was logged into the system and
217	when. However, these programs will not write to the log files if they
218	do not already exist. Initialize the log files and give them
219	proper permissions:</para>
220
221	<screen><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
222	chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog</userinput></screen>
223
224	<para>The <filename>/var/run/utmp</filename> file records the users
225	that are currently logged in. The <filename>/var/log/wtmp</filename>
226	file records all logins and logouts. The
227	<filename>/var/log/lastlog</filename> file records when
228	each user last logged in. The <filename>/var/log/btmp</filename> file
229	records the bad login attempts.</para>
230
231	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: