Changeset 207b438 in clfs-embedded
- Timestamp:
- Oct 24, 2013, 11:49:41 AM (11 years ago)
- Branches:
- master
- Children:
- 957af3d
- Parents:
- a954b24
- git-author:
- Andrew Bradford <andrew@…> (10/24/13 11:41:43)
- git-committer:
- Andrew Bradford <andrew@…> (10/24/13 11:49:41)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
BOOK/final-system/common/creatingfiles.xml
ra954b24 r207b438 57 57 with no password) will be set later.</para> 58 58 59 <variablelist os="b"> 60 61 <title>Additional optional users you may want to add:</title> 62 63 <varlistentry> 64 <term><literal>bin:x:1:1:bin:/bin:/bin/false</literal></term> 65 <listitem> 66 <para>Can be useful for compatibility with legacy applications.</para> 67 </listitem> 68 </varlistentry> 69 <varlistentry> 70 <term><literal>daemon:x:2:6:daemon:/sbin:/bin/false</literal></term> 71 <listitem> 72 <para>It is often recommended to use an unprivileged User ID/Group ID 73 for daemons in order to limit their access to the system.</para> 74 </listitem> 75 </varlistentry> 76 <varlistentry> 77 <term><literal>adm:x:3:16:adm:/var/adm:/bin/false</literal></term> 78 <listitem> 79 <para>Was used for programs that performed administrative tasks.</para> 80 </listitem> 81 </varlistentry> 82 <varlistentry> 83 <term><literal>lp:x:10:9:lp:/var/spool/lp:/bin/false</literal></term> 84 <listitem> 85 <para>Used by programs for printing.</para> 86 </listitem> 87 </varlistentry> 88 <varlistentry> 89 <term><literal>mail:x:30:30:mail:/var/mail:/bin/false</literal></term> 90 <listitem> 91 <para>Often used by email programs.</para> 92 </listitem> 93 </varlistentry> 94 <varlistentry> 95 <term><literal>news:x:31:31:news:/var/spool/news:/bin/false</literal></term> 96 <listitem> 97 <para>Often used for network news servers.</para> 98 </listitem> 99 </varlistentry> 100 <varlistentry> 101 <term><literal>uucp:x:32:32:uucp:/var/spool/uucp:/bin/false</literal></term> 102 <listitem> 103 <para>Often used for Unix-to-Unix Copy of files from one server to the next</para> 104 </listitem> 105 </varlistentry> 106 <varlistentry> 107 <term><literal>operator:x:50:0:operator:/root:/bin/ash</literal></term> 108 <listitem> 109 <para>Often used to allow system operators to access the system.</para> 110 </listitem> 111 </varlistentry> 112 <varlistentry> 113 <term><literal>postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false</literal></term> 114 <listitem> 115 <para>Generally used as an account that receives all the information of troubles with the mail server.</para> 116 </listitem> 117 </varlistentry> 118 <varlistentry> 119 <term><literal>nobody:x:65534:65534:nobody:/:/bin/false</literal></term> 120 <listitem> 121 <para>Used by NFS.</para> 122 </listitem> 123 </varlistentry> 124 </variablelist> 125 59 126 <para>Create the <filename>/etc/group</filename> file by running the following 60 127 command:</para> … … 63 130 <literal>root:x:0: 64 131 bin:x:1: 65 users:x:1000: 66 nogroup:x:65533: 67 nobody:x:65534:</literal> 132 sys:x:2: 133 kmem:x:3: 134 tty:x:4: 135 tape:x:5: 136 daemon:x:6: 137 floppy:x:7: 138 disk:x:8: 139 lp:x:9: 140 dialout:x:10: 141 audio:x:11: 142 video:x:12: 143 utmp:x:13: 144 usb:x:14: 145 cdrom:x:15:</literal> 68 146 EOF</userinput></screen> 69 147 70 <para>The created groups are not part of any standard. The Linux Standard 71 Base (LSB, available at <ulink url="http://www.linuxbase.org"/>) recommends 72 only that, besides the group <systemitem class="groupname">root</systemitem> 73 with a Group ID (GID) of 0, a group <systemitem 74 class="groupname">bin</systemitem> with a GID of 1 be present. All other 75 group names and GIDs can be chosen freely by the system administrator since 76 well-written programs do not depend on GID numbers, but rather use the 77 group's name.</para> 148 <variablelist os="c"> 149 150 <title>Additional optional groups you may want to add</title> 151 152 <varlistentry> 153 <term><literal>adm:x:16:root,adm,daemon</literal></term> 154 <listitem> 155 <para>All users in this group are allowed to do administrative tasks</para> 156 </listitem> 157 </varlistentry> 158 <varlistentry> 159 <term><literal>console:x:17:</literal></term> 160 <listitem> 161 <para>This group has direct access to the console</para> 162 </listitem> 163 </varlistentry> 164 <varlistentry> 165 <term><literal>cdrw:x:18:</literal></term> 166 <listitem> 167 <para>This group is allowed to use the CDRW drive</para> 168 </listitem> 169 </varlistentry> 170 <varlistentry> 171 <term><literal>mail:x:30:mail</literal></term> 172 <listitem> 173 <para>Used by MTAs (Mail Transport Agents)</para> 174 </listitem> 175 </varlistentry> 176 <varlistentry> 177 <term><literal>news:x:31:news</literal></term> 178 <listitem> 179 <para>Used by Network News Servers</para> 180 </listitem> 181 </varlistentry> 182 <varlistentry> 183 <term><literal>uucp:x:32:uucp</literal></term> 184 <listitem> 185 <para>Used by the Unix-to-Unix copy users</para> 186 </listitem> 187 </varlistentry> 188 <varlistentry> 189 <term><literal>users:x:100:</literal></term> 190 <listitem> 191 <para>The default GID used by shadow for new users</para> 192 </listitem> 193 </varlistentry> 194 <varlistentry> 195 <term><literal>nogroup:x:65533:</literal></term> 196 <listitem> 197 <para>This is a default group used by some programs that do not 198 require a group</para> 199 </listitem> 200 </varlistentry> 201 <varlistentry> 202 <term><literal>nobody:x:65534:</literal></term> 203 <listitem> 204 <para>This is used by NFS</para> 205 </listitem> 206 </varlistentry> 207 </variablelist> 208 209 <para>The created groups are not part of any standard—they are groups 210 decided on in part by the requirements of the Udev configuration in this 211 chapter, and in part by common convention employed by a number of existing 212 Linux distributions. The Linux Standard Base (LSB, available at <ulink 213 url="http://www.linuxbase.org"/>) recommends only that, besides the group 214 <systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0, 215 a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be 216 present. All other group names and GIDs can be chosen freely by the system 217 administrator since well-written programs do not depend on GID numbers, but 218 rather use the group's name.</para> 78 219 79 220 <para>The <command>login</command>, <command>agetty</command>, and
Note:
See TracChangeset
for help on using the changeset viewer.