Changes in BOOK/boot/common/pwdgroup.xml [c3b54fac:688b33d]

File:

• BOOK/boot/common/pwdgroup.xml (modified) (10 diffs)

BOOK/boot/common/pwdgroup.xml

@@ -9 +9 @@
   <?dbhtml filename="pwdgroup.html"?>
 
-  <title>Creating the passwd and group Files</title>
+  <title>Creating the passwd, group, and log Files</title>
 
   <indexterm zone="ch-boot-pwdgroup">
@@ -17 +17 @@
   <indexterm zone="ch-boot-pwdgroup">
     <primary sortas="e-/etc/group">/etc/group</primary>
+  </indexterm>
+
+  <indexterm zone="ch-boot-pwdgroup">
+    <primary sortas="e-/var/run/utmp">/var/run/utmp</primary>
+  </indexterm>
+
+  <indexterm zone="ch-boot-pwdgroup">
+    <primary sortas="e-/var/log/btmp">/var/log/btmp</primary>
+  </indexterm>
+
+  <indexterm zone="ch-boot-pwdgroup">
+    <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary>
+  </indexterm>
+
+  <indexterm zone="ch-boot-pwdgroup">
+    <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary>
   </indexterm>
 
@@ -29 +45 @@
 <screen><userinput>cat &gt; ${CLFS}/etc/passwd &lt;&lt; "EOF"
 <literal>root::&uid-root;:&gid-root;:root:/root:/bin/bash</literal>
-<literal>bin:x:&uid-bin;:&gid-bin;:/bin:/bin/false</literal>
-<literal>daemon:x:&uid-daemon;:&gid-daemon;:/sbin:/bin/false</literal>
-<literal>messagebus:x:&uid-messagebus;:&gid-messagebus;:D-Bus Message Daemon User:/dev/null:/bin/false</literal>
-<literal>nobody:x:&uid-nobody;:&gid-nogroup;:Unprivileged User:/dev/null:/bin/false</literal>
 EOF</userinput></screen>
 
@@ -41 +53 @@
   <variablelist os="c">
   
-    <title>Additional users you may want to add if not already included:</title>
-
+    <title>Additional users you may want to add:</title>
+
+    <varlistentry>
+      <term><literal>bin:x:&uid-bin;:&gid-bin;:bin:/bin:/bin/false</literal></term>
+      <listitem>
+        <para>Can be useful for compatibility with legacy applications.</para>
+      </listitem>
+    </varlistentry>
+    <varlistentry>
+      <term><literal>daemon:x:&uid-daemon;:&gid-daemon;:daemon:/sbin:/bin/false</literal></term>
+      <listitem>
+        <para>It is often recommended to use an unprivileged User ID/Group ID
+        for daemons to run as, in order to limit their access to the system.</para>
+      </listitem>
+    </varlistentry>
     <varlistentry>
       <term><literal>adm:x:&uid-adm;:&gid-adm;:adm:/var/adm:/bin/false</literal></term>
@@ -77 +102 @@
       <listitem>
         <para>Generally used as an account that receives all the information of troubles with the mail server</para>
+      </listitem>
+    </varlistentry>
+    <varlistentry>
+      <term><literal>nobody:x:&uid-nobody;:&gid-nobody;:nobody:/:/bin/false</literal></term>
+      <listitem>
+        <para>Used by NFS</para>
       </listitem>
     </varlistentry>
@@ -100 +131 @@
 utmp:x:&gid-utmp;:
 usb:x:&gid-usb;:
-cdrom:x:&gid-cdrom;:
-adm:x:&gid-adm;:
-messagebus:x:&gid-messagebus;:
-systemd-journal:x:&gid-systemd-journal;:
-mail:x:&gid-mail;:
-wheel:x:&gid-wheel;:
-nogroup:x:&gid-nogroup;:</literal>
+cdrom:x:&gid-cdrom;:</literal>
 EOF</userinput></screen>
 
   <variablelist os="d">
 
-    <title>Additional groups you may want to add if not already included:</title>
-
+    <title>Additional groups you may want to add</title>
+
+    <varlistentry>
+      <term><literal>adm:x:&gid-adm;:root,adm,daemon</literal></term>
+      <listitem>
+        <para>All users in this group are allowed to do administrative tasks</para>
+      </listitem>
+    </varlistentry>
     <varlistentry>
       <term><literal>console:x:&gid-console;:</literal></term>
@@ -126 +157 @@
     </varlistentry>
     <varlistentry>
+      <term><literal>mail:x:&gid-mail;:mail</literal></term>
+      <listitem>
+        <para>Used by MTAs (Mail Transport Agents)</para>
+      </listitem>
+    </varlistentry>
+    <varlistentry>
       <term><literal>news:x:&gid-news;:news</literal></term>
       <listitem>
@@ -138 +175 @@
     </varlistentry>
     <varlistentry>
-      <term><literal>nobody:x:&gid-nogroup;:</literal></term>
+      <term><literal>nogroup:x:&gid-nogroup;:</literal></term>
+      <listitem>
+        <para>This is a default group used by some programs that do not
+        require a group</para>
+      </listitem>
+    </varlistentry>
+    <varlistentry>
+      <term><literal>nobody:x:&gid-nobody;:</literal></term>
       <listitem>
         <para>This is used by NFS</para>
@@ -146 +190 @@
 
   <para os="e">The created groups are not part of any standard&mdash;they are
-  groups decided on in part by the requirements of the Systemd configuration
+  groups decided on in part by the requirements of the Eudev configuration
   in the final system, and in part by common convention employed by a
   number of existing Linux distributions. The Linux Standard Base (LSB,
@@ -156 +200 @@
   group's name.</para>
 
+  <para os="f">The <command>login</command>, <command>agetty</command>, and
+  <command>init</command> programs (and others) use a number of log
+  files to record information such as who was logged into the system and
+  when. However, these programs will not write to the log files if they
+  do not already exist. Initialize the log files and give them
+  proper permissions:</para>
+
+<screen><userinput>touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp}
+chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog
+chmod -v 600 ${CLFS}/var/log/btmp</userinput></screen>
+
+  <para>The <filename>/var/run/utmp</filename> file records the users
+  that are currently logged in. The <filename>/var/log/wtmp</filename>
+  file records all logins and logouts. The
+  <filename>/var/log/lastlog</filename> file records when
+  each user last logged in. The <filename>/var/log/btmp</filename> file
+  records the bad login attempts.</para>
+
 </sect1>