[ab4fdfc] | 1 | <?xml version="1.0" encoding="UTF-8"?>
|
---|
[6732c094] | 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
[f8d632ac] | 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 | ]>
|
---|
| 7 |
|
---|
[0290a023] | 8 | <sect1 id="postlfs-config-skel" xreflabel="Configuring for Adding Users">
|
---|
[991aa6f] | 9 | <?dbhtml filename="skel.html"?>
|
---|
| 10 |
|
---|
| 11 |
|
---|
| 12 | <title>Configuring for Adding Users</title>
|
---|
| 13 |
|
---|
| 14 | <indexterm zone="postlfs-config-skel">
|
---|
| 15 | <primary sortas="e-etc-skel">/etc/skel/*</primary>
|
---|
| 16 | </indexterm>
|
---|
| 17 |
|
---|
| 18 | <indexterm zone="postlfs-config-skel">
|
---|
| 19 | <primary sortas="e-etc-default-useradd">/etc/default/useradd</primary>
|
---|
| 20 | </indexterm>
|
---|
| 21 |
|
---|
[81a73ed8] | 22 | <para>
|
---|
| 23 | Together, the <command>/usr/sbin/useradd</command> command and <filename
|
---|
| 24 | class="directory">/etc/skel</filename> directory (both are easy to
|
---|
| 25 | set up and use) provide a way to assure new users are added to your LFS
|
---|
| 26 | system with the same beginning settings for things such as the
|
---|
| 27 | <envar>PATH</envar>, keyboard processing and other environmental variables.
|
---|
| 28 | Using these two facilities makes it easier to assure this initial state for
|
---|
| 29 | each new user added to the system.
|
---|
| 30 | </para>
|
---|
| 31 |
|
---|
| 32 | <para>
|
---|
| 33 | The <filename class="directory">/etc/skel</filename> directory holds
|
---|
| 34 | copies of various initialization and other files that may be copied to the
|
---|
| 35 | new user's home directory when the <command>/usr/sbin/useradd</command>
|
---|
| 36 | program adds the new user.
|
---|
| 37 | </para>
|
---|
[991aa6f] | 38 |
|
---|
[cabf0e8] | 39 | <bridgehead renderas="sect5">Useradd</bridgehead>
|
---|
[991aa6f] | 40 |
|
---|
[81a73ed8] | 41 | <para>
|
---|
| 42 | The <command>useradd</command> program uses a collection of default
|
---|
| 43 | values kept in <filename>/etc/default/useradd</filename>. This file
|
---|
| 44 | is created in a base LFS installation by the
|
---|
| 45 | <application>Shadow</application> package. If it has been removed or
|
---|
| 46 | renamed, the <command>useradd</command> program uses some internal
|
---|
| 47 | defaults. You can see the default values by running
|
---|
| 48 | <command>/usr/sbin/useradd -D</command>.
|
---|
| 49 | </para>
|
---|
| 50 |
|
---|
| 51 | <para>
|
---|
| 52 | To change these values, simply modify the
|
---|
| 53 | <filename>/etc/default/useradd</filename> file as the
|
---|
| 54 | <systemitem class='username'>root</systemitem> user. An alternative to
|
---|
| 55 | directly modifying the file is to run <command>useradd</command> as the
|
---|
| 56 | <systemitem class='username'>root</systemitem> user while supplying the
|
---|
| 57 | desired modifications on the command line. Information on how to do this
|
---|
| 58 | can be found in the <command>useradd</command> man page.
|
---|
| 59 | </para>
|
---|
[991aa6f] | 60 |
|
---|
| 61 | <bridgehead renderas="sect5">/etc/skel</bridgehead>
|
---|
| 62 |
|
---|
[81a73ed8] | 63 | <para>
|
---|
| 64 | To get started, create an
|
---|
| 65 | <filename class="directory">/etc/skel</filename> directory and make sure it
|
---|
| 66 | is writable only by the system administrator, usually
|
---|
| 67 | <systemitem class="username">root</systemitem>. Creating the directory as
|
---|
| 68 | <systemitem class="username">root</systemitem> is the best way to go.
|
---|
| 69 | </para>
|
---|
| 70 |
|
---|
| 71 | <para>
|
---|
| 72 | The mode of any files from this part of the book that you put in <filename
|
---|
| 73 | class="directory">/etc/skel</filename> should be writable only by the
|
---|
| 74 | owner. Also, since there is no telling what kind of sensitive information
|
---|
| 75 | a user may eventually place in their copy of these files, you should
|
---|
| 76 | make them unreadable by "group" and "other".
|
---|
| 77 | </para>
|
---|
| 78 |
|
---|
| 79 | <para>
|
---|
| 80 | You can also put other files in
|
---|
| 81 | <filename class="directory">/etc/skel</filename> and
|
---|
| 82 | different permissions may be needed for them.
|
---|
| 83 | </para>
|
---|
| 84 |
|
---|
| 85 | <para>
|
---|
| 86 | Decide which initialization files should be provided in every (or most)
|
---|
| 87 | new user's home directory. The decisions you make will affect what you
|
---|
| 88 | do in the next two sections, <xref linkend="postlfs-config-profile"/> and
|
---|
| 89 | <xref linkend="postlfs-config-vimrc"/>. Some or all of those files will be
|
---|
| 90 | useful for <systemitem class="username">root</systemitem>, any
|
---|
| 91 | already-existing users, and new users.
|
---|
| 92 | </para>
|
---|
| 93 |
|
---|
| 94 | <para>
|
---|
| 95 | The files from those sections that you might want to place in
|
---|
| 96 | <filename class="directory">/etc/skel</filename> include
|
---|
| 97 | <filename>.inputrc</filename>, <filename>.bash_profile</filename>,
|
---|
| 98 | <filename>.bashrc</filename>, <filename>.bash_logout</filename>,
|
---|
| 99 | <filename>.dircolors</filename>, and <filename>.vimrc</filename>. If
|
---|
| 100 | you are unsure which of these should be placed there, just continue to
|
---|
| 101 | the following sections, read each section and any references provided,
|
---|
| 102 | and then make your decision.
|
---|
| 103 | </para>
|
---|
| 104 |
|
---|
| 105 | <para>
|
---|
| 106 | You will run a slightly modified set of commands for files which are
|
---|
| 107 | placed in <filename class="directory">/etc/skel</filename>. Each section
|
---|
| 108 | will remind you of this. In brief, the book's commands have been written
|
---|
| 109 | for files <emphasis>not</emphasis> added to <filename class="directory">
|
---|
| 110 | /etc/skel</filename> and instead just sends the results to the user's
|
---|
| 111 | home directory. If the file is going to be in <filename class="directory">
|
---|
| 112 | /etc/skel</filename>, change the book's command(s) to send output there
|
---|
| 113 | instead and then just copy the file from <filename class="directory">
|
---|
| 114 | /etc/skel</filename> to the appropriate directories, like <filename
|
---|
| 115 | class="directory">/etc</filename>, <filename class="directory">~
|
---|
| 116 | </filename> or the home directory of any other user already in the system.
|
---|
| 117 | </para>
|
---|
[991aa6f] | 118 |
|
---|
| 119 | <bridgehead renderas="sect5">When Adding a User</bridgehead>
|
---|
| 120 |
|
---|
[81a73ed8] | 121 | <para>
|
---|
| 122 | When adding a new user with <command>useradd</command>, use
|
---|
| 123 | the <option>-m</option> parameter, which tells
|
---|
| 124 | <command>useradd</command> to create the user's home directory and
|
---|
| 125 | copy files from <filename class="directory">/etc/skel</filename> (can be
|
---|
| 126 | overridden) to the new user's home directory. For example (perform as the
|
---|
| 127 | <systemitem class="username">root</systemitem> user):
|
---|
| 128 | </para>
|
---|
[991aa6f] | 129 |
|
---|
[3597eb6] | 130 | <screen role="root"><userinput>useradd -m <replaceable><newuser></replaceable></userinput></screen>
|
---|
[9a67723] | 131 |
|
---|
[b3d9df0] | 132 | <para>
|
---|
| 133 | If you are sharing a <filename class="directory">/home</filename>
|
---|
| 134 | or <filename class="directory">/usr/src</filename> with another
|
---|
| 135 | Linux distro (for example, the host distro used for building LFS), you
|
---|
| 136 | can create a user with the same UID (and, same primary group GID) to
|
---|
| 137 | keep the file ownership consistent across the systems. First, on
|
---|
| 138 | <emphasis>the other distro</emphasis>, get the UID of the user and the
|
---|
| 139 | GID of the user's primary group:
|
---|
| 140 | </para>
|
---|
| 141 |
|
---|
| 142 | <screen role="nodump"><userinput>getent passwd <replaceable><username></replaceable> | cut -d ':' -f 3,4</userinput></screen>
|
---|
| 143 |
|
---|
| 144 | <para>
|
---|
| 145 | The command should output the UID and GID, separated by a colon. Now
|
---|
| 146 | on the BLFS system, create the primary group and the user:
|
---|
| 147 | </para>
|
---|
| 148 |
|
---|
| 149 | <screen role="root"><userinput>groupadd -g <replaceable><GID></replaceable> <replaceable><username></replaceable> &&
|
---|
| 150 | useradd -u <replaceable><UID></replaceable> -g <replaceable><username></replaceable> <replaceable><username></replaceable></userinput></screen>
|
---|
| 151 |
|
---|
[9a67723] | 152 | </sect1>
|
---|