| 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
|---|
| 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
|
|---|
| 3 | <!ENTITY % general-entities SYSTEM "../general.ent">
|
|---|
| 4 | %general-entities;
|
|---|
| 5 | ]>
|
|---|
| 6 | <sect1 id="ch-system-pwdgroup">
|
|---|
| 7 | <title>Creating the passwd, group, and log Files</title>
|
|---|
| 8 | <?dbhtml filename="pwdgroup.html"?>
|
|---|
| 9 |
|
|---|
| 10 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/etc/passwd">/etc/passwd</primary></indexterm>
|
|---|
| 11 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/etc/group">/etc/group</primary></indexterm>
|
|---|
| 12 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/var/run/utmp">/var/run/utmp</primary></indexterm>
|
|---|
| 13 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/var/log/btmp">/var/log/btmp</primary></indexterm>
|
|---|
| 14 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary></indexterm>
|
|---|
| 15 | <indexterm zone="ch-system-pwdgroup"><primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary></indexterm>
|
|---|
| 16 |
|
|---|
| 17 | <para>In order for user <emphasis>root</emphasis> to be able to login
|
|---|
| 18 | and for the name <quote>root</quote> to be recognized, there need to
|
|---|
| 19 | be relevant entries in the <filename>/etc/passwd</filename> and
|
|---|
| 20 | <filename>/etc/group</filename> files.</para>
|
|---|
| 21 |
|
|---|
| 22 | <para>Create the <filename>/etc/passwd</filename> file by running the following
|
|---|
| 23 | command:</para>
|
|---|
| 24 |
|
|---|
| 25 | <screen><userinput>cat > /etc/passwd << "EOF"
|
|---|
| 26 | <literal>root:x:0:0:root:/root:/bin/bash
|
|---|
| 27 | nobody:x:65534:65534:Nobody:/:/sbin/nologin</literal>
|
|---|
| 28 | EOF</userinput></screen>
|
|---|
| 29 |
|
|---|
| 30 | <para>The actual password for <emphasis>root</emphasis> (the <quote>x</quote>
|
|---|
| 31 | used here is just a placeholder) will be set later.</para>
|
|---|
| 32 |
|
|---|
| 33 | <para>Create the <filename>/etc/group</filename> file by running the following
|
|---|
| 34 | command:</para>
|
|---|
| 35 |
|
|---|
| 36 | <screen><userinput>cat > /etc/group << "EOF"
|
|---|
| 37 | <literal>root:x:0:
|
|---|
| 38 | console:x:1:
|
|---|
| 39 | tty:x:2:
|
|---|
| 40 | kmem:x:3:
|
|---|
| 41 | disk:x:4:
|
|---|
| 42 | utmp:x:5:
|
|---|
| 43 | nogroup:x:65534:</literal>
|
|---|
| 44 | EOF</userinput></screen>
|
|---|
| 45 |
|
|---|
| 46 | <para>The created groups are not part of any standard—they are some
|
|---|
| 47 | of the groups that the Udev configuration will be using in the next
|
|---|
| 48 | section. The Linux Standard Base (LSB, available at <ulink
|
|---|
| 49 | url="http://www.linuxbase.org"/>) recommends only that, besides the
|
|---|
| 50 | group <quote>root</quote> with a Group ID (GID) of 0, a group
|
|---|
| 51 | <quote>bin</quote> with a GID of 1 be present. All other group names
|
|---|
| 52 | and GIDs can be chosen freely by the system administrator since
|
|---|
| 53 | well-written packages do not depend on GID numbers, but rather use the
|
|---|
| 54 | group's name.</para>
|
|---|
| 55 |
|
|---|
| 56 |
|
|---|
| 57 | <para>To remove the <quote>I have no name!</quote> prompt, start a new
|
|---|
| 58 | shell. Since a full Glibc was installed in <xref
|
|---|
| 59 | linkend="chapter-temporary-tools"/> and the
|
|---|
| 60 | <filename>/etc/passwd</filename> and <filename>/etc/group</filename>
|
|---|
| 61 | files have been created, user name and group name resolution will now
|
|---|
| 62 | work.</para>
|
|---|
| 63 |
|
|---|
| 64 | <screen><userinput>exec /tools/bin/bash --login +h</userinput></screen>
|
|---|
| 65 |
|
|---|
| 66 | <para>Note the use of the <parameter>+h</parameter> directive. This
|
|---|
| 67 | tells <command>bash</command> not to use its internal path hashing.
|
|---|
| 68 | Without this directive, <command>bash</command> would remember the
|
|---|
| 69 | paths to binaries it has executed. In order to use the newly compiled
|
|---|
| 70 | binaries as soon as they are installed, turn off this function for the
|
|---|
| 71 | duration of this chapter.</para>
|
|---|
| 72 |
|
|---|
| 73 | <para>The <command>login</command>, <command>agetty</command>, and
|
|---|
| 74 | <command>init</command> programs (and others) use a number of log
|
|---|
| 75 | files to record information such as who was logged into the system and
|
|---|
| 76 | when. However, these programs will not write to the log files if they
|
|---|
| 77 | do not already exist. Initialize the log files and give them
|
|---|
| 78 | proper permissions:</para>
|
|---|
| 79 |
|
|---|
| 80 | <screen><userinput>touch /var/run/utmp /var/log/{btmp,lastlog,wtmp}
|
|---|
| 81 | chgrp utmp /var/run/utmp /var/log/lastlog
|
|---|
| 82 | chmod 664 /var/run/utmp /var/log/lastlog</userinput></screen>
|
|---|
| 83 |
|
|---|
| 84 | <para>The <filename>/var/run/utmp</filename> file records the users
|
|---|
| 85 | that are currently logged in. The <filename>/var/log/wtmp</filename>
|
|---|
| 86 | file records all logins and logouts. The
|
|---|
| 87 | <filename>/var/log/lastlog</filename> file records when
|
|---|
| 88 | each user last logged in. The <filename>/var/log/btmp</filename> file
|
|---|
| 89 | records the bad login attempts.</para>
|
|---|
| 90 |
|
|---|
| 91 | </sect1>
|
|---|
| 92 |
|
|---|
