diff options
Diffstat (limited to 'chapter06/createfiles.xml')
| -rw-r--r-- | chapter06/createfiles.xml | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/chapter06/createfiles.xml b/chapter06/createfiles.xml new file mode 100644 index 000000000..aed8d79da --- /dev/null +++ b/chapter06/createfiles.xml @@ -0,0 +1,204 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" + "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ + <!ENTITY % general-entities SYSTEM "../general.ent"> + %general-entities; +]> + +<sect1 id="ch-tools-createfiles"> + <?dbhtml filename="createfiles.html"?> + + <title>Creating Essential Files and Symlinks</title> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/etc/passwd">/etc/passwd</primary> + </indexterm> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/etc/group">/etc/group</primary> + </indexterm> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/var/run/utmp">/var/run/utmp</primary> + </indexterm> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/var/log/btmp">/var/log/btmp</primary> + </indexterm> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/var/log/lastlog">/var/log/lastlog</primary> + </indexterm> + + <indexterm zone="ch-tools-createfiles"> + <primary sortas="e-/var/log/wtmp">/var/log/wtmp</primary> + </indexterm> + + <para>Historically, Linux maintains a list of the mounted file systems in the + file <filename>/etc/mtab</filename>. Modern kernels maintain this list + internally and exposes it to the user via the <filename + class="directory">/proc</filename> filesystem. To satisfy utilities that + expect the presence of <filename>/etc/mtab</filename>, create the following + symbolic link:</para> + +<screen><userinput>ln -sv /proc/self/mounts /etc/mtab</userinput></screen> + + <para>In order for user <systemitem class="username">root</systemitem> to be + able to login and for the name <quote>root</quote> to be recognized, there + must be relevant entries in the <filename>/etc/passwd</filename> and + <filename>/etc/group</filename> files.</para> + + <para>Create the <filename>/etc/passwd</filename> file by running the following + command:</para> + +<screen revision="sysv"><userinput>cat > /etc/passwd << "EOF" +<literal>root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/dev/null:/bin/false +daemon:x:6:6:Daemon User:/dev/null:/bin/false +messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false +nobody:x:99:99:Unprivileged User:/dev/null:/bin/false</literal> +EOF</userinput></screen> + +<screen revision="systemd"><userinput>cat > /etc/passwd << "EOF" +<literal>root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/dev/null:/bin/false +daemon:x:6:6:Daemon User:/dev/null:/bin/false +messagebus:x:18:18:D-Bus Message Daemon User:/var/run/dbus:/bin/false +systemd-bus-proxy:x:72:72:systemd Bus Proxy:/:/bin/false +systemd-journal-gateway:x:73:73:systemd Journal Gateway:/:/bin/false +systemd-journal-remote:x:74:74:systemd Journal Remote:/:/bin/false +systemd-journal-upload:x:75:75:systemd Journal Upload:/:/bin/false +systemd-network:x:76:76:systemd Network Management:/:/bin/false +systemd-resolve:x:77:77:systemd Resolver:/:/bin/false +systemd-timesync:x:78:78:systemd Time Synchronization:/:/bin/false +systemd-coredump:x:79:79:systemd Core Dumper:/:/bin/false +nobody:x:99:99:Unprivileged User:/dev/null:/bin/false</literal> +EOF</userinput></screen> + + <para>The actual password for <systemitem class="username">root</systemitem> + (the <quote>x</quote> used here is just a placeholder) will be set later.</para> + + <para>Create the <filename>/etc/group</filename> file by running the following + command:</para> + +<screen revision="sysv"><userinput>cat > /etc/group << "EOF" +<literal>root:x:0: +bin:x:1:daemon +sys:x:2: +kmem:x:3: +tape:x:4: +tty:x:5: +daemon:x:6: +floppy:x:7: +disk:x:8: +lp:x:9: +dialout:x:10: +audio:x:11: +video:x:12: +utmp:x:13: +usb:x:14: +cdrom:x:15: +adm:x:16: +messagebus:x:18: +input:x:24: +mail:x:34: +kvm:x:61: +wheel:x:97: +nogroup:x:99: +users:x:999:</literal> +EOF</userinput></screen> + +<screen revision="systemd"><userinput>cat > /etc/group << "EOF" +<literal>root:x:0: +bin:x:1:daemon +sys:x:2: +kmem:x:3: +tape:x:4: +tty:x:5: +daemon:x:6: +floppy:x:7: +disk:x:8: +lp:x:9: +dialout:x:10: +audio:x:11: +video:x:12: +utmp:x:13: +usb:x:14: +cdrom:x:15: +adm:x:16: +messagebus:x:18: +systemd-journal:x:23: +input:x:24: +mail:x:34: +kvm:x:61: +systemd-bus-proxy:x:72: +systemd-journal-gateway:x:73: +systemd-journal-remote:x:74: +systemd-journal-upload:x:75: +systemd-network:x:76: +systemd-resolve:x:77: +systemd-timesync:x:78: +systemd-coredump:x:79: +wheel:x:97: +nogroup:x:99: +users:x:999:</literal> +EOF</userinput></screen> + + <para>The created groups are not part of any standard—they are groups + decided on in part by the requirements of the Udev configuration in the next + chapter, and in part by common convention employed by a number of existing + Linux distributions. In addition, some test suites rely on specific users + or groups. The Linux Standard Base (LSB, available at <ulink + url="http://www.linuxbase.org"/>) recommends only that, besides the group + <systemitem class="groupname">root</systemitem> with a Group ID (GID) of 0, + a group <systemitem class="groupname">bin</systemitem> with a GID of 1 be + present. All other group names and GIDs can be chosen freely by the system + administrator since well-written programs do not depend on GID numbers, but + rather use the group's name.</para> + + <para>Some tests in <xref linkend="chapter-building-system"/> need a regular + user. We add this user here and delete this account at the end of that + chapter.</para> + +<screen><userinput>echo "tester:x:$(ls -n $(tty) | cut -d" " -f3):101::/home/tester:/bin/bash" >> /etc/passwd +echo "tester:x:101:" >> /etc/group +install -o tester -d /home/tester</userinput></screen> + + <para>To remove the <quote>I have no name!</quote> prompt, start a new + shell. Since the + <filename>/etc/passwd</filename> and <filename>/etc/group</filename> + files have been created, user name and group name resolution will now + work:</para> + +<screen role="nodump"><userinput>exec /bin/bash --login +h</userinput></screen> + + <para>Note the use of the <parameter>+h</parameter> directive. This tells + <command>bash</command> not to use its internal path hashing. Without this + directive, <command>bash</command> would remember the paths to binaries it has + executed. To ensure the use of the newly compiled binaries as soon as they are + installed, the <parameter>+h</parameter> directive will be used for the duration + of this chapter.</para> + + <para>The <command>login</command>, <command>agetty</command>, and + <command>init</command> programs (and others) use a number of log + files to record information such as who was logged into the system and + when. However, these programs will not write to the log files if they + do not already exist. Initialize the log files and give them + proper permissions:</para> + +<screen><userinput>touch /var/log/{btmp,lastlog,faillog,wtmp} +chgrp -v utmp /var/log/lastlog +chmod -v 664 /var/log/lastlog +chmod -v 600 /var/log/btmp</userinput></screen> + + <para>The <filename>/var/log/wtmp</filename> file records all logins and + logouts. The <filename>/var/log/lastlog</filename> file records when each + user last logged in. The <filename>/var/log/faillog</filename> file records + failed login attempts. The <filename>/var/log/btmp</filename> file records + the bad login attempts.</para> + + <note><para>The <filename>/run/utmp</filename> file records the users that + are currently logged in. This file is created dynamically in the boot + scripts.</para></note> + +</sect1> |