In order for user root
to be able to
login and for the name “root”
to be recognized, there must be relevant entries in the /etc/passwd
and /etc/group
files.
Create the /etc/passwd
file by running
the following command:
cat > ${CLFS}/etc/passwd << "EOF"
root::0:0:root:/root:/bin/bash
EOF
The actual password for root
(the
“::” used here is just a
placeholder and allow you to login with no password) will be set
later.
Additional users you may want to add:
bin:x:1:1:bin:/bin:/bin/false
Can be useful for compatibility with legacy applications.
daemon:x:2:2:daemon:/sbin:/bin/false
It is often recommended to use an unprivileged User ID/Group ID for daemons in order to limit their access to the system.
adm:x:3:16:adm:/var/adm:/bin/false
Was used for programs that performed administrative tasks.
lp:x:10:9:lp:/var/spool/lp:/bin/false
Used by programs for printing.
mail:x:30:30:mail:/var/mail:/bin/false
Often used by email programs.
news:x:31:31:news:/var/spool/news:/bin/false
Often used for network news servers.
operator:x:50:0:operator:/root:/bin/bash
Often used to allow system operators to access the system.
postmaster:x:51:30:postmaster:/var/spool/mail:/bin/false
Generally used as an account that receives all the information of troubles with the mail server.
nobody:x:65534:65534:nobody:/:/bin/false
Used by NFS.
Create the /etc/group
file by running
the following command:
cat > ${CLFS}/etc/group << "EOF"
root:x:0:
bin:x:1:
sys:x:2:
kmem:x:3:
tty:x:4:
tape:x:5:
daemon:x:6:
floppy:x:7:
disk:x:8:
lp:x:9:
dialout:x:10:
audio:x:11:
video:x:12:
utmp:x:13:
usb:x:14:
cdrom:x:15:
EOF
Additional groups you may want to add
adm:x:16:root,adm,daemon
All users in this group are allowed to do administrative tasks
console:x:17:
This group has direct access to the console
cdrw:x:18:
This group is allowed to use the CDRW drive
mail:x:30:mail
Used by MTAs (Mail Transport Agents)
news:x:31:news
Used by Network News Servers
users:x:1000:
The default GID used by shadow for new users
nogroup:x:65533:
This is a default group used by some programs that do not require a group
nobody:x:65534:
This is used by NFS
The created groups are not part of any standard—they are groups
decided on in part by the requirements of the Udev configuration in
this chapter, and in part by common convention employed by a number
of existing Linux distributions. The Linux Standard Base (LSB,
available at http://www.linuxbase.org) recommends
only that, besides the group root
with a Group ID (GID) of 0, a group bin
with a GID of 1 be present. All other group
names and GIDs can be chosen freely by the system administrator since
well-written programs do not depend on GID numbers, but rather use
the group's name.
The login, agetty, and init programs (and others) use a number of log files to record information such as who was logged into the system and when. However, these programs will not write to the log files if they do not already exist. Initialize the log files and give them proper permissions:
touch ${CLFS}/var/run/utmp ${CLFS}/var/log/{btmp,lastlog,wtmp} chmod -v 664 ${CLFS}/var/run/utmp ${CLFS}/var/log/lastlog chmod -v 600 ${CLFS}/var/log/btmp
The /var/run/utmp
file records the
users that are currently logged in. The /var/log/wtmp
file records all logins and logouts.
The /var/log/lastlog
file records when
each user last logged in. The /var/log/btmp
file records the bad login attempts.