diff options
Diffstat (limited to 'chapter_08.xml')
| -rw-r--r-- | chapter_08.xml | 263 |
1 files changed, 19 insertions, 244 deletions
diff --git a/chapter_08.xml b/chapter_08.xml index a2bb4e9..1ba3035 100644 --- a/chapter_08.xml +++ b/chapter_08.xml @@ -3,268 +3,43 @@ "/usr/share/xml/docbook/xml-dtd-4.5/docbookx.dtd"> <chapter> -<title>Users and Groups</title> +<title>Printing</title> <section> -<title>What Are Users and Groups?</title> +<title>Choosing A Printer</title> <para> -Slackware Linux inherits a strong multi-user tradition from its UNIX -inspiration. This means that multiple people may use the system at -once, but it also means that each of these people may have different -permissions. This allows users to prevent others from modifying their -files, or lets system administrators explicitly define what users can -and cannot do on the system. Moreover, users need not be actual people -at all. In fact, Slackware includes several dozen pre-defined user -and group accounts that are not typically used by regular users. Rather -these accounts allow the system administrator to segment the system for -security reasons. We'll see how that's done in the next chapter on -filesystem permissions. +Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do +eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad +minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip +ex ea commodo consequat. Duis aute irure dolor in reprehenderit in +voluptate velit esse cillum dolore eu fugiat nulla pariatur. </para> </section> <section> -<title>Managing Users and Groups</title> +<title>Setting Up a Printer in CUPS</title> <para> -The easiest way to add new users in Slackware is through the use of our -very fine <application>adduser</application> shell script. -<application>adduser</application> will prompt you to enter the details -of the new user you wish to creature and step you through the process -quickly and easily. It will even create a password for the new user. -</para> - -<screen><prompt>darkstar:~# </prompt><userinput>adduser</userinput> - -Login name for new user []: <userinput>david</userinput> - -User ID ('UID') [ defaults to next available ]: - -Initial group [ users ]: -Additional UNIX groups: - -Users can belong to additional UNIX groups on the system. -For local users using graphical desktop login managers such -as XDM/KDM, users may need to be members of additional groups -to access the full functionality of removable media devices. - -* Security implications * -Please be aware that by adding users to additional groups may -potentially give access to the removable media of other users. - -If you are creating a new user for remote shell access only, -users do not need to belong to any additional groups as standard, -so you may press ENTER at the next prompt. - -Press ENTER to continue without adding any additional groups -Or press the UP arrow to add/select/edit additional groups -: <userinput>audio cdrom floppy plugdev video</userinput> - -Home directory [ /home/david ] - -Shell [ /bin/bash ] - -Expiry date (YYYY-MM-DD) []: - -New account will be created as follows: - ---------------------------------------- -Login name.......: david -UID..............: [ Next available ] -Initial group....: users -Additional groups: audio,cdrom,floppy,plugdev,video -Home directory...: /home/david -Shell............: /bin/bash -Expiry date......: [ Never ] - -This is it... if you want to bail out, hit Control-C. Otherwise, press -ENTER to go ahead and make the account. - - -Creating new account... - - -Changing the user information for david -Enter the new value, or press ENTER for the default - Full Name []: - Room Number []: - Work Phone []: - Home Phone []: - Other []: -Changing password for david -Enter the new password (minimum of 5, maximum of 127 characters) -Please use a combination of upper and lower case letters and numbers. -New password: -Re-enter new password: -Password changed. - - -Account setup complete. -</screen> - -<para> -The addition of optional groups needs a little explaining. Every user -in Slackware has a single group that it is always a member of. By -default, this is the "users" group. However, users can belong to more -than one group at a time and will inherit all the permissions of every -group they belong to. Typical desktop users will need to add several -group memberships in order to do things like play sound or access -removeable media like cdroms or USB flash drives. You can simply press -the up arrow key at this section and a list of default groups for -desktop users will magically appear. You can of course, add to or -remove groups from this listing. -</para> - -<para> -Now that we've demonstrated how to use the interactive -<application>adduser</application> program, lets look at some powerful -non-interactive tools that you may wish to use. The first is -<application>useradd</application>(8). -<application>useradd</application> is a little less friendly, but much -faster for creating users in batches. This makes it ideal for use in -shell scripts. In fact, <application>adduser</application> is just such -a shell script and uses <application>useradd</application> for most of -the heavy lifting. <application>useradd</application> has many options -and we can't explain them all here, so refer to its man page for the -complete details. Now, let's make a new user. -</para> - -<screen><prompt>darkstar:~# </prompt><userinput>useradd -d /data/home/alan -s /bin/bash -g users -G audio,cdrom,floppy,plugdev,video alan</userinput> -</screen> - -<para> -Here I have added the user "alan". I specified the user's home -directory as <filename>/data/home/alan</filename> and used -<application>bash</application> as my shell. Also, I specified my -default group as "users" and added myself to a number of useful groups -for dekstop use. You'll note that <application>useradd</application> -does not do any prompting like <application>adduser</application>. -Unless you want to accept the defaults for everything, you'll need to -tell <application>useradd</application> what to do. -</para> - -<para> -Now that we know how to add users, we should learn how to add groups. -As you might have guessed, the command for doing this is -<application>groupadd</application>(8). -<application>groupadd</application> works in the same way as -<application>useradd</application>, but with far fewer options. The -following command adds the group "slackers" to the system. -</para> - -<screen><prompt>darkstar:~# </prompt><userinput>groupadd slackers</userinput> -</screen> - -<para> -Deleting users and groups is easy as well. Simply run the -<application>userdel</application>(8) and -<application>groupdel</application>(8) commands. By default, -<application>userdel</application> will leave the user's home directory -on the system. You can remove this with the <arg>-r</arg> argument. +Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do +eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad +minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip +ex ea commodo consequat. Duis aute irure dolor in reprehenderit in +voluptate velit esse cillum dolore eu fugiat nulla pariatur. </para> </section> <section> -<title>Other User and Group Tools</title> - -<para> -Several other tools exist for managing users and groups. Perhaps the -most important one is <application>passwd</application>(1). This -command changes a user account's password. Normal users may change -their own passwords only, but root can change anyone's password. Also, -root can lock a user account with the <arg>-l</arg> argument. This -doesn't actually shutout the account, but instead changes the user's -encrypted password to a value that can't be matched. -</para> - -<para> -Another useful tool is <application>chsh</application>(1) which changes a -user's default shell. Like <application>passwd</application>, normal -users can only change their own shell, but the root user can change -anyone's. -</para> - -<para> -The last tool we're going to discuss is -<application>chfn</application>(1). This is used to enter identifying -information on the user such as his phone number and real name. This -information is stored in the <filename>passwd</filename>(5) file and -retrieved using <application>finger</application>(1). -</para> - -</section> - -<section> -<title>Managing Users and Groups Manually</title> - -<para> -Like most things in Slackware Linux, users and groups are stored in -plain-text files. This means that you can edit all the details of a -user, or even create a new user or group simply by editing these files -and doing a few other tasks like creating the user's home directory. Of -course, after you see how this is done you'll appreciate just how -simple the included tools make this task. -</para> - -<para> -Our first stop is the <filename>/etc/passwd</filename> file. Here, all -the information about a user is stored, except for (oddly enough) the -user's password. The reason for this is rather simple. -<filename>/etc/passwd</filename> must be readable by all users on the -system, so you wouldn't want passwords stored there, even if they are -encrypted. Let's take a quick look at my entry in this file. -</para> - -<screen> -alan:x:1000:100:,,,:/home/alan:/bin/bash -</screen> - -<para> -Each line in this file contains a number of fields seperated by a -colon. They are, from left to right: username, password, UID, GUID, a -comment field, home directory, and shell. You'll notice that the -password field for every entry is an <keycap>x</keycap>. That is -because Slackware uses shadow passwords, so the actual encrypted -password is stored in <filename>/etc/shadow</filename>. Let's take a -look there. -</para> - -<screen> -alan:$1$HlR?M3fkL@oeJmsdLfhsLFM*4dflPh8:14197:0:99999:7::: -</screen> - -<para> -The <filename>shadow</filename> file contains more than just the -encrypted password as you'll notice. The fields here, again from left -to right, are: username, encrypted password, last day the password was -changed, days before the password may be changed again, how many days -before the password expires, days that the account will be disabled -after expiring, when the account was disabled, and a reserved field. -You may notice on some accounts that the various "days" fields often -include very large numbers. The reason for this is that Slackware -counts time from the "Epoch" which is January 1, 1970 for historical -reasons. -</para> - -<para> -To create a new user account, you'll just need to open these files -using <application>vipw</application>(8). This will open -<filename>/etc/passwd</filename> in the editor -defined by your VISUAL variable or your EDITOR variable if VISUAL isn't -defined. If neither is present, it will fall back to -<application>vi</application> by default. If you pass the <arg>-s</arg> -argument, it will open <filename>/etc/shadow</filename> instead. It's -important to use <application>vipw</application> instead of using any -other editor, because <application>vipw</application> will lock the -file and prevent other programs from editing it right underneath your feet. -</para> +<title>Commandline Printing Tools</title> <para> -That isn't all you'll need to do however; you must also create the -user's home directory and change the user's password using -<application>passwd</application>. +Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do +eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad +minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip +ex ea commodo consequat. Duis aute irure dolor in reprehenderit in +voluptate velit esse cillum dolore eu fugiat nulla pariatur. </para> </section> |