Working As root

Previous page
Table of content
Next page
 < Day Day Up > 

Working As root

The root, or superuser account, is a special account and user on Unix and Linux systems. Superuser permissions are required in part because of the restrictive file permissions assigned to important system configuration files. You will need root permission in order to edit these files or to access or modify certain devices (such as hard drives). When logged in as root, you have total control over your system, which can be dangerous.

When you work in root, you have the ability to destroy a running system with a simple invocation of the rm command like this:

 # rm -fr /

This command line will not only delete files and directories, but also could wipe out file systems on other partitions and even remote computers. This alone is reason enough to take precautions when using root access.

The only time you should run Linux as the superuser is when booting to runlevel 1, or system maintenance mode, to configure the filesystem, for example, or to repair or maintain the system. Logging in and using Linux as the root operator isn't a good idea because it defeats the entire concept of file permissions.

Knowing how to run commands as root without logging in as root can help avoid serious missteps when configuring your system. Linux comes with a command named su that allows you to run one or more commands as root and then quickly return you to normal user status. For example, if you would like to edit your system's filesystem table (a simple text file that describes local or remote storage devices, their type, and location), you can use the su command like this:

 $ su -c "nano -w /etc/fstab" Password:

After you press Enter, you will be prompted for a password that gives you access to root. This extra step can also help you "think before you leap" into the command. Enter the root password, and you will then be editing /etc/fstab using the nano editor with line wrapping disabled.

CAUTION

Before editing any important system or software service configuration file, make a backup copy. Then make sure to launch your text editor with line wrapping disabled. If you edit a configuration file without disabling line wrapping, you could insert spurious carriage returns and line feeds into its contents, causing the configured service to fail when restarting. By convention, nearly all configuration files are formatted for 80-character text width, but this is not always the case. By default, the vi and emacs editors don't use line wrap.


You can use sudo to assign specific users permission to perform specific tasks (similar to BSD Unix and its "wheel" group of users) . The sudo command works by first examining the file named sudoers under the /etc directory; you modify this file with the visudo command. See the section "Granting Root Privileges on Occasion The sudo Command" in Chapter 13, "Managing Users," for details on how to configure and use sudo.

Creating Users

When a Linux system administrator creates a user, an entry in /etc/passwd for the user is created. The system also creates a directory, labeled with the user's username, in the /home directory. For example, if you create a user named bernice, the user's home directory is /home/bernice.

NOTE

In this chapter, you learn how to manage users from the command line. See Chapter 13 for more information on user administration with Fedora using graphical administration utilities, such as the system-config-users client.


Use the useradd command, along with a user's name to quickly create a user:

 # useradd andrew

After creating the user, you must also create the user's initial password with the passwd command:

 # passwd andrew Changing password for user andrew. New password: Retype new password: passwd: all authentication tokens updated successfully.

Enter the new password twice. If you do not create an initial password for a new user, the user won't be able to log in.

You can view useradd's default new user settings by using the command and its -D option like this:

 # useradd -D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel

These options display the default group ID, home directory, account and password policy (active forever with no password expiration), the default shell, and the directory containing defaults for the shell.

The useradd command has many different command-line options. The command can be used to set policies and dates for the new user's password, assign a login shell, assign group membership, and other aspects of a user's account.

Deleting Users

Use the userdel command to delete users from your system. This command will remove a user's entry in the system's /etc/passwd file. You should also user the command's -r option to remove all the user's files and directories (such as the user's mail spool file under /var/spool/mail):

 # userdel -r winky

If you do not use the -r option, you will have to manually delete the user's directory under /home, along with the user's /var/spool/mail queue.

Shutting Down the System

Use the shutdown command to shut down your system. The shutdown command has a number of different command-line options (such as shutting down at a predetermined time), but the fastest way to cleanly shut down Linux is to use the -h or halt option, followed by the word now or the numeral zero (0), like this:

 # shutdown -h now

or

 # shutdown -h 0

To incorporate a timed shutdown and a pertinent message to all active users, use shutdown's time and message options, like so:

 # shutdown -h 18:30 "System is going down for maintenance this evening"

This example will shut down your system and provide a warning to all active users 15 minutes before the shutdown (or reboot). Shutting down a running server can be considered drastic, especially if there are active users or exchanges of important data occurring (such as a backup in progress). One good approach is to warn users ahead of time. This can be done by editing the system Message of the Day (MOTD) motd file, which displays a message to users after login. To create your custom MOTD, use a text editor and change the contents of /etc/motd. You can also make downtimes part of a regular schedule, perhaps to coincide with security audits, software updates, or hardware maintenance.

You should shut down Fedora only for a few very specific reasons:

  • You are not using the computer and want to conserve electrical power.

  • You need to perform system maintenance that requires any or all system services to be stopped.

  • You want to replace integral hardware.

TIP

Do not shut down your computer if you suspect that one or more intruders has infiltrated your system; instead, disconnect the machine from any or all networks and make a backup copy of your hard drives. You might want to also keep the machine running to examine the contents of memory and to examine system logs. See Chapter 17 and the section "Securing Your Network" on how to protect and monitor a network-connected system.


Rebooting the System

You should also use the shutdown command to reboot your system. The fastest way to cleanly reboot Linux is to use the -r option, and the word now or the numeral zero (0):

 # shutdown -r now

or

 # shutdown -r 0

Rebooting or shutting down can both have dire consequences if performed at the wrong time (such as during backups or critical file transfers, which arouse the ire of your system's users). However, Linux-based operating systems are designed to properly stop active system services in an orderly fashion. Other commands you can use to shut down and reboot Linux are the halt and reboot commands, but the shutdown command is more flexible.

Related Fedora and Linux Commands

The following programs and built-in shell commands are commonly used when working at the command line. These commands are organized by category to help you understand the command's purpose. If you need to find full information for using the command, you can find that information under the command's man page.

Managing users and groups chage, chfn, chsh, edquota, gpasswd, groupadd, groupdel, groupmod, groups, mkpasswd, newgrp, newusers, passwd, umask, useradd, userdel, usermod

Managing files and filesystems cat, cd, chattr, chmod, chown, compress, cp, dd, fdisk, find, gzip, ln, mkdir, mksfs, mount, mv, rm, rmdir, rpm, sort, swapon, swapoff, tar, touch, umount, uncompress, uniq, unzip, zip

Managing running programs bg, fg, kill, killall, nice, ps, pstree, renice, top, watch

Getting information apropos, cal, cat, cmp, date, diff, df, dir, dmesg, du, env, file, free, grep, head, info, last, less, locate, ls, lsattr, man, more, pinfo, ps, pwd, stat, strings, tac, tail, top, uname, uptime, vdir, vmstat, w, wc, whatis, whereis, which, who, whoami

Console text editors ed, jed, joe, mcedit, nano, red, sed, vim

Console Internet and network commands bing, elm, ftp, host, hostname, ifconfig, links, lynx, mail, mutt, ncftp, netconfig, netstat, pine, ping, pump, rdate, route, scp, sftp, ssh, tcpdump, traceroute, whois, wire-test


     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Red Hat Fedora 4 Unleashed
    Red Hat Fedora 4 Unleashed
    ISBN: 0672327929
    EAN: 2147483647
    Year: 2006
    Pages: 361
    Authors: Paul Hudson, Andrew Hudson, Bill Ball, Hoyt Duff
    BUY ON AMAZON
    Crystal Reports 9 on Oracle (Database Professionals)
    Agile Project Management: Creating Innovative Products (2nd Edition)
    C++ How to Program (5th Edition)
    Mastering Delphi 7
    Microsoft WSH and VBScript Programming for the Absolute Beginner
    Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy