Certification Objective 6.03-Shell Configuration Files


All system-wide shell configuration files are kept in the /etc directory. These files are bashrc, profile, and the scripts in the /etc/profile.d directory. These files and scripts are supplemented by hidden files in each user's home directory, as just described. Let's take a look at these files.

/etc/bashrc

The /etc/bashrc file is used for aliases and functions, on a system-wide basis. Open this file in the text editor of your choice. Read each line in this file. Even if you don't understand the programming commands, you can see that this file sets the following bash shell parameters for each user. For example:

  • It assigns a value of umask, which creates the default permissions for newly created files. It supports one set of permissions for root and system users (with user IDs below 100), and another for regular users. (Officially, RHEL reserves all user IDs above 500 for regular users but that is not reflected in /etc/bashrc.)

  • It assigns a prompt, which is what you see just before the cursor at the command prompt.

  • It includes settings from *.sh files in the /etc/profile.d/ directory.

The settings here are called by the .bashrc file in each user's home directory. The settings are supplemented by the .bash_history and .bash_logout files in each user's home directory.

/etc/profile

The /etc/profile file is used for system-wide environments and startup files. The following is the profile script from my copy of the operating system. The first part of the file sets the PATH for searching for commands, adding more directories using the pathmunge command. (Unless you use the Korn shell, ignore the ksh workaround stanza.) Then it sets the PATH, USER, LOGNAME, MAIL, HOSTNAME, HISTSIZE, and INPUTRC variables and finally runs the scripts in the /etc/profile .d directory. You can check the current value of any of these variables with the echo $variable command.

 # /etc/profile # System wide environment and startup programs, for login setup # Functions and aliases go in /etc/bashrc pathmunge () {   if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then     if [ "$2" = "after" ] ; then        PATH=$PATH:$1     else        PATH=$1:$PATH     fi   fi } # ksh workaround if [ -z "$EUID" -a -x /usr/bin/id ]; then         EUID=`id -u`         UID=`id -ru` fi # Path manipulation if [ `id -u` = 0 ]; then   pathmunge /sbin   pathmunge /usr/sbin   pathmunge /usr/local/sbin fi # No core files by default ulimit -S -c 0 > /dev/null 2>&1 if [ -x /usr/bin/id ]; then    USER="`id -un`"    LOGNAME=$USER    MAIL="/var/spool/mail/$USER" fi HOSTNAME=`/bin/hostname` HISTSIZE=1000 if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then     INPUTRC=/etc/inputrc fi export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC for i in /etc/profile.d/*.sh ; do     if [ -r "$i" ]; then      . $i     fi done unset i unset pathmunge 

/etc/profile.d/

Actually, /etc/profile.d is not a script, but a directory of scripts. As I just noted, /etc/profile runs the scripts in this directory. Here is a partial listing of the files; those with .sh extensions apply to the default bash shell:

 colorls.csh            kde.sh                less.sh colorls.sh             krb5-devel.csh        qt.csh cvs.sh                 krb5-devel.sh         qt.sh glib2.csh              krb5-workstation.csh  vim.csh glib2.sh               krb5-workstation.sh   vim.sh gnome-ssh-askpass.csh  lang.csh              which-2.sh gnome-ssh-askpass.sh   lang.sh kde.csh                less.csh 

By looking at the /etc/profile script, you can see that any script in this directory that ends with an .sh and is set as an executable will be run when /etc/profile is executed. Scripts with other extensions, such as .csh, relate to a different command shell.

Exercise 6-2: Securing Your System

image from book

It's important to keep your system as secure as possible. One approach is to change the default permissions users have for new files and directories they make. In this exercise, you'll set all new files and directories to prevent access from other users or groups.

  1. Back up your current /etc/bashrc file. If you want to cancel any changes that you make during this exercise, restore from the backup after the final step.

  2. Edit the /etc/bashrc file. Two lines in the file set the umask. One of the two lines is selected depending on the if statement above them. See if you can determine which line gets executed for an average (nonroot) user.

  3. The if statement tests to see whether the user ID (UID) and group ID (GID) are the same, and that the UID is greater than 99. (On RHEL 5, you can-but don't have to-change this to 499.) If this is true, then the first umask is executed; otherwise, the second is executed. The second umask is for root and other key system accounts. The first is for users.

  4. Change the first umask statement to exclude all permissions for groups and others. Use umask 077 to do the job.

  5. Save and exit the file.

  6. Log in as a nonprivileged user. Use the touch command to make a new empty file. Use ls -l to verify the permissions on that file.

  7. Log in as root. Again, use the touch command to make a new empty file and use ls -l to verify the permissions on that new file.

You have just changed the default umask for all shell users. If you backed up your /etc/bashrc in step 1, you can now restore the original version of this file.

image from book

User Shell Configuration Files

As described earlier, each user gets a copy of the hidden files from the /etc/skel directory. As your users start working with their accounts, more configuration files are added to their home directories. Some are based on shells such as bash (.bash*); others draw their settings from the GUI desktops, typically GNOME and KDE. I'll describe the GUIs in more detail in Chapter 14.

The default Linux shell is bash, and it's the only shell described in the Red Hat Exam Prep guide and associated courses. However, if you or your users work with other shells, you'll find configuration files associated with those shells hidden in each user's home directory.



RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302)
Linux Patch Management: Keeping Linux Systems Up To Date
ISBN: 0132366754
EAN: 2147483647
Year: 2004
Pages: 227
Authors: Michael Jang

Similar book on Amazon
Linux Quick Fix Notebook
Linux Quick Fix Notebook
Self-Service Linux: Mastering the Art of Problem Determination
Self-Service Linux: Mastering the Art of Problem Determination
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net