The Purpose of Different User Accounts


The Purpose of Different User Accounts

By now, you re probably used to the fact that, to access your computer through Linux, you must log in by providing a username and the corresponding password . That s the same for each user; every user of the system is able to identify himself by his own unique username.

The existence of different user accounts on a system has a number of important and useful consequences:

  • Only authorized users are able to access the system because the operating system allows entry to those users who supply the correct credentials (a username and a matching password).

  • Access to resources, such as files and devices, will be granted accordingly . For example, any authorized user is able to read the message of the day contained in the /etc/motd file, but only some users are permitted to change the contents of that file.

  • Each user is assigned a separate directory, called their home directory , for storing personal data.

  • Linux can be configured to execute user-specific setup procedures at the time that user logs in. For example, it might run a program that notifies the user of the arrival of new mail.

  • Every program started by the user is associated to that user s account, and can be identified afterward. Moreover, each program will have access only to those resources that the owner can access.

Many large systems make a distinction between an administrator (or super user ) and a normal user . In particular, a user is prevented from performing special (often sensitive) tasks , such as the following, unless that user has administrator privileges:

  • Global maintenance, personalization, and upgrade of the system

  • Global installation of applications, devices, and their drivers

  • Periodic backup of data

  • User account management

It is the administrator s work that leaves normal users free to carry out their day-to-day tasks. Indeed, in very large environments with many thousands of users, system administration is a full-time job. In these environments, it s easy to see why it makes sense to differentiate between super users and normal users. If administration were left to the individual users, regardless of their expertise or authority, the lack of policy and control could be catastrophic ”risking the stability of the system, performance levels, security violations, and so on.

In fact, the distinction between super users and normal users is enforced in all Linux installations ”even on small Linux computers that are used by only one person, because many of the same arguments that apply on large networks also apply on the smallest installations. For example, while the super user account is very useful for performing certain tasks, it s definitely a mistake to work as super user when you re performing more everyday tasks, such as reading e- mails . It s not only that you don t need super user privileges to read your e-mail, it s also about protecting yourself from accidentally damaging your system integrity.

The administrator account in Fedora Core (as in almost every other operating system of UNIX heritage) is called root . The power of root is so extensive that almost no task is forbidden for this account. While it s impossible for a normal user to delete system files, root is able to delete them all too easily.

For this reason, the root account should be used with great care. It is important that you create a personal account as part of the Linux installation, and we did that back in Chapter 1. If you are currently logged into your Linux system using the root account, log out now and log back in with a normal (non-root) account.

Caution

You might be tempted to click the Add button to create a logical device, but this is incorrect. You should use the Copy button after highlighting the physical device in question.

If you re worried about the hassle of logging in and out of different accounts, worry no more. Linux allows you to run a root shell from within your normal account, so you can do most of your work under the normal account and switch to the root shell for those sensitive administration-level activities (this is discussed later in the When root is Not Necessary section).




Beginning Fedora 2
Beginning Fedora 2
ISBN: 0764569961
EAN: 2147483647
Year: 2006
Pages: 170

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net