System Administration in UNIX:Managing User Accounts and The .rc Files.

By -

Managing User Accounts

When a new person joins an organisation he is usually given an account by the system administrator. This is the login account of the user. Now a days almost all Unix systems support an admin tool which seeks the following information from the system administrator to open a new account:

1. Username: This serves as the login name for the user.

2. Password: Usually a system administrator gives a simple password. The users are advised to later select a password which they feel comfortable using. User's password appears in the shadow files in encrypted forms. Usually, the /etc/passwd file contains the information required by the login program to authenticate the login name and to initiate appropriate shell as shown in the description below:

bhatt:x:1007:1::/export/home/bhatt:/usr/local/bin/bash damu:x:1001:10::/export/home/damu:/usr/local/bin/bash

Each line above contains information about one user. The first field is the name of the user; the next a dummy indicator of password, which is in another file, a shadow file. Password programs use a trap-door algorithm for encryption.

3. Home directory: Every new user has a home directory defined for him. This is the default login directory. Usually it is defined in the run command files.

4. Working set-up: The system administrators prepare .login and .profile files to help users to obtain an initial set-up for login. The administrator may prepare .cshrc, .xinitrc .mailrc .ircrc files. In Section 19.4 we shall later see how these files may be helpful in customizing a user's working environment. A natural point of curiosity would be: what happens when users log out? Unix systems receive signals when users log out. Recall, in Section 19.2 we mentioned that a user logs in under a login process initiated by getty process. Process getty identifies the terminal being used. So when a user logs out, the getty process which was running to communicate with that terminal is first killed. A new getty process is now launched to enable yet another prospective login from that terminal.

The working set-up is completely determined by the startup files. These are basically .rc (run command) files. These files help to customize the user's working environment. For instance, a user's .cshrc file shall have a path variable which defines the access to various Unix built-in shell commands, utilities, libraries etc. In fact, many other shell environmental variables like HOME, SHELL, MAIL, TZ (the time zone) are set up automatically. In addition, the .rc files define the access to network services or some need-based access to certain licensed software or databases as well. To that extent the .rc files help to customize the user's working environment.

We shall discuss the role of run command files later in Section 19.4.

5. Group-id: The user login name is the user-id. Under Unix the access privileges are determined by the group a user belongs to. So a user is assigned a group-id. It is possible to obtain the id information by using an id command as shown below:

[bhatt@iiitbsun OS]$id uid=1007(bhatt) gid=1(other) [bhatt@iiitbsun OS]$

6. Disc quota: Usually a certain amount of disk space is allocated by default. In cases where the situation so warrants, a user may seek additional disk space. A user may interrogate the disk space available at any time by using the df command. Its usage is shown below:

df [options] [name] : to know the free disk space.

where name refers to a mounted file system, local or remote. We may specify directory if we need to know the information about that directory. The following options may help with additional information:

-l : for local file system

-t : reports total no. of allocated blocks and i-nodes on the device.

The Unix command du reports the number of disk blocks occupied by a file. Its usage is shown below:

du [options] [name]... where name is a directory or a file

Above name by default refers to the current directory. The following options may help with additional information:

-a : produce output line for each file

-s : report only the total usage for each name that is a directory i.e. not individual files.

-r : produce messages for files that cannot be read or opened

7. Network services: Usually a user shall get a mail account. We will discuss the role of .mailrc file in this context in section 19.4. The user gets an access to Web services too.

8. Default terminal settings: Usually vt100 is the default terminal setting. One can attempt alternate terminal settings using tset, stty, tput, tabs with the control sequences defined in terminfo termcap with details recorded in /etc/ttytype or

/etc/tty files and in shell variable TERM. Many of these details are discussed in Section 19.5.1 which specifically deals with terminal settings. The reader is encouraged to look up that section for details.

Once an account has been opened the user may do the following:

1. Change the pass-word for access to one of his liking.

2. Customize many of the run command files to suit his needs.

Closing a user account: Here again the password file plays a role. Recall in section 19.1 we saw that /etc/password file has all the information about the users' home directory, password, shell, user and group-id, etc. When a user's account is to be deleted, all of this information needs to be erased. System administrators login as root and delete the user entry from the password file to delete the account.

The .rc Files

Usually system administration offers a set of start-up run command files to a new user. These are files that appear as .rc files. These may be .profile, .login, .cshrc, .bashrc .xinitrc, .mailrc .ircrc, etc. The choice depends upon the nature of the login shell. Typical allocations may be as follows:

0 Bourne or Korn shell: .profile

1 C-Shell: .login, .cshrc

2 BASH: .bashrci

3 TCSH: .tcshrc

BASH is referred as Bourne-again shell. TCSH is an advanced C-Shell with many shortcuts like pressing a tab may complete a partial string to the extent it can be covered unambiguously. For us it is important to understand what is it that these files facilitate. Role of .login and .profile files: The basic role of these files is to set up the environment for a user. These may include the following set-ups.

• Set up the terminal characteristics: Usually, the set up may include terminal type, and character settings for the prompt, erase, etc.

• Set up editors: It may set up a default editor or some specific editor like emacs.

• Set up protection mode: This file may set up umask, which stands for the user mask. umask determines access right to files.

• Set up environment variables: This file may set up the path variable. The path variable defines the sequence in which directories are searched for locating the commands and utilities of the operating system.

• Set up some customization variables: Usually, these help to limit things like selecting icons for mail or core dump size up to a maximum value. It may be used for setting up the limit on the scope of the command history, or some other preferences.

A typical .login file may have the following entries:

# A typical .login file umask 022

setenv PATH /usr/ucb:/usr/bin:/usr/sbin:/usr/local/bin setenv PRINTER labprinter

setenv EDITOR vi biff y

set prompt='hostname'=>

The meanings of the lines above should be obvious from the explanation we advanced earlier. Next we describe .cshrc files and the readers should note the commonalities between these definitions of initialisation files.

The .cshrc file: The C-shell makes a few features available over the Bourne shell. For instance, it is common to define aliases in .cshrc files for very frequently used commands like gh for ghostview and c for clear. Below we give some typical entries for .cshrc file in addition to the many we saw in the .login file in this section:

if (! $?TERM) setenv TERM unknown

if ("TERM" == "unknown" || "$TERM" == "network") then echo -n 'TERM? [vt100]: ';

set ttype=($<)

if (ttype == "") set ttype="vt100"

if (ttype == "pc") then set ttype="vt100" endif

setenv TERM $ttype endif

alias cl clear

alias gh ghostview set history = 50 set nobeep

Note that the above, in the first few lines in the script, system identifies the nature of terminal and sets it to operate as vt100. It is highly recommended that the reader should examine and walk-through the initialization scripts which the system administration provides. Also, a customization of these files entails that as a user we must look up these files and modify them to suit our needs.

There are two more files of interest. One corresponds to regulating the mail and the other which controls the screen display. These are respectively initialized through .mailrc and

.xi nitrc. We discussed the latter in the chapter on X Windows. We shall discuss the settings in .mailrc file in the context of the mail system.

The mail system: .mailrc file : From the viewpoint of the user's host machine, the mail program truly acts as the main anchor for our internet-based communication. The Unix sendmail program together with the uu class of programs form the very basis of the mail under Unix. Essentially, the mail system has the following characteristics:

1. The mail system is a Store and forward system.

2. Mail is picked up from the mail server periodically. The mail daemon, picks up the mail running as a background process.

3. Mail is sent by sendmail program under Unix.

4. The uu class of programs like uucp or Unix-to-Unix copy have provided the basis for developing the mail tools. In fact, the file attachments facility is an example of it.

On a Unix system it is possible to invoke the mail program from an auto-login or .cshrc program.

Every Unix user has a mailbox entry in the /usr/spool/mail directory. Each person's mail box is named after his own username. In Table 19.1 we briefly review some very useful mail commands and the wild card used with these commands.

We next give some very useful commands which help users to manage their mails efficiently:

clip_image001

Table 19.1: Various command options for mail.

d:r : delete all read messages.

d:usenet : delete all messages with usenet in body p:r : print all read messages.

p:bhatt : print all from user ``bhatt''.

During the time a user is composing a mail, the mail system tools usually offer facility to escape to a shell. This can be very useful when large files need to be edited along side the mail being sent. These use ~ commands with the interpretations shown below:

~! escape to shell,

~d include dead.letter

~h edit header field

The mail system provides for command line interface to facilitate mail operations using some of the following commands. For instance, every user has a default mail box called mbox. If one wishes to give a different name to the mailbox, he may choose a new name for it. Other facilities allow a mail to be composed with, or without, a subject or to see the progress of the mail as it gets processed. We show some of these options and their usage with mail command below.

mail -s greetings user@machine.domain

-s: option is used to send a mail with subject.

-v: option is for the verbose option, it shows mails' progress

-f mailbox: option allows user to name a new mail box

mail -f newm: where newm may be the new mail box option which a user may opt for in place of mbox (default option).

Next we describe some of the options that often appear inside .mailrc user files. Generally, with these options we may have aliases (nick-names) in place of the full mail address. One may also set or unset some flags as shown in the example below:

unset askcc set verbose set append

clip_image002

Table 19.2: Various options for .mailrc file.

In Table 19.2, we offer a brief explanation of the options which may be set initially in

.mailrc files.

In addition, in using the mail system the following may be the additional facilities which could be utilized:

1. To subscribe to listserv@machine.domain, the body of the message should contain “subscribe", the group to subscribe to and the subscribers' e-mail address as shown in the following example.

subscribe allmusic me@mymachine.mydomain.

2. To unsubscribe use logout allmusic. In addition to the above there are vacation programs which send mails automatically when the receiver is on vacation.

Mails may also be encrypted. For instance, one may use a pretty good privacy (PGP) for encrypting mails.

Facilitating chat with .ircrc file: System administrators may prepare terminals and offer Inter Relay Chat or IRC facility as well. IRC enables real-time conversation with one or more persons who may be scattered anywhere globally. IRC is a multi-user system. To use IRC's, Unix-based IRC versions, one may have to set the terminal emulation to vt100 either from the keyboard or from an auto-login file such as .login in bin/sh or .cshrc in

/bin/csh.

$ set TERM=vt100

$ stty erase "^h"

The most common way to use the IRC system is to make a telnet call to the IRC server. There are many IRC servers. Some servers require specification of a port number as in irc.ibmpcug.co.uk9999.

When one first accesses the IRC server, many channels are presented. A channel may be taken as a discussion area and one may choose a channel for an online chat (like switch a channel on TV). IRCs require setting up an .ircrc file. Below we give some sample entries for a .ircrc file. The .ircrc files may also set internal variables.

/COMMENT .....

/NICK <nn>

/JOIN <ch>

IRC commands begin with a \/" character. In Table 19.3, we give a few of the commands for IRC with their interpretations.

clip_image003

Table 19.3: Various commands with interpretation.

IRCs usually support a range of channels. Listed below are a few of the channel types:

Limbo or Null Public Private Secret Moderated

Limited Topic limited Invite Only

Message disabled.

The above channel types are realized by using a mode command. The modes are set or unset as follows. The options have the interpretations shown in Table 19.4.

/MODE sets (with +) and unsets (with -) the mode of channel with the following options

/MODE <channel> +<channel options> < parameters>

/MODE <channel> -<channel options> < parameters>

clip_image004

Table 19.4: Various options for channels.

19.4.1 Sourcing Files

As we have described above, the .rc files help to provide adequate support for a variety of services. Suppose we are logged to a system and seek a service that requires a change in one of the .rc files. We may edit the corresponding file. However, to affect the changed behavior we must source the file. Basically, we need to execute the source command with the file name as argument as shown below where we source the .cshrc file:

source .cshrc

Comments

Post a Comment

Popular posts from this blog

Input Output (IO) Management:HW/SW Interface and Management of Buffers.

By -
Image
5.3 HW/SW Interface IO management requires that a proper set-up is created by an application on computer system with an IO device. An IO operation is a combination of HW and SW instructions as shown in Figure 5.8. Following the issuance of an IO command, OS kernel resolves it, and then communicates Figure 5.8: Communication with IO devices. with the concerned device driver. The device drivers in turn communicate with IO devices. The application at the top level only communicates with the kernel. Each IO request from an application results in generating the following: Naming or identification of the device to communicate. Providing device independent data to communicate; The kernel IO subsystem arranges for the following: The identification of the relevant device driver. We discuss device drivers in Section 5.3.1. Allocation of buffers. We discuss buffer management in Section 5.4. Reporting of errors. Tracking the device usage (is the device free, who is the current u...
Read more

Introduction to Operating Systems:Early History: The 1940s and 1950s

By -
Early History: The 1940s and 1950s Operating systems have evolved over the last 60 years through several distinct phases or generations that correspond roughly to the decades (see the Operating Systems Thinking feature, Innovation).3 In the 1940s, the earliest electronic digital computers did not include operating systems.4, 5, 6 Machines of the time were so primitive that programmers often entered their machine-language programs one bit at a time on rows of mechanical switches. Eventually, programmers entered their machine-language programs on punched cards. Then, assembly languages—which used English-like abbreviations to represent the basic operations of the computer— were developed to speed the programming process. General Motors Research Laboratories implemented the first operating sys- tem in the early 1950s for its IBM 701 computer.7 The systems of the 1950s generally executed only one job at a time, using techniques that smoothed the transition between jobs to obtain maximu...
Read more

Input Output (IO) Management:IO Organization.

By -
Image
IO Organization In the previous section we discussed various issues that arise from the need to support a wide range of devices. To meet these varied requirements, a few well understood modalities have evolved over time. The basic idea is to select a mode of communication taking device characteristics into account or a need to synchronize with some event, or to just have a simple strategy to ensure a reliable assured IO. Computers employ the following four basic modes of IO operation: 1. Programmed mode 2. Polling mode 3. Interrupt mode 4. Direct memory access mode. We shall discuss each of these modes in some detail now. 5.2.1 Programmed Data Mode In this mode of communication, execution of an IO instruction ensures that a program shall not advance till it is completed. To that extent one is assured that IO happens before anything else happens. As depicted in Figure 5.1, in this mode an IO instruction is issued to an IO device and the program executes in “busy-waiting” (idli...
Read more