change your settings in ~/.profile (the ~ is a shell shortcut representing your home directory), root can alter the permissions so that you may read from, but not write to, that file.
Because of the potential for making a catastrophic error as the super user (using the command rm -rf /* is the classic example, but do not ever try it!), always use your system as a regular user and become root only temporarily to do sysadmin duties. While you are on a multiuser system, consider this advice an absolute rule; if root were to delete the wrong file or kill the wrong process, the results could be disastrous for the business. On your home system, you can do as you please and running as root makes many things easier, but less safe. In any setting, however, the risks of running as root full time are significant. (In case you're wondering, the above command would completely wipe your entire file system, leaving you with nothing but a red face!)
The third type of user is the system user. The system user is not a person, but rather an administrative account that the system uses during day-to-day running of various services. For example, the system user named apache owns the Apache Web Server and all the associated files. Only it and root can have access to these files — no one else can access or make changes to these files. System users do not have a home directory or password, nor do they permit access to the system through a login prompt.
You will find a list of all the users on a system in the /etc/passwd file. Fedora refers to these users as the
Adding New Users
The command-line approach to adding any user is actually quite simple and can be accomplished on a single line. In the example shown here, the sysadmin uses the useradd command to add the new user bernice. The command adduser (a variant found on some UNIX systems) is a symbolic link to useradd, so both commands work the same. In this example, we use the -p option to set the password the user requested; we use the -s option to set his special shell, and the -u option to specify his UID. (If we created a user with the default settings, we would not need to use these options.) All we want to do can be accomplished on one line:
# useradd bernice -p sTitcher -s /bin/bash -u 507
The sysadmin can also use the graphical interface that Fedora provides, as shown in Figure 10.1. It is accessed as the Users and Groups item from the System Settings menu item. Here, the sysadmin is adding a new user to the system where user bernice uses the bash command shell.
FIGURE 10.1 Adding a new user is simple. The GUI provides a more complete set of commands for user management than for group management.
These are the steps we used to add the same account as shown in the preceding command, but using the graphical User Manager graphical interface:
1. Launch the Fedora User Manager graphical interface by clicking the Users and Groups menu item found in the System, Administration.
2. Click the Add User button to bring up the Add User dialog window.
3. Fill in the form with the appropriate information, as described in the first paragraph in this section.
4. Click the drop-down Login Shell menu to select the bash shell.
5. Check the Specify User ID box to permit access to the UID dialog.
6. Using the arrows found in the UID dialog, increment the UID to 5413.
7. Click OK to save the settings.
Note that the user is being manually assigned the UID of 549 because that is her UID on another system machine that will be connected to this machine. Because the system only knows her as 549 and not as bernice, the two machines would not recognize bernice as the same user if two different UIDs were assigned.
A Linux username can be any alphanumeric combination that does not begin with a special character reserved for shell script use (see Chapter 11, 'Automating Tasks,' for disallowed characters, mostly punctuation characters). Usernames are typically the user's first name plus the first initial of her last name, something that is a common practice on larger systems with many users because it makes life simpler for the sysadmin, but is neither a rule nor a requirement.
User IDs and Group IDs
A computer is, by its very nature, a number-oriented machine. It identifies users and groups by numbers known as the
As was already mentioned, the root user is UID 0. Numbers from 1 through 499 and 65,534 are the system, or logical, users. Regular users have UIDs beginning with 500; Fedora assigns them sequentially beginning with this number.
With only a few exceptions, the GID is the same as the UID. Those exceptions are system users who need to act with root permissions: sync, shutdown, halt, and operator.
Fedora creates a private GID for every UID of 500 and greater. The system administrator can add other users to a GID or create a totally new group and add users to it. Unlike Windows NT and some UNIX variants, a group cannot be a member of another group in Linux.
If you intend to make use of NFS, it is extremely important that you use the same UID for the user on the host and guest machines; otherwise, you will not be able to connect!
As is the case in many professions, exaggerated characterizations (stereotypes or caricatures) have emerged for users and system administrators. Many stereotypes contain elements of truth mixed with generous amounts of hyperbole and humor and serve to assist us in understanding the characteristics of and differences in the stereotyped subjects. The stereotypes of the 'luser' and the 'BOFH' (users and administrators, respectively) also serve as cautionary tales describing what behavior is acceptable and unacceptable in the computing community.
Understanding these stereotypes allows you to better define the appropriate and inappropriate roles of system administrators, users, and others. The canonical reference to these terms is found in the alt.sysadmin.recovery FAQ found at http://www.ctrl-c.liu.se/~ingvar/asr/.
