From owner-freebsd-doc@FreeBSD.ORG Sun Jul 13 21:00:29 2003 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28E4D37B401 for ; Sun, 13 Jul 2003 21:00:29 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0379143FA3 for ; Sun, 13 Jul 2003 21:00:27 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h6E40RUp048259 for ; Sun, 13 Jul 2003 21:00:27 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h6E40RQb048258; Sun, 13 Jul 2003 21:00:27 -0700 (PDT) Resent-Date: Sun, 13 Jul 2003 21:00:27 -0700 (PDT) Resent-Message-Id: <200307140400.h6E40RQb048258@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Ken Smith Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 356F737B401 for ; Sun, 13 Jul 2003 20:58:55 -0700 (PDT) Received: from zeus.cse.buffalo.edu (zeus.cse.Buffalo.EDU [128.205.32.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DB0143F85 for ; Sun, 13 Jul 2003 20:58:54 -0700 (PDT) (envelope-from kensmith@cse.Buffalo.EDU) Received: from zeus.cse.buffalo.edu (localhost.cse.buffalo.edu [127.0.0.1]) h6E3vUew046181; Sun, 13 Jul 2003 23:57:30 -0400 (EDT) Received: (from kensmith@localhost) by zeus.cse.buffalo.edu (8.12.8p1/8.12.8/Submit) id h6E3vTWR046180; Sun, 13 Jul 2003 23:57:29 -0400 (EDT) Message-Id: <200307140357.h6E3vTWR046180@zeus.cse.buffalo.edu> Date: Sun, 13 Jul 2003 23:57:29 -0400 (EDT) From: Ken Smith To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: kensmith@cse.Buffalo.EDU Subject: docs/54461: Possible addition to Handbook X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Ken Smith List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jul 2003 04:00:29 -0000 >Number: 54461 >Category: docs >Synopsis: Possible addition to Handbook >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sun Jul 13 21:00:27 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Ken Smith >Release: FreeBSD 4.8-RELEASE i386 >Organization: U. Buffalo CSE Department/FreeBSD >Environment: System: FreeBSD zeus.cse.buffalo.edu 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003 root@freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC i386 >Description: Just some suggested additions to the Handbook, "Basics" and "Users" chapters. >How-To-Repeat: N/A >Fix: Apply following diff, relative to handbook directory. --- basics/chapter.sgml.orig Fri Jul 11 09:24:44 2003 +++ basics/chapter.sgml Sun Jul 13 23:54:45 2003 @@ -69,6 +69,15 @@ sharing and managing requests for hardware devices, peripherals, memory, and CPU time evenly to each user. + Much more information about User Accounts is in the chapter + about accounts. For now you just + need to know that each person (user) who uses the computer should be + given their own username and password. The system keeps track + of the people using the computer based on this username. Since + it is often the case that several people are working on the same + project Unix also provides groups. Several users can be placed + in the same group. + Because the system is capable of supporting multiple users, everything the system manages has a set of permissions governing who can read, write, and execute the resource. These permissions are @@ -1687,6 +1696,20 @@ Binary Formats + Typically when you type in a command to a shell the shell + will arrange for an executable file to be loaded into memory and + a new process results. Executable files can either be a binary + file (usually created by the linker as part of compiling a program) + or a shell script (text file to be interpreted by a binary file, + like &man.sh.1; or &man.perl.1;). The &man.file.1; command can + usually tell you what is inside of a file. + + Binary files need to have a well defined format for the system + to be able to use them properly. Part of the file will be the + executable machine code (the instructions that tell the CPU what + to do), part of it will be data space with pre-defined values, + part will be data space with no pre-defined values, etc. Through + time different binary file formats have evolved. To understand why FreeBSD uses the ELF format, you must first know a little about the 3 currently @@ -1824,6 +1847,14 @@ a.out will be moved out of the GENERIC kernel, and eventually removed from the kernel once the need to run legacy a.out programs is past. + + In addition to &man.file.1; another command that can prove + useful when working with executables is &man.ldd.1;. If + &man.file.1; says that a file is a dynamically linked executable + &man.ldd.1; can tell you what dynamically linked libraries that + executable file requires. Sometimes programs can be linked against + compatibility libraries instead of the main system libraries, or + otherwise rely on dynamic libraries you were not aware of. --- users/chapter.sgml.orig Thu Oct 10 17:14:28 2002 +++ users/chapter.sgml Sun Jul 13 23:45:12 2003 @@ -248,8 +248,8 @@ for general usage if you have not already. This applies equally whether you are running a multi-user or single-user machine. Later in this chapter, we discuss how to create additional - accounts, and how to change between the normal user and - superuser. + accounts, and how to + change between the normal user and superuser. @@ -1053,6 +1053,50 @@ /etc/group, consult the &man.group.5; manual page. + + + Becoming Superuser + + There are several ways to do things as the superuser. The worst + way is to log in as root. Usually very little + needs to be done as root so logging off as your + normal username, logging in as root, doing what + you needed to do, then logging off and back on as your normal username + is quite a waste of time. + + A better way is to use &man.su.1; without providing a username, + which implies the root user. For this to work + the username that you normally log in as must be in the + wheel group. An example of a fairly typical software + installation would involve the sys-admin unpacking the software as + their normal user account. Then in the unpacked directory, starting + as their normal user account, doing something like. + + + Compile and Install a Program + + &prompt.user; configure +&prompt.user; make +&prompt.user; su +Password: +&prompt.root; make install +&prompt.root; exit +&prompt.user; + + + Note in this example the transition to root + was much less painful than logging off and back on twice, and only + what was absolutely necessary got run as root. + + Using &man.su.1; works well for single systems or small networks + with just one systems administrator. For more complex environments + (or even for these simple environments) you should take a look at + &man.sudo.8;. It is provided as the port + security/sudo. It allows for things like logging what + gets done, granting users the ability to only run certain things + as the superuser, etc. + +