LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

putting indexterms inside their <primary/> or <secondary/> tags

This commit is contained in:
Martin A. Brown 2016-03-03 12:06:19 -08:00
parent f796549936
commit 20f5c9875f
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
LDP/guide/docbook/Intro-Linux/chap3.xml
View File

@ -695,7 +695,7 @@ Diskquotas for user pierre (uid 501): none
<sect2 id="sect_03_02_06"><title>The most common variable files</title>
<para>In the <filename>/var<indexterm><primary>var</primary></indexterm></filename> directory we find a set of directories for storing specific non-constant data (as opposed to the ls program or the system configuration files, which change relatively infrequently or never at all). All files that change frequently<indexterm>variable files<primary></primary><secondary>overview</secondary></indexterm>, such as log files, mailboxes, lock files, spoolers etc. are kept in a subdirectory of <filename>/var</filename>.</para>
<para>In the <filename>/var<indexterm><primary>var</primary></indexterm></filename> directory we find a set of directories for storing specific non-constant data (as opposed to the ls program or the system configuration files, which change relatively infrequently or never at all). All files that change frequently<indexterm><primary>variable files</primary><secondary>overview</secondary></indexterm>, such as log files, mailboxes, lock files, spoolers etc. are kept in a subdirectory of <filename>/var</filename>.</para>
<para>As a security measure these files are usually kept in separate parts from the main system files, so we can keep a close eye on them and set stricter permissions where necessary. A lot of these files also need more permissions than usual, like <filename>/var/tmp<indexterm><primary>tmp</primary></indexterm></filename>, which needs to be writable for everyone. A lot of user activity might be expected here, which might even be generated by anonymous Internet users connected to your system. This is one reason why the <filename>/var</filename> directory<indexterm><primary>partitions</primary><secondary>var partition</secondary></indexterm>, including all its subdirectories, is usually on a separate partition. This way, there is for instance no risk that a mail bomb, for instance, fills up the rest of the file system, containing more important data such as your programs and configuration files.</para>
<note><title>/var/tmp and /tmp</title>
<para>Files in <filename>/tmp<indexterm><primary>temporary files</primary></indexterm></filename> can be deleted without notice, by regular system tasks or because of a system reboot. On some (customized) systems, also <filename>/var/tmp</filename> might behave unpredictably. Nevertheless, since this is not the case by default, we advise to use the <filename>/var/tmp</filename> directory for saving temporary files. When in doubt, check with your system administrator. If you manage your own system, you can be reasonably sure that this is a safe place if you did not consciously change settings on <filename>/var/tmp</filename> (as root, a normal user can not do this).</para>

2
LDP/guide/docbook/Intro-Linux/chap4.xml
View File

@ -310,7 +310,7 @@ passwd is /usr/bin/passwd
-r-s--x--x 1 root root 13476 Aug 7 06:03 /usr/bin/passwd*
</screen>
<para>When called, the <command>passwd</command> command will run using the access permissions<indexterm><primary>file permissions</primary><secondary>SUID</secondary></indexterm> of <emphasis>root</emphasis>, thus enabling a common user to edit the password file which is owned by the system admin.</para>
<para>SGID modes on a file don't occur nearly as frequently as SUID, because SGID often involves the creation of extra groups. In some cases, however, we have to go through this trouble in order to build an elegant solution (don't worry about this too much - the necessary groups are usually created upon installation). This is the case for the <command>write<indexterm><primary>write</primary>4dwx<secondary></secondary></indexterm></command> and <command>wall<indexterm><primary>wall</primary></indexterm></command> programs, which are used to send messages to other users' terminals<indexterm><primary>terminal</primary><secondary>send a message</secondary></indexterm> (ttys). The <command>write</command> command writes a message to a single user, while <command>wall</command> writes to all connected users.</para>
<para>SGID modes on a file don't occur nearly as frequently as SUID, because SGID often involves the creation of extra groups. In some cases, however, we have to go through this trouble in order to build an elegant solution (don't worry about this too much - the necessary groups are usually created upon installation). This is the case for the <command>write<indexterm><primary>write</primary><secondary>4dwx</secondary></indexterm></command> and <command>wall<indexterm><primary>wall</primary></indexterm></command> programs, which are used to send messages to other users' terminals<indexterm><primary>terminal</primary><secondary>send a message</secondary></indexterm> (ttys). The <command>write</command> command writes a message to a single user, while <command>wall</command> writes to all connected users.</para>
<para>Sending text to another user's terminal or graphical display is normally not allowed. In order to bypass this problem, a group has been created, which owns all terminal devices. When the <command>write</command> and <command>wall</command> commands are granted SGID permissions, the commands will run using the access rights as applicable to this group, <emphasis>tty</emphasis> in the example. Since this group has write access to the destination terminal, also a user having no permissions to use that terminal in any way can send messages to it.</para>
<para>In the example below, user <emphasis>joe</emphasis> first finds out on which terminal his correspondent is connected, using the <command>who</command> command. Then he sends her a message using the <command>write</command> command. Also illustrated are the access rights on the <command>write</command> program and on the terminals occupied by the receiving user: it is clear that others than the user owner have no permissions<indexterm><primary>file permissions</primary><secondary>SGID</secondary></indexterm> on the device, except for the group owner, which can write to it.</para>
<screen>

2
LDP/guide/docbook/Intro-Linux/chap5.xml
View File

@ -306,8 +306,8 @@ My boss
<listitem><para><cmdsynopsis><command>grep <parameter>root</parameter> <filename>/etc/passwd /etc/nofiles</filename> &gt; <filename>grepresults</filename></command></cmdsynopsis></para></listitem>
<listitem><para><cmdsynopsis><command>/etc/init.d/sshd <parameter>start</parameter> &gt; <filename>/var/tmp/output</filename></command></cmdsynopsis></para></listitem>
<listitem><para><cmdsynopsis><command>/etc/init.d/crond <parameter>start</parameter> &gt; <filename>/var/tmp/output</filename> 2&gt;&amp;1</command></cmdsynopsis></para></listitem>
<para>Now check your results by issuing the commands again, now redirecting standardoutput to the file <filename>/var/tmp/output</filename> and standard error to the file <filename>/var/tmp/error</filename>.</para>
</itemizedlist>
<para>Now check your results by issuing the commands again, now redirecting standardoutput to the file <filename>/var/tmp/output</filename> and standard error to the file <filename>/var/tmp/error</filename>.</para>
</listitem>
<listitem><para>How many processes are you currently running?</para></listitem>