This commit is contained in:
gferg 2000-07-31 13:30:48 +00:00
parent 755ed6b05c
commit 28ee5f4c20
1 changed files with 22 additions and 16 deletions

View File

@ -7,7 +7,7 @@
<title>The Unix and Internet Fundamentals HOWTO
<author>by Eric S. Raymond
<date>v1.8, 11 July 2000
<date>v1.9, 29 July 2000
<abstract>
This document describes the working basics of PC-class computers, Unix-like
@ -202,31 +202,37 @@ don't step on each other. The particular collection of daemons your system
starts may vary, but will almost always include a print spooler (a
gatekeeper daemon for your printer).
Once all daemons are started, we're at <em>run level 2</em>. The next step
is to prepare for users. Init starts a copy of a program called
<tt>getty</tt> to watch your console (and maybe more copies to watch
The next step is to prepare for users. Init starts a copy of a program
called <tt>getty</tt> to watch your console (and maybe more copies to watch
dial-in serial ports). This program is what issues the <tt>login</tt>
prompt to your console. We're now at <em>run level 3</em> and ready for you
to log in and run programs.
prompt to your console. Once all daemons and getty processes for each
terminal are started, we're at <em>run level 2</em>. At this level, you
can log in and run programs.
But we're not done yet. The next step is to start up various daemons that
support networking and other services. Once that's done, we're at
<em>run level 3</em> and the system is fully ready for use.
<sect>What happens when you log in?<label id="login">
<p>
When you log in (give a name and password) you identify yourself to
<tt>getty</tt> and the computer. It then runs a program called (naturally
enough) <TT>login</TT>, which checks to see if you are authorized to be
using the machine. If you aren't, your login attempt will be rejected. If
you are, login does a few housekeeping things and then starts up a command
interpreter, the <em>shell</em>. (Yes, <tt>getty</tt> and <TT>login</TT>
could be one program. They're separate for historical reasons not worth
going into here.)
When you log in (give a name to <tt>getty</tt>) you identify yourself to
the computer. It then runs a program called (naturally enough)
<TT>login</TT>, which takes your password and checks to see if you are
authorized to be using the machine. If you aren't, your login attempt will
be rejected. If you are, login does a few housekeeping things and then
starts up a command interpreter, the <em>shell</em>. (Yes, <tt>getty</tt>
and <TT>login</TT> could be one program. They're separate for historical
reasons not worth going into here.)
Here's a bit more about what the system does before giving you a shell
(you'll need to know this later when we talk about file permissions).
You identify yourself with a login name and password. That login name is
looked up in a file called /etc/password, which is a sequence of lines each
looked up in a file called /etc/passwd, which is a sequence of lines each
describing a user account.
One of these fields is an encrypted version of the account password. What
One of these fields is an encrypted version of the account password
(sometimes the encrypted fields are actually kept in a second /etc/shadow
file with tighter permissions; this makes password cracking harder). What
you enter as an account password is encrypted in exactly the same way, and
the <TT>login</TT> program checks to see if they match. The security of
this method depends on the fact that, while it's easy to go from your clear