r4550 - in trunk/BOOK: basicnet/mailnews general/sysutils gnome/add introduction/welcome postlfs/config postlfs/security pst/printing server/databases server/mail server/major server/other

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Sun Jun 5 14:06:45 PDT 2005


Author: bdubbs
Date: 2005-06-05 15:06:40 -0600 (Sun, 05 Jun 2005)
New Revision: 4550

Modified:
   trunk/BOOK/basicnet/mailnews/mutt.xml
   trunk/BOOK/general/sysutils/fcron.xml
   trunk/BOOK/gnome/add/gdm.xml
   trunk/BOOK/gnome/add/gnome-games.xml
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/config/users.xml
   trunk/BOOK/postlfs/security/stunnel.xml
   trunk/BOOK/pst/printing/cups.xml
   trunk/BOOK/server/databases/mysql.xml
   trunk/BOOK/server/databases/postgresql.xml
   trunk/BOOK/server/mail/courier.xml
   trunk/BOOK/server/mail/exim.xml
   trunk/BOOK/server/mail/sendmail.xml
   trunk/BOOK/server/major/apache.xml
   trunk/BOOK/server/major/bind.xml
   trunk/BOOK/server/major/proftpd.xml
   trunk/BOOK/server/major/vsftpd.xml
   trunk/BOOK/server/other/cvsserver.xml
   trunk/BOOK/server/other/leafnode.xml
   trunk/BOOK/server/other/svnserver.xml
Log:
 Integrated system uid and gid values
into individual packages.

Modified: trunk/BOOK/basicnet/mailnews/mutt.xml
===================================================================
--- trunk/BOOK/basicnet/mailnews/mutt.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/basicnet/mailnews/mutt.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -70,7 +70,7 @@
     <systemitem class="groupname">mail</systemitem>.  You can
     add this group, if it does not exist, with this command:</para>
 
-<screen role="root"><userinput>groupadd mail</userinput></screen>
+<screen role="root"><userinput>groupadd -g 34 mail</userinput></screen>
 
     <para>If you did not install a MTA, such as <xref linkend="postfix"/> or
     <xref linkend="sendmail"/>, you need to modify the ownership of

Modified: trunk/BOOK/general/sysutils/fcron.xml
===================================================================
--- trunk/BOOK/general/sysutils/fcron.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/general/sysutils/fcron.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -97,8 +97,8 @@
     <para>For security reasons, an unprivileged user and group for
     <application>Fcron</application> should be created:</para>
 
-<screen role="root"><userinput>groupadd fcron &&
-useradd -d /dev/null -c "Fcron User" -g fcron -s /bin/false fcron</userinput></screen>
+<screen role="root"><userinput>groupadd -g 22 fcron &&
+useradd -d /dev/null -c "Fcron User" -g fcron -s /bin/false -u 22 fcron</userinput></screen>
 
     <para>Install <application>Fcron</application> by running the following
     commands:</para>

Modified: trunk/BOOK/gnome/add/gdm.xml
===================================================================
--- trunk/BOOK/gnome/add/gdm.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/gnome/add/gdm.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -77,8 +77,8 @@
     started. Issue the following commands as the
     <systemitem class="username">root</systemitem> user:</para>
 
-<screen role='root'><userinput>groupadd gdm &&
-useradd -c "GDM Daemon Owner" -d /dev/null -g gdm -s /bin/bash gdm</userinput></screen>
+<screen role='root'><userinput>groupadd -g 21 gdm &&
+useradd -c "GDM Daemon Owner" -d /dev/null -g gdm -s /bin/bash -u 21 gdm</userinput></screen>
 
     <para>Install <application>GDM</application> by running
     the following commands as an unprivileged user:</para>

Modified: trunk/BOOK/gnome/add/gnome-games.xml
===================================================================
--- trunk/BOOK/gnome/add/gnome-games.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/gnome/add/gnome-games.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -83,9 +83,9 @@
     for more information:</para>
 
 <screen role="root"><userinput>install -v -m755 -d /var/lib/games &&
-groupadd games &&
+groupadd -g 60 games &&
 useradd -c 'Games High Score Owner' -d /var/lib/games \
-        -g games -s /bin/false games &&
+        -g games -s /bin/false -u 60 games &&
 chown -v games:games /var/lib/games</userinput></screen>
 
     <para>Install <application>GNOME Games</application> by

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -25,6 +25,11 @@
   <itemizedlist>
 
     <listitem>
+      <para>June 5th, 2005 [bdubbs]: Integrated system uid and gid values
+      into individual packages.</para>
+    </listitem>
+
+    <listitem>
       <para>June 5th, 2005 [bdubbs]: Added blufish-1.0.1 from patch
       provided by theOldFellow.</para>
     </listitem>

Modified: trunk/BOOK/postlfs/config/users.xml
===================================================================
--- trunk/BOOK/postlfs/config/users.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/postlfs/config/users.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -69,7 +69,7 @@
         <row><entry>gdm     </entry><entry>21</entry><entry>21</entry></row>
         <row><entry>fcron   </entry><entry>22</entry><entry>22</entry></row>
         <row><entry>apache  </entry><entry>25</entry><entry>25</entry></row>
-        <row><entry>smmsp   </entry><entry>  </entry><entry>26</entry></row>
+        <row><entry>smmsp   </entry><entry>26</entry><entry>26</entry></row>
         <row><entry>courier </entry><entry>30</entry><entry>30</entry></row>
         <row><entry>exim    </entry><entry>31</entry><entry>31</entry></row>
         <row><entry>postfix </entry><entry>32</entry><entry>32</entry></row>
@@ -87,7 +87,9 @@
         <row><entry>sshd    </entry><entry>50</entry><entry>50</entry></row>
         <row><entry>stunnel </entry><entry>51</entry><entry>51</entry></row>
         <row><entry>svn     </entry><entry>56</entry><entry>56</entry></row>
+        <row><entry>svntest </entry><entry>  </entry><entry>57</entry></row>
         <row><entry>games   </entry><entry>60</entry><entry>60</entry></row>
+        <row><entry>anonymous</entry><entry>98</entry><entry>  </entry></row>
         <row><entry>nobody  </entry><entry>99</entry><entry>  </entry></row>
         <row><entry>nogroup </entry><entry>  </entry><entry>99</entry></row>
       </tbody>

Modified: trunk/BOOK/postlfs/security/stunnel.xml
===================================================================
--- trunk/BOOK/postlfs/security/stunnel.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/postlfs/security/stunnel.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -88,9 +88,9 @@
     using the following commands as the <systemitem
     class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>groupadd stunnel &&
+<screen role="root"><userinput>groupadd -g 51 stunnel &&
 useradd -c "Stunnel Daemon" -d /var/lib/stunnel \
-        -g stunnel -s /bin/false stunnel &&
+        -g stunnel -s /bin/false -u 51 stunnel &&
 install -d -m 700 -o stunnel -g stunnel /var/lib/stunnel/run</userinput></screen>
 
     <note>

Modified: trunk/BOOK/pst/printing/cups.xml
===================================================================
--- trunk/BOOK/pst/printing/cups.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/pst/printing/cups.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -91,7 +91,7 @@
     <command>lppasswd</command> command SUID to this user. Use the following
     command as the <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>useradd -c "Print Service User" -d /dev/null -g lp -s /bin/false lp</userinput></screen>
+<screen role="root"><userinput>useradd -c "Print Service User" -d /dev/null -g lp -s /bin/false -u 9 lp</userinput></screen>
 
     <para>If you utilize <application>Linux-PAM</application>, you need to
     modify some files so <application>CUPS</application> can find needed headers.

Modified: trunk/BOOK/server/databases/mysql.xml
===================================================================
--- trunk/BOOK/server/databases/mysql.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/databases/mysql.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -9,7 +9,7 @@
   <!ENTITY mysql-md5sum           "0b99001b07cad53f161ec629a6bb24ea">
   <!ENTITY mysql-size          "22 MB">
   <!ENTITY mysql-buildsize     "207 MB">
-  <!ENTITY mysql-time          "3.83 SBU">
+  <!ENTITY mysql-time          "3.8 SBU">
 ]>
 
 <sect1 id="mysql" xreflabel="MySQL-&mysql-version;">
@@ -75,8 +75,9 @@
     <para>For security reasons, running the server as an unprivileged user
     and group is strongly encouraged:</para>
 
-<screen role="root"><userinput>groupadd mysql &&
-useradd -c "MySQL Server" -d /dev/null -g mysql -s /bin/false mysql</userinput></screen>
+<screen role="root"><userinput>groupadd -g 40 mysql &&
+useradd -c "MySQL Server" -d /dev/null -g mysql -s /bin/false \
+        -u 40 mysql</userinput></screen>
 
     <para>Build and install <application>MySQL</application> by
     running the following commands:</para>

Modified: trunk/BOOK/server/databases/postgresql.xml
===================================================================
--- trunk/BOOK/server/databases/postgresql.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/databases/postgresql.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -129,7 +129,8 @@
     <systemitem class="username">root</systemitem> user:</para>
 
 <screen role="root"><userinput>install -v -m755 -d /srv/pgsql/data &&
-useradd -c "PostgreSQL Server" -g users -d /srv/pgsql/data postgres &&
+useradd -c "PostgreSQL Server" -g users -d /srv/pgsql/data \
+        -u 41 postgres &&
 chown -v postgres /srv/pgsql/data &&
 su - postgres -c '/usr/bin/initdb -D /srv/pgsql/data'</userinput></screen>
 

Modified: trunk/BOOK/server/mail/courier.xml
===================================================================
--- trunk/BOOK/server/mail/courier.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/mail/courier.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -94,9 +94,9 @@
     the <systemitem class="username">courier</systemitem> user and
     group with the following commands:</para>
 
-<screen role="root"><userinput>groupadd courier &&
+<screen role="root"><userinput>groupadd -g 30 courier &&
 useradd -c 'Courier Mail Server' -d /dev/null \
-        -g courier -s /bin/false courier</userinput></screen>
+        -g courier -s /bin/false -u 30 courier</userinput></screen>
 
     <para>The install script also expects a <systemitem
     class="username">bin</systemitem> user. If you already have a
@@ -458,8 +458,8 @@
 
       <para>Create a virtual mailman user and group:</para>
 
-<screen role="root"><userinput>groupadd -g 9000 vmailman &&
-useradd -c 'Virtual Mailman' -g vmailman -m -k /dev/null -u 9000 vmailman</userinput></screen>
+<screen role="root"><userinput>groupadd -g 35 vmailman &&
+useradd -c 'Virtual Mailman' -g vmailman -m -k /dev/null -u 35 vmailman</userinput></screen>
 
       <para>Create a mail directory for a new virtual user:</para>
 

Modified: trunk/BOOK/server/mail/exim.xml
===================================================================
--- trunk/BOOK/server/mail/exim.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/mail/exim.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -91,8 +91,8 @@
     the group and user <systemitem class="username">exim</systemitem> which
     will run the <command>exim</command> daemon:</para>
 
-<screen role="root"><userinput>groupadd exim &&
-useradd -d /dev/null -c "Exim Daemon" -g exim -s /bin/false exim</userinput></screen>
+<screen role="root"><userinput>groupadd -g 31 exim &&
+useradd -d /dev/null -c "Exim Daemon" -g exim -s /bin/false -u 31 exim</userinput></screen>
 
     <para>If you have <application>Berkeley DB</application>
     installed, apply the following patch:</para>

Modified: trunk/BOOK/server/mail/sendmail.xml
===================================================================
--- trunk/BOOK/server/mail/sendmail.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/mail/sendmail.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -78,10 +78,10 @@
     requires with the following commands issued as the
     <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>groupadd smmsp &&
-groupadd mail &&
+<screen role="root"><userinput>groupadd -g 26 smmsp &&
+groupadd -g 34 mail &&
 useradd -c "Sendmail Daemon" -g smmsp -G mail \
-        -d /dev/null -s /bin/false smmsp &&
+        -d /dev/null -s /bin/false -u 26 smmsp &&
 chmod -v 1777 /var/mail &&
 install -v -m700 -d /var/spool/mqueue</userinput></screen>
 

Modified: trunk/BOOK/server/major/apache.xml
===================================================================
--- trunk/BOOK/server/major/apache.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/major/apache.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -81,8 +81,9 @@
     group is strongly encouraged. Create the following group and user using the
     following commands (as <systemitem class="username">root</systemitem>):</para>
 
-<screen role="root"><userinput>groupadd apache &&
-useradd -c "Apache Server" -d /dev/null -g apache -s /bin/false apache</userinput></screen>
+<screen role="root"><userinput>groupadd -g 25 apache &&
+useradd -c "Apache Server" -d /dev/null -g apache \
+        -s /bin/false -u 25 apache</userinput></screen>
 
     <para>The following patch will define the layout of destination
     directories and, among them, the build directory at

Modified: trunk/BOOK/server/major/bind.xml
===================================================================
--- trunk/BOOK/server/major/bind.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/major/bind.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -206,8 +206,8 @@
       <para>Create the unprivileged user and group <systemitem
       class="username">named</systemitem>:</para>
 
-<screen role="root"><userinput>groupadd named &&
-useradd -m -c "BIND Owner" -g named -s /bin/false named</userinput></screen>
+<screen role="root"><userinput>groupadd -g 20 named &&
+useradd -m -c "BIND Owner" -g named -s /bin/false -u 20 named</userinput></screen>
 
       <para>Set up some files, directories and devices needed by
       <application>BIND</application>:</para>

Modified: trunk/BOOK/server/major/proftpd.xml
===================================================================
--- trunk/BOOK/server/major/proftpd.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/major/proftpd.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -69,9 +69,9 @@
     <application>ProFTPD</application> using an unprivileged user and group.
     As the <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>groupadd proftpd &&
+<screen role="root"><userinput>groupadd -g 46 proftpd &&
 useradd -c proftpd -d /home/ftp -g proftpd \
-        -s /usr/lib/proftpd/proftpdshell proftpd &&
+        -s /usr/lib/proftpd/proftpdshell -u 46 proftpd &&
 install -v -d -m775 -o proftpd -g proftpd /usr/lib/proftpd &&
 ln -v -s /bin/false /usr/lib/proftpd/proftpdshell &&
 echo /usr/lib/proftpd/proftpdshell >> /etc/shells</userinput></screen>

Modified: trunk/BOOK/server/major/vsftpd.xml
===================================================================
--- trunk/BOOK/server/major/vsftpd.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/major/vsftpd.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -73,10 +73,11 @@
 
 <screen role="root"><userinput>install -v -d -m 0755 /var/ftp/empty &&
 install -v -d -m 0755 /home/ftp &&
-groupadd vsftpd &&
-useradd -d /dev/null -c "vsFTPD User" -g vsftpd -s /bin/false vsftpd &&
-groupadd ftp &&
-useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false ftp</userinput></screen>
+groupadd -g 47 vsftpd &&
+useradd -d /dev/null -c "vsFTPD User" -g vsftpd -s /bin/false \
+        -u 47 vsftpd &&
+groupadd -g 45 ftp &&
+useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp</userinput></screen>
 
     <para>Install <application>vsFTPD</application> by running
     the following commands:</para>

Modified: trunk/BOOK/server/other/cvsserver.xml
===================================================================
--- trunk/BOOK/server/other/cvsserver.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/other/cvsserver.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -107,7 +107,7 @@
     :pserver: method by logging on as <systemitem class="username">root</systemitem>
     and executing the following commands:</para>
 
-<screen role="root"><userinput>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) &&
+<screen role="root"><userinput>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false -u 98) &&
 echo anonymous: > /srv/cvsroot/CVSROOT/passwd &&
 echo anonymous > /srv/cvsroot/CVSROOT/readers</userinput></screen>
 
@@ -194,7 +194,7 @@
     or not.</para>
 
     <para><command>(grep anonymous /etc/passwd || useradd anonymous -s
-    /bin/false)</command>: Check for an existing <systemitem
+    /bin/false -u 98)</command>: Check for an existing <systemitem
     class="username">anonymous</systemitem> user and create one if not
     found.</para>
 

Modified: trunk/BOOK/server/other/leafnode.xml
===================================================================
--- trunk/BOOK/server/other/leafnode.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/other/leafnode.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -70,8 +70,9 @@
     <para>Create the group and user <systemitem class="username">news</systemitem>,
     if not present:</para>
 
-<screen role="root"><userinput>groupadd news &&
-useradd -c "Leafnode News Server" -d /var/spool/news -g news news</userinput></screen>
+<screen role="root"><userinput>groupadd -g 36 news &&
+useradd -c "Leafnode News Server" -d /var/spool/news -g news \
+        -u 36 news</userinput></screen>
 
     <para>Install <application>Leafnode</application> by running the following
     commands:</para>

Modified: trunk/BOOK/server/other/svnserver.xml
===================================================================
--- trunk/BOOK/server/other/svnserver.xml	2005-06-05 18:59:38 UTC (rev 4549)
+++ trunk/BOOK/server/other/svnserver.xml	2005-06-05 21:06:40 UTC (rev 4550)
@@ -48,8 +48,8 @@
       configuration. Create the <systemitem class="username">svn</systemitem>
       user and group with the following commands:</para>
 
-<screen role="root"><userinput>groupadd svn &&
-useradd -c "SVN Owner" -d /home/svn -m -g svn -s /bin/false svn</userinput></screen>
+<screen role="root"><userinput>groupadd -g 56 svn &&
+useradd -c "SVN Owner" -d /home/svn -m -g svn -s /bin/false -u 56 svn</userinput></screen>
 
       <para>If you plan to have multiple repositories, you should have a
       group dedicated to each repository for ease of administration. Create
@@ -57,7 +57,7 @@
       repository and add the <systemitem class="username">svn</systemitem>
       user to that group with the following commands:</para>
 
-<screen role="root"><userinput>groupadd svntest &&
+<screen role="root"><userinput>groupadd -g 57 svntest &&
 usermod -G svntest svn</userinput></screen>
 
       <para>Additionally you should set <command>umask 002</command> while




More information about the blfs-book mailing list