Manualshelf

Installation guide

ManualsBrandsPythonQ ManualsIndustrial248-8XX
919293949596979899100
94 Chapter 5. Users and Groups
chown -R root.emacs /usr/lib/emacs/site-lisp
Now, it is possible to add the proper users to the group with gpasswd:
/usr/bin/gpasswd -a username emacs
Allow the users to actually create files in the directory with the following command:
chmod 775 /usr/lib/emacs/site-lisp
When a user creates a new file, it is assigned the group of the user’s default private group. To prevent
this, perform the following command, which causes everything in the directory to be created with the
emacs group:
chmod 2775 /usr/lib/emacs/site-lisp
If the new file needs to be mode 664 for another user in the emacs group to be able to edit it, make the
default umask 002.
At this point, by making the default umask 002, you can easily set up groups that users can take
advantage of without any extra work every time users write files to the group’s common directory.
Just create the group, add the users, and do the above chown and chmod on the group’s directories.
5.5. Shadow Utilities
If you are in a multiuser environment and not using a networked authentication scheme such as Ker-
beros, you should consider using Shadow Utilities (also known as shadow passwords) for the en-
hanced protection offered for your system’s authentication files. During the installation of Red Hat
Linux, shadow password protection for your system is enabled by default, as are MD5 passwords (an
alternative and arguably more secure method of encrypting passwords for storage on your system).
Shadow passwords offer a few distinct advantages over the previous standard of storing passwords on
UNIX and Linux systems, including:
Improved system security by moving the encrypted passwords (normally found in /etc/passwd)
to /etc/shadow which is readable only by root
Information concerning password aging (how long it has been since a password was last changed)
Control over how long a password can remain unchanged before the user is required to change it
The ability to use the /etc/login.defs file to enforce a security policy, especially concerning
password aging
The shadow-utils package contains a number of utilities that support:
Conversion from normal to shadow passwords and back (pwconv, pwunconv)
Verification of the password, group, and associated shadow files (pwck, grpck)
Industry-standard methods of adding, deleting and modifying user accounts (useradd, usermod,
and userdel)
Industry-standard methods of adding, deleting, and modifying user groups (groupadd, groupmod,
and groupdel)
Industry-standard method of administering the /etc/group file using gpasswd
There are some additional points of interest concerning these utilities: