Historia de Solaris

Universidad del CaucaRed de Datos

Historia de Solaris

• SunOS 1.0 basado en BSD en 1982• SunOS 2.0 sistema de archivos virtual,

RPC, NIS y NFS• SunOS 4.0 sistema de memoria virtual

mejorado• SunOS 4.1.3 asymetric multiprocessor• Solaris 2.0 VFS 1992• Solaris 2.3 i386• Solaris 7 64-bit


Tareas de básicas de administración

• Manejo de usuarios• Manejo de la seguridad del sistema• Uso de los recursos• Configuración de los dispositivos• Instalación del Sistema operativo -

parches• Instalación de software adicional• Copias de seguridad


What Are User Accounts and Groups?

ComponentDescription

User name A name that a user uses to log in to a system (also known as a login name).

Password A secret combination of characters that a user must enter with a user name to gain access to a system.

User's home directory A directory that is usually the user's current directory at login. It typically contains most of the user's files.

User initialization files Shell scripts that control how the user's working environment is set up when a user logs in to a system.


/etc/passwd• The fields in the passwd file are

separated by colons and contain the following information:

username:password:uid:gid:comment:home-directory:login-shell


Default passwd File Entries User Name User ID Descriptionroot 0

Superuser account

daemon 1 Umbrella system daemon associated with updating calendars, and so forth

bin 2 Administrative daemon associated with running system binaries to perform some routine system task

sys 3 Administrative daemon associated with system logging or updating files in temporary directories

adm 4 Administrative daemon associated with system logging

lpd 71 Line printer daemon

uucp 5 uucp daemon

nuucp 6 uucp daemon

listen 37 Network listener daemon

nobody 60001 Anonymous user account, assigned by an NFS server when a request is received from an unauthorized root user. The nobody user account is assigned to software processes that do not need nor should have any special permissions.

noaccess 60002 Account assigned to a user or a process that needs access to a system through some application but without actually logging in.

nobody4 65534 SunOS 4.0 or 4.1 version of nobody user account.


Default passwd File

root:x:0:1:Super-User:/:/sbin/sh daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: lp:x:71:8:Line Printer Admin:/usr/spool/lp:uucp:x:5:5:uucp Admin:/usr/lib/uucp:nuucp:x:9:9:uucp

Admin:/var/spool/uucppublic:/usr/lib/uucp/uucicolisten:x:37:4:Network Admin:/usr/net/nls:nobody:x:60001:60001:Nobody:/:noaccess:x:60002:60002:No Access User:/: nobody4:x:65534:65534:SunOS 4.x Nobody:/:


/etc/shadow• The fields in the shadow file are


username:password:lastchg:min:max:warn:inactive:expire


Fields in the shadow File Field Name Descriptionusername Contains the user or login name.password Might contain the following entries: a 13-character encrypted

user password; the string *LK*, which indicates an inaccessible account; or the string NP, which indicates no password for the account.

lastchg Indicates the number of days between January 1, 1970, and the last password modification date.

min Contains the minimum number of days required between password changes.

max Contains the maximum number of days the password is valid before the user is prompted to specify a new password.

inactive Contains the number of days a user account can be inactive before being locked.

expire Contains the absolute date when the user account expires. Past this date, the user cannot log in to the system.


/etc/group• The fields in the group file are


group-name:group-password:gid:user-list


Reserved UID Numbers

User ID Numbers Login Accounts Reserved For ...0 - 99 root, daemon, bin,

sys, etc.System accounts

100 - 2147483647 Regular users General purpose accounts

60001 nobody Unauthenticated users

60002 noaccess Compatibility with Solaris 2.0 and compatible versions and SVR4 releases


Working with user accounts

• Add– useradd

• Modify– usermod

• Del– userdel


Working with group accounts

• Add– groupadd

• Modify– groupmod

• Del– groupdel


Using Large User IDs and Group IDs

• Previous Solaris software releases used 32-bit data types to contain the user IDs (UIDs) and group IDs (GIDs), but UIDs and GIDs were constrained to a maximum useful value of 60000.

• Starting with the Solaris 2.5.1 release and compatible versions, the limit on UID and GID values has been raised to the maximum value of a signed integer, or 2147483647.

• UIDs and GIDs over 60000 do not have full functionality and are incompatible with many Solaris features, so avoid using UIDs or GIDs over 60000.


Passwords • combination of six to eight letters, numbers, or special characters

• Good choices for passwords include: – Phrases (beammeup)– Nonsense words made up of the first letters of every word in a phrase

(swotrb for SomeWhere Over The RainBow)– Words with numbers or symbols substituted for letters (sn00py for

snoopy)• Do not use these choices for passwords:

– Your name, forwards, backwards, or jumbled– Names of family members or pets– Car license numbers – Telephone numbers– Social Security numbers– Employee numbers– Names related to a hobby or interest– Seasonal themes, such as Santa in December– Any word in the dictionary


Home Directories• /export/home/username

– AutoFS

• /home/username


Practice


User's Work Environment

• Each login shell has its own user initialization file (or files)

• When a user logs in to a system, the user's work environment is determined by initialization files that are defined by the user's startup shell, such as the C, Korn, or Bourne shell


User's Work Environment

ShellUser Initialization

File PurposeBourne $HOME/.profile Defines user's environment at login

C $HOME/.cshrc Defines user's environment for all C

shells; invoked after login shell

$HOME/.login Defines user's environment at login

Korn $HOME/.profile Defines user's environment at login

$HOME/$ENV Defines user's environment at login in the file; specified by the Korn shell's ENV environment variable


Default User Initialization Files

Shell Default FileC

/etc/skel/local.login

/etc/skel/local.cshrc

Bourne or Korn /etc/skel/local.profile


User Initialization FilesShell Files Created

C The /etc/skel/local.cshrc and the /etc/skel/local.login files are copied into the user's home directory and are renamed .cshrc and .login.

Bourne and Korn The /etc/skel/local.profile file is copied into the user's home directory and renamed .profile.

When the accounts are created with Admintool:


General user’s environment files

$HOME/.cshrc initial commands for each csh

$HOME/.hushlogin suppresses login messages

$HOME/.login user's login commands for csh

$HOME/.profile user's login commands for sh and ksh

$HOME/.rhosts private list of trusted hostname/username combinations

/etc/motd message-of-the-day

/etc/nologin message displayed to users attempting to login during machine shutdown

/etc/passwd password file

/etc/profile system-wide sh and ksh login commands

/etc/shadow list of users' encrypted passwords


/var/adm/lastlog time of last login

/var/adm/utmp accounting

/var/adm/wtmp accounting

/var/mail/your-name mailbox for user your-name

General files

Historia de Solaris

Documents

Transcript of Historia de Solaris