Linux administrator Manual (6)-Logon and logout

Article Title: Linux administrator Manual (6)-Logon and logout. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
Sales
　　
Description of what happens when a user logs on and logs off. Detailed descriptions of background process interactions, log files, configuration files, etc.
　　
Log On Through a terminal
　　
First, check that there is a getty program provided to the terminal for connection (or console ). The getty listening terminal waits for the user to tell it to log on (which usually means that the user must enter something ). When it notices a user, getty outputs a welcome message (in/etc/issue), prompts the user name, and finally runs the login program. Use login as a parameter to get the user name and prompt the user to enter the password. If it is correct, login starts the shell set for this user; otherwise, it exits and terminates the process (maybe after giving the user another chance to enter the user name and password ). Init notices that the process is terminated and starts a new getty for the terminal.
　　
Note that the only new process is generated by init (called by the fork system). getty and login are only programs that replace the process running (called by the exec system ).
　　
For users, serial lines require a separate program, because terminal activities can be (traditionally) Complicated. Getty also adapts to the connection speed and other settings, which is especially important for dial-up connections, because the connection and connection parameters may be different.
　　
Getty and init are available in multiple versions, each with its own advantages and disadvantages. It is a good idea to learn about your system version and other versions (you can use Linux Software Map .) If you do not dial in, you may not need to consider getty, but init is still very important.
　　
Log On Through the network
　　
Two computers in a network are usually connected by a physical cable. When they communicate over the network, the programs in each computer involved in the communication communicate through virtual connection, that is, some fictitious cables. The programs at each end of the virtual connection exclusively own (virtual) cables. However, because the cable is not true, it is just fictitious. The operating systems of all computers can have multiple virtual connections on the same physical cable. In this way, only one cable is used, and multiple programs can communicate with each other without considering other communication. It is possible to use the same cable to make multiple computers; there are virtual connections between two computers, and other computers will ignore the connections they do not participate in.
　　
It is a complex and abstract real description. However, it may be sufficient to understand the important reasons for the differences between network logon and Common Logon. Virtual connection is established when two programs on different computers need to communicate. Theoretically, it is possible to log on to any computer from any computer on the network, so there may be a huge amount of potential virtual communication. Therefore, it is unrealistic to start a getty for each potential login.
　　
One process, inetd (in collaboration with getty), processes all network logins. When it finds an incoming network login (that is, a new virtual connection from another computer), it starts a new process to process that login. The original process continues to listen for new logins.
　　
What's more complicated is that network logon has multiple communication protocols. The two most important protocols are telnet and rlogin. In addition to logon, there are many other virtual connections that may be established (for FTP, Gopher, HTTP, and other network services ). It is not very effective to provide a process for each type of connection to be listened on. Therefore, only one listener can be used to identify the connection type and start the correct program to provide services. This listener is called inetd. For more information, see the Linux Network Management Guide.
What does login do?
　　
The login program authenticates the user (confirming that the user name matches the password), establishes a serial line, starts the shell, and establishes the user's initial environment.
　　
Some initialization settings are the content of the output file/etc/motd (daily short message) and check the email. A file named. hushlogin can be generated in the user's home directory, which is invalid as described above.
　　
If the file/etc/nologin exists, logon is not allowed. This file is generally generated by shutdown and related things. Login checks this file. If this file exists, login rejects logon. If this file exists, login will output its content to the terminal before exiting.
　　
Login registers all failed login attempts in the System log File (through syslog ). It also registers all root logins. These are useful for tracking intruders.
　　
Currently logged-on users are listed in/var/run/utmp. This file is valid until the system is started or shut down next time. It is cleared when the system is started. It lists the terminals (or network connections) used by each user and user, and some useful information. Who, w, and other similar commands view who is logged on to the utmp file.
　　
All successful logon records are in/var/log/wtmp. This file will increase without limit, so regular cleanup is required. For example, there is a weekly cron task to clear it. Last Command to browse the wtmp file.
　　
Utmp and wtmp are both in binary format (see the man page of utmp). Unfortunately, they cannot be viewed without special programs.
　　
X and xdm
　　
META: X implements logins via xdm; also: xterm-ls
　　
Access Control
　　
User databases are traditionally included in the/etc/passwd file. Some systems use shadow passwords and move the passwords to/etc/shadow. Many computer sites can share accounts using NIS or other methods for storing user databases; they may also automatically replicate databases from the central location to all other computers.
　　
The user database not only contains passwords, but also other user information, such as the real name, home directory, and logon shell. This other information needs to be shared so that everyone can read it. Therefore, passwords are encrypted and saved. This disadvantage is that anyone can use different encryption methods to guess the password instead of trying to log on to the computer. The shadow password tries to move the password to other files to avoid this situation. Only the root user can read the password (the password is encrypted and saved ). However, installing shadow passwords later onto a system that did not support them can be difficult.
　　
Regardless of the password, it is important to confirm that all the passwords in the system are good, that is, it is difficult to guess. The crack program can be used to crack passwords. Any password that can be precisely identified is not a good password. At the same time, crack can run for intruders or by the system administrator to avoid bad passwords. A good password can also be forced by the passwd program; this is very effective for the CPU cycle, because the password cracking requires a lot of computing.
　　
The User group database is saved in the/etc/group file. The system with the shadow password is/etc/shadow. group.
　　
Generally, root users cannot log on through more terminals or networks. They can only log on through terminals listed in the/etc/securetty file. This enables physical access to one of these terminals. Of course, you may also use any terminal to log on with any support, and then use the su command to become the root.
　　
Shell startup
　　
When an interactive logon shell is started, it automatically executes one or more predefined files. Different shells execute different files. For more information, see the document of each shell.
　　
Most shells first run some global files, such as The Bourne shell (/bin/sh) and the/etc/profile that it extracts for execution. In addition, they execute. profile in the user's home directory. /Etc/profile allows the system administrator to create a public user environment, especially to create a PATH to include local command directories. In addition, the. profile allows users to customize the environment by covering their own tastes. If necessary, the use of the environment is indeed saved.