Beginning Ubuntu Linux - From Novice To Professional (2006)

Figure 30-1. Adding new users and groups is easy courtesy of the Users and Groups program.

Fill out the fields on the Account tab, and optionally the Advanced and User Privileges tabs, as follows:

Account: As during initial installation, you’re invited to enter a username for the user as well as the real name. The username is how the user is identified to the system, while the real name is how the user will be identified to other users. You can enter contact information under the relevant heading if you wish, but this isn’t strictly necessary. However, you do need to set an initial password for the user. To ensure accuracy, enter it twice. Alternatively, the system can generate a random password from letters and numbers, but this may be harder for the user to remember.

Advanced: Here, you can alter various additional settings for the user. The chief one is assigning a user profile. The default for additional users is Desktop. This is a restricted account, which means that the user won’t be able to administer the system or change settings. If you want the user to have these powers, click Administrator. Beneath this, you’ll see various technical settings that can remain unchanged. However, you might like to change the main group for the user. By default, he will belong to a unique group based on his username (indicated by $user). However, you could add the new user to your own group by selecting it from the list. Depending on your use of file permissions, this could grant the user access to your files.

■Caution Many groups are listed in the Main Group drop-down list. Nearly all of these relate to the way the Linux operating system operates and can be ignored. You should never, ever delete any of these, or add a user to them!

User Privileges: The settings on this tab offer much more control over what a user can and cannot do on the system. Here, you can prevent users from using certain hardware, such as scanners or modems. You can also control whether the user is able to administer the system. Simply put a check alongside any relevant boxes.

Deleting a user is simply a matter of highlighting the username in the list and clicking the Delete button. Note that the user’s /home/ directory won’t be deleted. You must do this manually with superuser powers, and it’s best accomplished from the command-line prompt (see Chapter 14 for an introduction to basic file-manipulation shell commands).

Creating and Deleting Groups via the GUI

Adding a group is simply a matter of clicking the Groups tab in the Users and Groups program window (System Administration Users and Groups). After clicking the Add button, you’ll be prompted to give the group a name. The group ID (GID) will be automatically filled in for you, but you could choose a different number if you have good reason to do so (remember to keep it above 1000 to keep in line with the way Ubuntu operates).

It isn’t essential that you add users to the group there and then but, once again, you’ll see a lot of user accounts in the list that belong to the system and are vital to the way Ubuntu operates. You shouldn’t add any of these to your new group, and you should never, ever delete any of these user accounts!

As with user accounts, deleting a group is simply a matter of highlighting it in the list and clicking the Delete button. You should ensure that the group no longer has any members before doing this because, perhaps surprisingly, Ubuntu won’t prevent you from deleting an active group (although it will warn you that this is a bad thing to do). Deleting an active group has the effect of preventing all users who belong to it from logging in.

Adding and Deleting Users and Groups at the Command Line

You can create new users at the command-line shell by using the useradd command. This command must be run with superuser powers, which is to say that it must be prefaced with the sudo command.

The command to add a user is normally used in the following way:

sudo useradd -m <username>

The -m command option tells the command to create a home directory for the user. Used on its own, useradd merely updates system files with the new user’s details and nothing else. There are several other useful command options, which can be discovered by a quick browse of the command’s man page.

Creating a new user this way will automatically add him to the users group. However, the Ubuntu way of working is to give each user his own group based on his username. Therefore, you will always need to create a new group for the user before you create the user account itself, using the groupadd command, as follows:

sudo groupadd <groupname>

Then you need to specify this group with the -g switch when creating a new user:

sudo useradd -m -g <username> <groupname>

For example, the following command creates a user called raymond and adds him to the group raymond:

sudo useradd -m -g raymond raymond

There’s another more annoying issue relating to groups when you’re creating a user account at the command line. Most users are members not only of their own group, but also of several system groups. These groups relate to various hardware and software functions. For example, membership of the audio group is required if the user wants to be able to use the sound card and hear audio. This is necessary because of the way Linux works. Therefore, you need to add new users to these groups if they’re to make full use of the system. These groups are described as supplementary groups.

Use the id command to display user and group information. On my test system, typing the following:

id keir

revealed the following groups:

uid=1000(keir) gid=1000(keir) groups=1000(keir),4(adm),20(dialout),24(cdrom),25(floppy),29(audio),30(dip),44 (video),36(plugdev),104(lpadmin),105(scanner),106(admin)

All those after my main group, 1000(keir), are supplementary groups. For a list of what they do, see Table 30-1.

Table 30-1. System Groups Within Ubuntu

Table 30-1. System Groups Within Ubuntu

As you might have guessed, to manually add a user under Ubuntu, you must not only create a group and then add the user to it, but you must also add that user to the required selection of supplementary groups. Some are mandatory, such as audio, while others are optional, depending on how much freedom you want to afford the new user.

You can add a user to supplementary groups by using the -G switch with adduser. Here’s how to add a new user called raymond to the system so that he is able to make full use of the system (having first created a group called raymond):

sudo useradd -m -g raymond -G adm,dialout,cdrom,floppy,audio,dip,video,plugdev, lpadmin,scanner,tape,fax,admin raymond

Additionally, creating a new user using useradd won’t automatically apply a password to the account. Ubuntu can’t work with passwordless accounts, so until one is applied, the new account will be locked. You can add a password using the passwd command, as discussed in the next section.

Deleting a user is mercifully simple compared to this! Use the userdel command, as follows:

sudo userdel <username>

This won’t remove raymond’s /home/ directory, however. That must be done manually. Similarly, to delete a group, use the groupdel command:

sudo groupdel <groupname>

Adding and Changing Passwords

On a default Ubuntu installation, ordinary users are able to change their passwords at the shell. The command for any user to change his password is simple:

passwd

The user will be asked to confirm his current password, and then to enter the new password twice, to confirm that it has been typed correctly.

Alternatively, by adopting superuser powers, a user can change the password of another account:

sudo passwd <username>

This is necessary just after you create a new user account because it isn’t given a password automatically. For obvious security reasons Ubuntu won’t allow blank passwords.

You can enter just about anything as a password, but you should bear in mind some common-sense rules. Ideally, passwords should be at least eight characters long and contain letters, numbers, and even punctuation symbols. You might also want to include both uppercase and lowercase letters.

A number of command options can be specified along with the passwd command when it used with superuser powers. For example, the -l option will lock the specified account so that it can’t be accessed (the -u option will unlock it).

■Tip You can temporarily switch into any user account by typing su <username>. When you’ve finished, simply type exit to return to your own account.

Summary

In this chapter, we looked at the principles behind user and group accounts under Ubuntu. We’ve examined how user and group accounts can be created, edited, and deleted using the GUI, as well as the command-line prompt. We also looked at how passwords can be manipulated by the individual users themselves and by a user with superuser powers.

In the next chapter, we’ll look at how the system can be optimized. You’ll also learn about several interesting and important system tools.

■Note Actually, the /etc/rc directories don’t contain the scripts. They merely contain symbolic links to scripts, which are contained in /etc/init.d.

The initialization scripts take care of the basics of the system, ensuring that vital hardware and software services are started. Initialization scripts are considered critical in order for the system to run correctly.

Numbered run-level scripts are more optional. They provide services the user may or may not need, depending on how the computer will be used. For example, a numbered run-level script might start the printing service. Another numbered run-level script might start the GUI components. Some users may not need either of these, so they could be removed.

Ubuntu has seven groups of numbered run-level scripts, ranging from 0 through 6. Each defines the mode in which the computer is running. For example, run level 1 is single-user mode. This means that only one user can log in, and networking is disabled (usually, many other nonessential services are not activated either).

■Note Run level 6 is reboot mode and exists simply to reboot the system, while run level 0 is halt mode and will shut down the system. You’ll probably never come into direct contact with these run levels. Instead the programs you use to shut down or restart the system, such as the System Log Out option within GNOME, use these run levels.

On Ubuntu, run levels 2 through 5 are defined as multiuser. Technically speaking, this means that they allow more than one user to log on, but actually, they’re the day-to-day running modes of the computer. Run level 2 is the default run level under Ubuntu and, just as the system initialization scripts are contained in /etc/rcS.d, run level 2 scripts are contained in /etc/rc2.d, as shown in Figure 31-1.

■Note In fact, Ubuntu’s run levels 2 through 5 are identical. Run levels 3 through 5 might be described as spares, existing merely for further expansion possibilities. For what it’s worth, it’s theoretically possible to utilize run levels 7, 8, and 9, but few people do so because 2 through 5 offer more than most users need.

You might think that once the run-level scripts have completed, the system is ready to be used. But that’s not the case. Although you’ll be able to log on when the run-level scripts have finished, the GNOME desktop has yet to start, and this, too, has its own set of initialization processes. It needs to start its own set of programs, such as notification area applets, which provide handy functions like on-screen volume control.

Figure 31-1. The scripts for each run level are contained in the /etc/rcX.d directories, where X is the run-level number.

Once all that has finished, you can use the computer!

Because so much must take place for your system to come to life, booting Ubuntu can take some time. On my test system, it averaged between one and two minutes. Certainly, you can shave some time from this.

Reducing the Boot Menu Delay

Getting rid of the GRUB boot menu delay can save some waiting around in the early stages of the boot process. The delay can be reduced to a second, or even eradicated completely. Of course, in such a case, you won’t be able to choose which operating system you want to load if you’re dual-booting with Windows. Even if Ubuntu is the only operating system on your computer, without the boot delay, you won’t have the chance to boot into recovery mode, as offered on the GRUB menu. So you need to consider whether this is a worthwhile time-saving measure.

The boot menu delay is stated in the /boot/grub/menu.lst file. You can load this into the Gedit text editor by typing the following:

sudo gedit /boot/grub/menu.lst

Look for the line that begins with timeout, as shown in Figure 31-2, and change the value to whatever you wish. The units are counted in seconds, so a value of 3 equates to three seconds. A value of zero (0) will mean the boot menu won’t appear at all. Generally speaking, a delay of a second (1) gives you just enough time to hit a key at the appropriate time, and this will then cancel the countdown, meaning the boot menu will stay on your screen until you select an option.

When you’ve finished, save the file and quit Gedit.

Figure 31-2. You can stop the GRUB menu hanging around for so long by changing the timeout value in its configuration file.

Optimizing Initialization and Run-Level Services

Perhaps it goes without saying that the majority of bootup time is spent starting the run-level scripts. This is when the entire system comes to life—hardware and essential software services are activated. But this isn’t to say that all run-level scripts are essential.

■Note A service is a piece of background software that provides something that you, the user, need on a day-to-day basis. Some services manage hardware, such as the graphical interface, printing services, and networking. Some services provide software services, such as logging files or checking the system clock against a time server.

The one-size-fits-all approach of Ubuntu means that some services that are started up aren’t always necessary. A good example is the Bluetooth service. This is started up on every single Ubuntu system, yet only a fraction of users will ever use it. Therefore, if you don’t use Bluetooth hardware (and are certain you never will), you can safely disable it and retrieve the chunk of memory it uses, as well as the amount of time it takes to start during bootup.

Approximately 60 run-level scripts start on a typical boot. By selective pruning, you can easily remove around a quarter or even a third of these, but caution is advised. You’re altering a fundamental aspect of your system configuration, and one simple mistake can make the difference between a system that works and one that is no longer able to boot.

Disabling Run-Level Scripts

You can use the Services Settings program (System Administration Services) to control which run-level scripts start at bootup, but, sadly, it doesn’t allow the enabling/disabling of initialization (run level S) scripts. It allows you to edit only certain numbered run-level scripts. Therefore, you need to download a command-line program called SysV Runlevel Config that can do the job. It offers a pseudo-graphical interface by which services can be activated and deactivated on all run levels, including S.

To obtain the SysV Runlevel Config program, use the Synaptic Package Manager. (If you haven’t already set up the Synaptic Package Manager to use online repositories, see Chapter 8.) Select System Administration Synaptic Package Manager, click Search, and search for sysv-rc-conf. Mark it for installation, and then click Apply.

Open a GNOME Terminal window (Applications Accessories Terminal), and then maximize it to the full size of the screen. Then type the following to start the SysV Runlevel Config program:

sudo sysv-rc-conf –s 2S

This command runs SysV Runlevel Config showing only run levels 2 and S, to remove potential confusion between run levels.

The program’s interface, shown in Figure 31-3, is simple. On the left, you see a list of the various scripts that are contained in the /etc/init.d directory and are therefore available for use during bootup (both initialization scripts and numbered run-level scripts). Not all of them are used. Those that aren’t used are there in case they will be needed in future, or are provided for legacy reasons so that some software will work correctly. Along the top of the program window are the run levels you’re going to edit: 2 and S.

If the check box next to a service has an X in it, that script is run on that particular run level. You can change this by navigating to the check box with the cursor keys and pressing the spacebar. You can scroll through the list of services by moving the cursor down to the bottom of the screen, or by pressing Ctrl+N to scroll down a page. Ctrl+P will move you up a page.