System Accounts System accounts are those needed for (Web host music)
System Accounts System accounts are those needed for the operation of system-specific components. They include, for example, the mail account (for electronic mail functions) and the sshd account (for ssh functionality). System accounts are generally provided by the operating system during installation or by a software manufacturer (including in-house developers). They generally assist in the running of services or programs that the users require. There are many different types of system accounts, and some of them may not exist on your Unix system. For instance, some of the system account names you may find in your /etc/passwd file (discussed later in this chapter) are adm, alias, apache, backup, bin, bind, daemon, ftp, guest, gdm, gopher, halt, identd, irc, kmem, listen, mail, mysql, named, noaccess, nobody, nobody4, ntp, root, rpc, rpcuser, and sys. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system. Do not modify them unless you have done your research on their functionality and have tested the system with any changes. User Accounts User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories. Generally you want to use eight characters or fewer in an account name, but this is no longer a requirement for all Unix systems. For interoperability with other Unix systems and services, however, you will most likely want to restrict your account names to eight characters or fewer. An account name is the same as a username. Group Accounts Group accounts add the capability to assemble other accounts into logical arrangements for simplification of privilege (permission) management. Unix permissions (which are discussed in depth in Chapter 4) are placed on files and directories and are granted in three subsets: the owner of the file, also known as the user; the group assigned to the file, also known simply as group; and anyone who has a valid login to the system but does not fall into either the owner or group subsets, also known as others. The existence of a group enables a resource or file owner to grant access to files to a class of people. For example, say that a company with about 100 employees uses a central Unix server for all activities from production to research to support objectives. Three of the employees compose the company s human resources (HR) staff; they often deal with sensitive information, including salaries, pay raises, and disciplinary actions. The HR staff has to store its information on the server everyone else uses, but its directory, Human_Resources, needs to be protected so that others cannot view the contents. To enable HR to set specific permissions on its files that allow access only to HR staff, the three staff members are put into a group called hr. The permissions on the Human_Resources directory can then be set to allow those members to view and modify files, while excluding all who fall into the other group (everyone else). One of the strengths of groups is that an account can belong to many groups, based on access requirements. For instance, the two members of the internal audit team may need to access everyone s data, but their directory, called Audit, needs to be protected from everyone else s account. To do this, they can belong to all groups and still have a special audit group in which they are the only members. This situation is discussed later in the chapter. 30 Chapter 3
Note: If you are looking for best quality webspace to host and run your tomcat application check Vision personal web hosting services