6. The TERM environment, if it has been set, is preserved.
7. The HOME, PATH, SHELL, TERM, MAIL, and LOGNAME environment variables are set. (If the
-p option is used, all preexisting environmental variables are preserved.)
8. The PATH defaults to /usr/local/bin:/bin:/usr/bin: for normal users and to
/sbin:/bin:/usr/sbin:/usr/bin for root.
9. Normal greeting messages and mail checking are disabled if the file .hushlogin
exists in the users’ home directory; otherwise, those messages display at the end of
the logon process.
10. The user’s command shell is started at this point, presenting the user with a
command prompt. If no shell is specified for the user in
/etc/passwd, /bin/sh is
used by default. (Some UNIX operating systems will just log you back out.) If no
home directory is specified in
/etc/passwd, / is used.
When you log in as a regular user, the files that control your environment are found in
your
/home/username directory. These configuration files are normally hidden from view
because their filename is preceded by a period (as in
.bashrc—these are known as dot
files).
The name of the file indicates which program it is associated with. The files
.bash_
logout, .bash_profile, and .bashrc all determine how the bash shell is used by the user.
(These files can, of course, be preset by the system administrator with the user given only
read access, so the files cannot be changed. Other shells have their own associated files.)
Other files might be present depending on the system and the system administrator. The
point is that the environment of each user can be set globally through the use of files in
/etc/skel and individually by allowing user modification of the files in their /home direc-
tory (or not, depending on the system administration policies).
The system logs all user logins, as well as all uses of
su and sudo commands for the sysad-
min’s review. (The
init, syslogd, and klogd applications create the logs.) Modern secu-
rity-monitoring programs (or simple scripts you create) can scan these files (such as
/var/log/messages) for anomalies and signal possible security violations.
Disk Quotas
On large systems with many users, you need to control the amount of disk space a user
has access to. Disk quotas are designed for this purpose. Quotas, managed per each parti-
tion, can be set for both individual users as well as groups; quotas for the group need not
be as large as the aggregate quotas for the individuals in the groups.
Disk Quotas
287
14
When files are created, both a user and a group own them; ownership of the files is
always part of the metadata about the files. This makes quotas based on both users and
groups easy to manage.
NOTE
Disk quota management is never done on a home system and rarely, if ever, done on a
small office system.
To manage disk quotas, you must have the quota package installed on your system. Quota
management with Ubuntu is not enabled by default and has traditionally been enabled
and configured manually by system administrators. Sysadmins use the family of quota
commands, such as
quotacheck to initialize the quota database files, edquota to set and
edit user quotas,
setquota to configure disk quotas, and quotaon or quotaoff to control
the service. (Other utilities include
warnquota for automatically sending mail to users over
their disk space usage limit.)
Implementing Quotas
To reiterate, quotas might not be enabled by default, even if the quota software package is
installed on your system. When quotas are installed and enabled, you can see which
partitions have either user quotas, group quotas, or both by looking at the fourth field in
the
/etc/fstab file. For example, one line in /etc/fstab shows that quotas are enabled
for the
/home partition:
/dev/hda5 /home ext3 defaults,usrquota,grpquota 1 1
The root of the partition with quotas enabled will have the files quota.user or
quota.group in them (or both files, if both types of quotas are enabled), and the files will
contain the actual quotas. The permissions of these files should be
600 so that users
cannot read or write to them. (Otherwise, users would change them to allow ample space
for their music files and Internet art collections.) To initialize disk quotas, the partitions
must be remounted. This is easily accomplished with the following:
# mount -o ro,remount partition_to_be_remounted mount_point
The underlying console tools (complete with man pages) are
. quotaon, quotaoff—Toggles quotas on a partition
. repquota—A summary status report on users and groups
. quotacheck—Updates the status of quotas (compares new and old tables of disk
usage); it is run after
fsck
. edquota—A basic quota management command
CHAPTER 14 Managing Users
288

Get Ubuntu Unleashed, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.