4. What happens when you log in?
When you log in (give a name to getty) you
identify yourself to the computer. It then runs a program called
(naturally enough) login, which takes your password and
checks to see if you are authorized to be using the machine. If you
aren't, your login attempt will be rejected. If you are, login does a few
housekeeping things and then starts up a command interpreter, the
shell. (Yes, getty and
login could be one program. They're separate for
historical reasons not worth going into here.)
Here's a bit more about what the system does before giving you a shell
(you'll need to know this later when we talk about file permissions).
You identify yourself with a login name and password. That login name is
looked up in a file called /etc/passwd, which is a sequence of lines each
describing a user account.
One of these fields is an encrypted version of the account password
(sometimes the encrypted fields are actually kept in a second /etc/shadow
file with tighter permissions; this makes password cracking harder). What
you enter as an account password is encrypted in exactly the same way, and
the login program checks to see if they match. The
security of this method depends on the fact that, while it's easy to go
from your clear password to the encrypted version, the reverse is very
hard. Thus, even if someone can see the encrypted version of your
password, they can't use your account. (It also means that if you forget
your password, there's no way to recover it, only to change it to something
else you choose.)
Once you have successfully logged in, you get all the privileges
associated with the individual account you are using. You may also be
recognized as part of a
group.
A group is a named collection of users set up by the system administrator.
Groups can have privileges independently of their members’ privileges. A
user can be a member of multiple groups. (For details about how Unix
privileges work, see the section below on permissions.)
(Note that although you will normally refer to users and groups by
name, they are actually stored internally as numeric IDs. The password
file maps your account name to a user ID; the
/etc/group
file maps group names to numeric group IDs. Commands that deal with
accounts and groups do the translation automatically.)
Your account entry also contains your home
directory, the place in the Unix file system where
your personal files will live. Finally, your account entry also sets your
shell,
the command interpreter that login will start up to
accept your commmands.