aboutsummaryrefslogtreecommitdiffstats
path: root/modules/Working/pages/post-install.adoc
blob: 5d22b76870b6d5315d623551ab148771c26755d6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
= Post Installation Recommendations

Now that your installation of Alpine Linux is up and running, you can start working with it.
The following sections will provide a list of general recommendations to ease your interactive experience - they are all optional.
The remaining sections will describe how to use (on a user level) various Alpine-native solutions, such as the package manager, firewall, and so on.

== Creating a Normal User

Now that you are up and running, you will want a normal, non-root user to perform most daily tasks with.
You can either use the built-in busybox utility `adduser`, or the utility available in the `shadow` package named `useradd`.

Here are examples for creating a user (named "john" and "jane" respectively) using the utilities `adduser` and `useradd` respectively.

[source, sh]
----
adduser -h /home/john -s /bin/ash john <1>
----
<1> Both the `-h /home/john` and `-s /bin/ash` sections may be optional. However, it is recommended to specify both, as the defaults may not be desirable.

[source, sh]
----
useradd -m -U -s /bin/ash jane <1>
----
<1> The options are, as in the previous example, optional. However, they are still highly recommended, as shown.

Once your user has been created, if the utility you used has not asked you to set a password, you should do so now, using `passwd foo`, where "foo" is the username in question.

== Granting Your User Administrative Access

Sometimes, you'll want to do something that *does* require administrative powers.
While you may switch to a different tty and log in as root, this is often inconvenient.
You may gain root privileges ad-hoc using either the built-in busybox utility `su`, or the common external utility `sudo`, available in the package named the same way.
// TODO: verify that `su` truly does not require any special group.
`sudo`, unlike `su`, will require additional configuration.
The `visudo` utility that comes with it allows you to safely edit the `sudoers` file which configures it.
The difference between `sudo` and `su` comes down to which side the permissions come from - `su` allows you to temporarily log-in as another user (and thus requires that you enter the password of the user you wish to log in as), while `sudo` allows you to perform commands (including login shells) as the target user, assuming the configuration gives you that right (meaning that your password is the one used for authentication).
Here are examples on how to use `su`, and how to configure *and* use `sudo` (in a shortened form) respectively:

[source, sh]
----
su -l root <1>
su - <2>
----
<1> `-l` means to run a login shell.
<2> A mere `-` implies `-l`, and if no user is mentioned, root is implied - this is equivalent to the example in <1>

[source, sh]
----
apk add sudo <1>
echo '%wheel ALL=(ALL) ALL' > /etc/sudoers.d/wheel <2>
adduser joe wheel <3>
sudo -i <4>
----
<1> Sudo is not installed by default.
<2> By default, `sudo` only provides permissions to root. This translates as "people in the group `wheel` are allowed to perform any command, as any user, and any group."
<3> The wheel group mentioned above is the common "administrator" group, and since we're using it, we need to add our user to said group.
<4> You may need to log out and log back in for the group listing to update. `sudo -i` is the equivalent of `su -` otherwise.