After completing the basic system setup and the installation of all selected software packages, provide a password for the account of the system administrator (the root user). You can then configure your Internet access and network connection. With a working Internet connection, you can perform an update of the system as part of the installation. You can also configure a name server for centralized user administration in a local network. Finally, you can configure the hardware devices connected to the machine.
root is the name of the superuser, the administrator of the system. Unlike regular users, which may or may not have permission to do certain things on the system, root has unlimited power to do anything: change the system configuration, install programs, and set up new hardware. If users forget their passwords or have other problems with the system, root can help. The root account should only be used for system administration, maintenance, and repair. Logging in as root for daily work is rather risky: a single mistake could lead to irretrievable loss of many system files.
For verification purposes, the password for root must be entered twice, as shown in Figure 1.13. “Setting the root Password”. Do not forget the root password. Once entered, this password cannot be retrieved.
|The root User|
The user root has all the permissions needed to make changes to the system. To carry out such tasks, the root password is required. You cannot carry out any administrative tasks without this password.
You can now configure any network devices for a connection to the outside world, such as network cards, modems, and ISDN or DSL hardware. If you have such devices, it is a good idea to configure them now, because an Internet connection allows YaST to retrieve any available SUSE LINUX updates and include them in the installation.
To configure your network hardware at this stage, refer to 22.4. “Network Integration”. Otherwise, select and click . The network hardware can also be configured after the system installation has been completed.
When you connect to a network, a firewall is started automatically on the configured interface. The configuration of the firewall is suitable for the respective interface. The firewall settings are also displayed in the network configuration dialog. The configuration proposal for the firewall is updated automatically every time the configuration of the interfaces or services is modified. To adapt the automatic settings to your own preferences, click 184.108.40.206. “Configuration with YaST”.-> . In the new dialog, determine whether the firewall should be started. If you do not want the firewall to be started, select the appropriate option and exit the dialog. To start and configure the firewall, click for a series of dialogs similar to those described in
If you have configured an Internet connection, you can test it now. For this purpose, YaST establishes a connection to the SUSE server and checks if any product updates are available for your version of SUSE LINUX. If there are such updates, they can be included in the installation. Also, the latest release notes are downloaded. You can read them at the end of the installation.
If you do not want to test the connection at this point, selectthen . This also skips downloading product updates and release notes.
If YaST was able to connect to the SUSE servers, select whether to perform a YaST online update. If there are any patched packages available on the servers, download and install them now to fix known bugs or security issues.
|Downloading Software Updates|
The download of updates might take quite some time, depending on the bandwidth of the Internet connection and on the size of the update files.
To perform a software update immediately, select 2.3.2. “YaST Online Update”. This kind of update can be performed at any time after the installation. If you prefer not to update now, select then click .and click . This opens YaST's online update dialog with a list of the available patches (if any), which can be selected and loaded. To learn about the process, read
If the network access was configured successfully during the previous steps of the installation, you now have four possibilities for managing user accounts on your system.
Local user administration on the installed host. This is a suitable option for stand-alone workstations. The user data is managed by the local file /etc/passwd.
Central user administration on an LDAP server for all systems in the network.
Central user administration on a NIS server for all systems in the network.
SMB authentication in mixed Linux and Windows networks.
If all requirements are met, YaST opens a dialog in which to select the user administration method. It is shown in Figure 1.16. “User Authentication”. If you do not have the necessary network connection, create local user accounts.
To implement the user administration via NIS, configure a NIS client in the next step. This section only describes the configuration of the client side. Configuration of a NIS server with YaST is described in 22.8. “NIS — Network Information Service”.
In the following dialog, shown in Figure 1.17. “NIS Client Configuration”, first select whether the host has a static IP address or gets one via DHCP. If you select DHCP, you cannot specify a NIS domain or NIS server address, because these are provided by the DHCP server. Information about DHCP is available in 22.11. “DHCP”. If a static IP address is used, specify the NIS domain and the NIS server manually.
To search for NIS servers broadcasting in the network, check the relevant option. You can also specify several NIS domains and set a default domain. For each domain, selectto specify several server addresses or enable the broadcast function on a per-domain basis.
In the expert settings, use ypbind.to prevent other network hosts from being able to query which server your client is using. If you activate , responses from servers on unprivileged ports are also accepted. For more information, refer to the man page of
If you decide against a name server for user authentication, create local users. Any data related to user accounts (name, login, password, etc.) is stored and managed on the installed system.
Linux is an operating system that allows several users to work on the same system at the same time. Each user needs a user account to log in to the system. By having user accounts, the system gains a lot in terms of security. For instance, regular users cannot change or delete files needed for the system to work properly. At the same time, the personal data of a given user cannot be modified, viewed, or tampered with by other users. Each user can set up his own working environment and always find it unchanged when logging back in.
A user account can be created using the dialog shown in Figure 1.18. “Entering the User Name and Password”. After entering the first name and last name, specify a user name (login). Click for the system to generate a user name automatically.
Finally, enter a password for the user. Reenter it for confirmation (to ensure that you did not type something else by mistake). The user name tells the system who a user is and the password is used to verify this identity.
|User Name and Password|
Remember both your user name and the password because they are needed each time you log in to the system.
To provide effective security, a password should be between five and eight characters long. The maximum length for a password is 128 characters. However, if no special security modules are loaded, only the first eight characters are used to discern the password. Passwords are case-sensitive. Special characters like umlauts are not allowed. Other special characters (7-bit ASCII) and the digits 0 to 9 are allowed.
Two additional options are available for local users:
Checking this box sends the user messages created by the system services. These are usually only sent to root, the system administrator. This option is useful for the most frequently used account, because it is highly recommended to log in as root only in special cases.
This option is only available if KDE is used as the default desktop. It automatically logs the current user into the system when it starts. This is mainly useful if the computer is operated by only one user.
With the automatic login enabled, the system boots straight into your desktop with no authentication whatsoever. If you store sensitive data on your system, you should not enable this option if the computer can also be accessed by others.
After completing the user authentication setup, YaST displays the release notes. Reading them is advised because they contain important up-to-date information that was not available when the manuals were printed. If you have installed update packages, you will be reading the most recent version of the release notes, as fetched from SUSE's servers.