Logging in to the RPZ desktop for the first time, creating users, and rebooting
We've taken care of the initial configuration; let's wrap up this chapter by covering a few finishing touches in the configuration, creating users, and giving them power!
How to do it...
- After you select Finish on the
raspi-configtool, it will ask whether you'd like to reboot. Select Yes, and the Raspberry Pi Zero will begin its power-down process. When it starts back up, it will take you right back to the Raspbian desktop. You can reboot the Pi anytime with this command:sudo reboot now - Boot Options: After your reboot completes, reopen the Terminal screen and run
sudo raspi-configagain. Select the third option, Boot Options. There are four different boot mode options to choose from:
The Boot Options menu
- Here, you can choose to start the Raspbian desktop or just boot into a command-line interface. It also gives you choices on requiring logins or not; if automatic login is chosen, you won't need to enter the password, so if you want a little bit of security, select one of the options that require the user to log in. My preference is Text console, requiring user to login, because it gives you a bit of security and requires less CPU and memory than running the desktop. If I need the desktop, it is simple to start it with
startx. You can do a lot with Linux just from the command line, so a lot of the time, the desktop GUI isn't necessary. - Overclocking: Option 8, Overclocking, returns a rather un-fun message to the user. I'm not sure whether this is the latest version of Raspian's
raspi-configprogram or whether it applies to both the Raspberry Pi Zero and the Raspberry Pi 3, but the same message was returned on both.An attempt to overclock from
raspi-configdoes not return an optimistic response:
No overclock for you!
It was discovered in late 2015 that overclocking options on the Raspberry Pi Zero only caused it to slow down, so the latest version of
raspi-configdoes not assist with overclocking. This doesn't mean it is impossible, however-just not advised. - Open the following file:
$ sudo grep arm /boot/config.txt #uncomment to overclock the arm. 700 MHz is the default. #arm_freq=800
- This does hint that overclocking is still possible at startup using the
config.txtfile. Commenting outarm_freq=800in the/boot/config.txtfile to a higher frequency should work, although the Raspberry Pi community suggests that it doesn't, and perhaps even reduces performance. Even more interestingly, looking at the running settings of a Raspberry Pi Zero suggests that it is already being overclocked to 1 GHz, compared to the former setting of 700 MHz on older Raspberry Pi models:$ cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq 1000000 $ cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq 1000000 $ cat /sys/devices/system/cpu/cpu0/cpufreq/ scaling_available_frequencies 700000 1000000
This output suggests that it is already running at 1 GHz and has options to run from 700 MHz to 1 GHz. You can play around with overclocking, and I suppose it was possible to push the B+ Pis to the 1.1 GHz range-you will probably see too much instability from setting it to anything much higher than that. If it becomes unusable, you should be able to recover by commenting out your
arm_freqchange in theconfig.txtfile from a stable machine. Now let's work on creating new users: - Creating new users is very easy on Raspbian. Here, we will create one named
rpzwith a home directory located in/home/rpz:pi@raspberrypi:~ $ sudo adduser rpz --home /home/rpz Adding user `rpz' ... Adding new group `rpz' (1002) ... Adding new user `rpz' (1002) with group `rpz' ... Creating home directory `/home/rpz' ... Copying files from `/etc/skel' ... Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Changing the user information for rpz Enter the new value, or press ENTER for the default Full Name []: Raspberry Pi Cookbook Room Number []: Work Phone []: 123-456-7890 Home Phone []: 234-456-7890 Other []: Is the information correct? [Y/n] y
- This will create the new user's home directory and prompt you for the password. Once you have this set up, you can log on as this user. This will give the user their own home directory in
/home/usernameand the ability to execute applications. The users are stored in a file called/etc/passwd. - To look at your user, you can look at the end of this file:
pi@rpz14101:~ $ cat /etc/passwd | tail -5 lightdm:x:109:114:Light Display Manager:/var/lib/lightdm:/bin/false pulse:x:110:116:PulseAudio daemon,,,:/var/run/pulse:/bin/false rtkit:x:111:118:RealtimeKit,,,:/proc:/bin/false ed:x:1001:1001::/home/ed:/bin/bash rpz:x:1002:1002:Raspberry Pi Cookbook,,123-456 -7890,234-456-7890:/home/rpz:/bin/bash
- The last entry is the user just created:
rpz:x:1002:1002:Raspberry Pi Cookbook,,123-456- 7890,234-456-7890:/home/rpz:/bin/bash
This breaks down to fields separated by a colon (:):
rpzis the namexindicates that there is an encrypted password stored in the/etc/shadowfile1002is the user ID1002is also the group ID, automatically generated when the user was created- The next few fields are user ID Information
/home/rpzis the home directory-the location the user will start in when they log on/bin/bashis the default command shell-the shell that the user will use when logging in.
There's more...
Before logging on as your new user, you might want to give them the ability to do superuser things, like the pi account does. Let's take a look at how to give your new user more powers!
Note
What is this sudo thing anyway? If you are new to Linux, it probably seems strange to see a lot of these commands start with sudo. This command means superuser-do, which puts the command in a temporary elevated state. sudo is intended to prevent regular users from being able to do something they shouldn't (such as formatting a disk or deleting a filesystem), but it gives certain users powers to do those things if they specifically ask for elevation. It also logs attempts at trying to run things with elevated permissions that users were not given permission to do. It should become more clear as we move through the cookbook, but if you find yourself typing a command, failing, and then typing it again with sudo when you realize your mistake, you are already living the life of many experienced Linux users.
To give your user the ability to run as a superuser, use the visudo tool:
sudo visudo
This opens an edit window of the sudoers file, which will allow you to give your new user special permissions. Look down to where the pi user is already set up, and add rpz ALL=(ALL) ALL, like this:
#includedir /etc/sudoers.d pi ALL=(ALL) NOPASSWD: ALL rpz ALL=(ALL) ALL
This gives your user the same permissions as the pi user, but requires that you enter a password when executing something that requires elevated permissions. This way, you can prevent the unauthorized execution of things that only a superuser should execute.
You can try logging in as our new user and trying to sudo. The touch command creates an empty file wherever you tell it to. If you don't have permissions to write, the touch command will fail. We will try logging on as our rpz user and trying touch with and without sudo, in a directory that requires elevated permission to write to. Use the su command to log on as another user:
pi@rpz14101:~ $ sudo su - rpz rpz@rpz14101:~ $ touch /opt/testsudo.deleteme touch: cannot touch '/opt/testsudo.deleteme': Permission denied rpz@rpz14101:~ $ sudo touch /opt/testsudo.deleteme [sudo] password for rpz: rpz@rpz14101:~ $ ls /opt minecraft-pi pigpio sonic-pi testsudo.deleteme vc Wolfram
Excellent! You now have superuser abilities (but remember, Spider-Man, with great power comes great responsibility), and whoever is executing them needs to know your password (which is only you, of course). If you'd prefer to keep the permissions the same as the pi user, you can sudo visudo the permissions again and set your user's settings to NOPASSWD: ALL, just like for the pi user.
There is a collection of user and group commands you can use beyond adduser: addgroup, usermod, and userdel are all good things to put in your administrator's toolbox. For pretty much any Linux command, adding --help (for example, useradd --help) or prefixing with man (man useradd) will provide you with instructions and options for what you can do with it:
rpz@rpz14101:~ $ useradd --help Usage: useradd [options] LOGIN useradd -D useradd -D [options] Options: -b, --base-dir BASE_DIR base directory for the home directory of the new account -c, --comment COMMENT GECOS field of the new account -d, --home-dir HOME_DIR home directory of the new account -D, --defaults print or change default useradd configuration -e, --expiredate EXPIRE_DATE expiration date of the new account -f, --inactive INACTIVE password inactivity period of the new account -g, --gid GROUP name or ID of the primary group of the new account -G, --groups GROUPS list of supplementary groups of the new account -h, --help display this help message and exit -k, --skel SKEL_DIR use this alternative skeleton directory -K, --key KEY=VALUE override /etc/login.defs defaults -l, --no-log-init do not add the user to the lastlog and faillog databases -m, --create-home create the user's home directory -M, --no-create-home do not create the user's home directory -N, --no-user-group do not create a group with the same name as the user -o, --non-unique allow to create users with duplicate (non-unique) UID -p, --password PASSWORD encrypted password of the new account -r, --system create a system account -R, --root CHROOT_DIR directory to chroot into -s, --shell SHELL login shell of the new account -u, --uid UID user ID of the new account -U, --user-group create a group with the same name as the user -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping
