Diff for /wikisrc/tutorials/user_management.mdwn between versions 1.1 and 1.11

version 1.1, 2011/11/21 03:22:58 version 1.11, 2020/09/09 14:28:56
Line 1 Line 1
 **Contents**  **Contents**
   
 [[!toc levels=2]]  [[!toc levels=2]]
   
 #Preface  #Preface
   
 Before you start to do user and group management you must:  Before you start to do user and group management you must: 
   
 1. For security reasons, create substitute user and name it as you like, here it is referred as _noroot_:  1. For security reasons, create substitute user and name it as you like, here it is referred as _noroot_: 
 <pre><code>      
     # useradd -m -G wheel _noroot_  [[!template id=programlisting text="""
 </code></pre>      # useradd -m -G wheel _noroot_
   """]]
 2. Set password for _noroot_ user:  
 <pre><code>      2. Set password for _noroot_ user: 
     # passwd _noroot_  
 </code></pre>  [[!template id=programlisting text="""
   # passwd _noroot_
 3. Exit and log in as _noroot_ user.  """]]
   
 4. Use the **su** command to obtain the root privileges for _noroot_:  3. Exit and log in as _noroot_ user. 
      
     $ su  4. Use the `su` command to obtain the root privileges for _noroot_: 
          
   [[!template id=programlisting text="""
 5. Forget to use the **root** for maintenance or regular administration of the system. You free to find any secure and convenient spot for the root password be available upon your need.  $ su
   """]]
        
 If your favorite user with login password is already assigned in the system and no need to create new one. Omit first steps from above. Do modify user information by adding _your no root user_ into the wheel group and **su** anytime per your desire:  
      5. Forget to use the `root` for maintenance or regular administration of the system. You free to find any secure and convenient spot for the root password be available upon your need. 
     # usermod -G wheel _noroot_  
        
   If your favorite user with login password is already assigned in the system and no need to create new one. Omit first steps from above. Do modify user information by adding _your no root user_ into the wheel group and `su` anytime per your desire: 
 #[**User**](http://netbsd.gw.com/cgi-bin/man-cgi?user++NetBSD-current)      
   [[!template id=programlisting text="""
 The NetBSD maintains information in regard of each user who logs into, access system, runs processes on so forth. This include and not limited to:  # usermod -G wheel _noroot_
      """]]
     - user name      
     - password  
     - group  #**User**
     - base_dir  
     - skel_dir  The NetBSD maintains information in regard of each user who logs into, access system, runs processes on so forth. This include and not limited to: 
     - shell      
     - class   - user name
     - homeperm   - password
     - inactive   - group
     - expire   - base_dir
       - skel_dir
    - shell
 The superuser called root has no limitations on its privileges.   - class
    - homeperm
 To limit user priveleges consider to set limits by: coredumpsize, cputime, filesize, quota, maxproc, memory, openfiles etc.   - inactive
    - expire
 **user** is frontend to the useradd, usermod, userinfo and userdel commands, it helps to manage users in the system.      
   
 Use [id](http://netbsd.gw.com/cgi-bin/man-cgi?id+1+NetBSD-current) to see user identity:  The superuser called root has no limitations on its privileges. 
   
 **$ id**  To limit user priveleges consider to set limits by: coredumpsize, cputime, filesize, quota, maxproc, memory, openfiles etc. 
      
   `[[!template id=man name="user" section="8"]]` is frontend to the useradd, usermod, userinfo and userdel commands, it helps to manage users in the system. 
 Use [w](http://netbsd.gw.com/cgi-bin/man-cgi?w+1+NetBSD-current) to see who present and what they are doing:  
   Use [[!template id=man name="id" section="1"]] to see user identity: 
 **$ w**  
          $ id
       
 Use [last](http://netbsd.gw.com/cgi-bin/man-cgi?last+1+NetBSD-current) to see last logins:  
   Use [[!template id=man name="w" section="1"]] to see who present and what they are doing: 
   
 **$ last**      $ w
          
   
 ##  [[basics/useradd]]  Use [[!template id=man name="last" section="1"]] to see last logins: 
   
 To add user do:  
          $ last
     **user add** [options] _user_      
      
   ##  [[!template id=man name="useradd" section="8"]]
 To add a user and create a new home directory:  
      To add user do: 
     **# useradd -m** _myuser_      
          user add [options] _user_
       
 Look into the NetBSD Guide [Chapter 5.6](http://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-adding-users)  
   To add a user and create a new home directory: 
 ##  [userinfo](http://netbsd.gw.com/cgi-bin/man-cgi?userinfo++NetBSD-current)      
       # useradd -m _myuser_
 To see user information do:      
      
     **$ userinfo** _myuser_  Look into the NetBSD Guide [Chapter 5.6](http://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-adding-users)
      
   ##  [[!template id=man name="userinfo" section="8"]]
 ##  [[basics/usermod]]  
   To see user information do: 
 To modify existing user login do:      
          $ userinfo _myuser_
     **# user mod** [options] _user_      
      
      ##  [[!template id=man name="usermod" section="8"]]
     **# usermod -C yes** _username_             ; set Close lock on user account  
      To modify existing user login do: 
          
     **# usermod -C no** _username_              ; unlock user account      # user mod [options] _user_
          
          
     **# usermod -G wheel** _username_           ; add user to group _wheel_      # usermod -C yes _username_             ; set Close lock on user account
          
          
     **# usermod -s /sbin/nologin** _username_   ; remove login shell      # usermod -C no _username_              ; unlock user account
          
          
     **# usermod -s /bin/sh** _username_         ; set login shell      # usermod -G wheel _username_           ; add user to group _wheel_
          
          
     **# usermod -F** _username_                 ; force user to change password      # usermod -s /sbin/nologin _username_   ; remove login shell
          
       
 ##  [userdel](http://netbsd.gw.com/cgi-bin/man-cgi?userdel++NetBSD-current)      # usermod -s /bin/sh _username_         ; set login shell
       
 To remove a user from the system do:      
          # usermod -F _username_                 ; force user to change password
     **# userdel** _myuser_      
      
   ##  [[!template id=man name="userdel" section="8"]]
 ##  [[basics/passwd]]  
   To remove a user from the system do: 
 To see a list of all users in the system do:      
          # userdel _myuser_
     $ cat /etc/passwd      
      
   ##  [[!template id=man name="passwd" section="5"]]
 To edit _/etc/passwd_ file do:  
      To see a list of all users in the system do: 
     # vipw      
          $ cat /etc/passwd
       
 ##  [[basics/chpass]]  
   To edit _/etc/passwd_ file do: 
 Use [chpass, chfn, chsh]((http://netbsd.gw.com/cgi-bin/man-cgi?chpass+1+NetBSD-current)) to add or change user database information.      
       # vipw
 To change the shell of _myuser_, for an exapmle to /bin/ksh:      
      
     **# chpass -s /bin/ksh** _myuser_  ##  [[!template id=man name="chpass" section="1"]]
      
   Use chpass, chfn, and chsh ([[!template id=man name="chpass" section="1"]]) to add or change user database information. 
    
   To change the shell of _myuser_, for an exapmle to /bin/ksh: 
       
 #  [**Group**](http://netbsd.gw.com/cgi-bin/man-cgi?group++NetBSD-current)      # chpass -s /bin/ksh _myuser_
       
 To manage groups check **/etc/group** file which maintains name of each group, group id and list of users who is a group member.  
     
 **group** is frontend to the groupadd, groupmod, groupinfo and groupdel commands, it helps to manage groups in the system.  
   
 To add group do:  #  **Group**
      
     **group add** [options] _group_  To manage groups check `/etc/group` file which maintains name of each group, group id and list of users who is a group member. 
      
   `[[!template id=man name="group" section="8"]]` is frontend to the groupadd, groupmod, groupinfo and groupdel commands, it helps to manage groups in the system. 
 To delete group do:  
      To add group do: 
     **group del** [options] _group_      
          group add [options] _group_
       
 To obtain group information do:  
      To delete group do: 
     **group info** [options] _group_      
          group del [options] _group_
       
 To modify existing group do:  
      To obtain group information do: 
     **group mod** [options] _group_      
          group info [options] _group_
       
 To remove user from the group you have to do **user del** and then add user again.  
   To modify existing group do: 
 ##  [groupadd](http://netbsd.gw.com/cgi-bin/man-cgi?groupadd+8+NetBSD-current)      
       group mod [options] _group_
 ##  [groupdel](http://netbsd.gw.com/cgi-bin/man-cgi?groupdel+8+NetBSD-current)      
   
 ##  [groupinfo](http://netbsd.gw.com/cgi-bin/man-cgi?groupinfo+8+NetBSD-current)  To remove user from the group you have to do `user del` and then add user again. 
   
 ##  [groupmod](http://netbsd.gw.com/cgi-bin/man-cgi?groupmod+8+NetBSD-current)  ##  [[!template id=man name="groupadd" section="8"]]
   
 #  Other  ##  [[!template id=man name="groupdel" section="8"]]
   
 ##  [[basics/chmod]]  ##  [[!template id=man name="groupinfo" section="8"]]
   
 ##  [[basics/chown]]  ##  [[!template id=man name="groupmod" section="8"]]
   
 To change files/directory ownership:  #  Other
      
     #chown -R  myuser path  ##  [[!template id=man name="chmod" section="1"]]
      
   ##  [[!template id=man name="chown" section="8"]]
 Where myuser is the name of user and path is directory where files are located.  
   To change files/directory ownership: 
 ##  [[basics/chgrp]]      
       #chown -R  myuser path 
 ##  [[basics/chroot]]      
   
 ##  [[basics/quota]]  Where myuser is the name of user and path is directory where files are located. 
   
 Use quota to set users quotas per desire.  ##  [[!template id=man name="chgrp" section="1"]]
   
 #  See also  ##  [[!template id=man name="chroot" section="8"]]
   
   * [[How to set up per-user timezones]]  ##  [[!template id=man name="quota" section="1"]]
   * How to [[Hide other user's processes]]  
   * [[Userland version]]  Use quota to set users quotas per desire. 
   * [[The_NetBSD_System_Manager's_Manual#Users_and_Accounts_Management]]  
   #  See also
   
     * [[How to set up per-user timezones]]
     * How to [[Hide other user's processes]]
     * [[Userland version]]
     * [[The_NetBSD_System_Manager's_Manual#Users_and_Accounts_Management]]

Removed from v.1.1  
changed lines
  Added in v.1.11


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb