Annotation of wikisrc/tutorials/user_management.mdwn, revision 1.11
1.2 schmonz 1: **Contents**
2:
3: [[!toc levels=2]]
4:
5: #Preface
6:
7: Before you start to do user and group management you must:
8:
9: 1. For security reasons, create substitute user and name it as you like, here it is referred as _noroot_:
1.6 leot 10:
1.8 leot 11: [[!template id=programlisting text="""
12: # useradd -m -G wheel _noroot_
13: """]]
1.2 schmonz 14:
15: 2. Set password for _noroot_ user:
1.6 leot 16:
1.8 leot 17: [[!template id=programlisting text="""
18: # passwd _noroot_
19: """]]
1.2 schmonz 20:
21: 3. Exit and log in as _noroot_ user.
22:
1.5 sevan 23: 4. Use the `su` command to obtain the root privileges for _noroot_:
1.2 schmonz 24:
1.8 leot 25: [[!template id=programlisting text="""
26: $ su
27: """]]
1.2 schmonz 28:
29:
1.5 sevan 30: 5. Forget to use the `root` for maintenance or regular administration of the system. You free to find any secure and convenient spot for the root password be available upon your need.
1.2 schmonz 31:
32:
1.5 sevan 33: If your favorite user with login password is already assigned in the system and no need to create new one. Omit first steps from above. Do modify user information by adding _your no root user_ into the wheel group and `su` anytime per your desire:
1.2 schmonz 34:
1.8 leot 35: [[!template id=programlisting text="""
36: # usermod -G wheel _noroot_
37: """]]
1.2 schmonz 38:
39:
1.11 ! kim 40: #**User**
1.2 schmonz 41:
42: The NetBSD maintains information in regard of each user who logs into, access system, runs processes on so forth. This include and not limited to:
43:
1.9 leot 44: - user name
45: - password
46: - group
47: - base_dir
48: - skel_dir
49: - shell
50: - class
51: - homeperm
52: - inactive
53: - expire
1.2 schmonz 54:
55:
56: The superuser called root has no limitations on its privileges.
57:
58: To limit user priveleges consider to set limits by: coredumpsize, cputime, filesize, quota, maxproc, memory, openfiles etc.
59:
1.11 ! kim 60: `[[!template id=man name="user" section="8"]]` is frontend to the useradd, usermod, userinfo and userdel commands, it helps to manage users in the system.
1.2 schmonz 61:
1.11 ! kim 62: Use [[!template id=man name="id" section="1"]] to see user identity:
1.2 schmonz 63:
1.5 sevan 64: $ id
1.2 schmonz 65:
66:
1.11 ! kim 67: Use [[!template id=man name="w" section="1"]] to see who present and what they are doing:
1.2 schmonz 68:
1.5 sevan 69: $ w
1.2 schmonz 70:
71:
1.11 ! kim 72: Use [[!template id=man name="last" section="1"]] to see last logins:
1.2 schmonz 73:
74:
1.5 sevan 75: $ last
1.2 schmonz 76:
77:
1.11 ! kim 78: ## [[!template id=man name="useradd" section="8"]]
1.2 schmonz 79:
80: To add user do:
81:
1.5 sevan 82: user add [options] _user_
1.2 schmonz 83:
84:
85: To add a user and create a new home directory:
86:
1.5 sevan 87: # useradd -m _myuser_
1.2 schmonz 88:
89:
90: Look into the NetBSD Guide [Chapter 5.6](http://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-adding-users)
91:
1.11 ! kim 92: ## [[!template id=man name="userinfo" section="8"]]
1.2 schmonz 93:
94: To see user information do:
95:
1.5 sevan 96: $ userinfo _myuser_
1.2 schmonz 97:
98:
1.11 ! kim 99: ## [[!template id=man name="usermod" section="8"]]
1.2 schmonz 100:
101: To modify existing user login do:
102:
1.5 sevan 103: # user mod [options] _user_
1.2 schmonz 104:
105:
1.5 sevan 106: # usermod -C yes _username_ ; set Close lock on user account
1.2 schmonz 107:
108:
1.5 sevan 109: # usermod -C no _username_ ; unlock user account
1.2 schmonz 110:
111:
1.5 sevan 112: # usermod -G wheel _username_ ; add user to group _wheel_
1.2 schmonz 113:
114:
1.5 sevan 115: # usermod -s /sbin/nologin _username_ ; remove login shell
1.2 schmonz 116:
117:
1.5 sevan 118: # usermod -s /bin/sh _username_ ; set login shell
1.2 schmonz 119:
120:
1.5 sevan 121: # usermod -F _username_ ; force user to change password
1.2 schmonz 122:
123:
1.11 ! kim 124: ## [[!template id=man name="userdel" section="8"]]
1.2 schmonz 125:
126: To remove a user from the system do:
127:
1.5 sevan 128: # userdel _myuser_
1.2 schmonz 129:
130:
1.11 ! kim 131: ## [[!template id=man name="passwd" section="5"]]
1.2 schmonz 132:
133: To see a list of all users in the system do:
134:
135: $ cat /etc/passwd
136:
137:
138: To edit _/etc/passwd_ file do:
139:
140: # vipw
141:
142:
1.11 ! kim 143: ## [[!template id=man name="chpass" section="1"]]
1.2 schmonz 144:
1.11 ! kim 145: Use chpass, chfn, and chsh ([[!template id=man name="chpass" section="1"]]) to add or change user database information.
1.2 schmonz 146:
147: To change the shell of _myuser_, for an exapmle to /bin/ksh:
148:
1.5 sevan 149: # chpass -s /bin/ksh _myuser_
1.2 schmonz 150:
151:
152:
153:
154:
1.11 ! kim 155: # **Group**
1.2 schmonz 156:
1.5 sevan 157: To manage groups check `/etc/group` file which maintains name of each group, group id and list of users who is a group member.
1.2 schmonz 158:
1.11 ! kim 159: `[[!template id=man name="group" section="8"]]` is frontend to the groupadd, groupmod, groupinfo and groupdel commands, it helps to manage groups in the system.
1.2 schmonz 160:
161: To add group do:
162:
1.5 sevan 163: group add [options] _group_
1.2 schmonz 164:
165:
166: To delete group do:
167:
1.5 sevan 168: group del [options] _group_
1.2 schmonz 169:
170:
171: To obtain group information do:
172:
1.5 sevan 173: group info [options] _group_
1.2 schmonz 174:
175:
176: To modify existing group do:
177:
1.5 sevan 178: group mod [options] _group_
1.2 schmonz 179:
180:
1.5 sevan 181: To remove user from the group you have to do `user del` and then add user again.
1.2 schmonz 182:
1.11 ! kim 183: ## [[!template id=man name="groupadd" section="8"]]
1.2 schmonz 184:
1.11 ! kim 185: ## [[!template id=man name="groupdel" section="8"]]
1.2 schmonz 186:
1.11 ! kim 187: ## [[!template id=man name="groupinfo" section="8"]]
1.2 schmonz 188:
1.11 ! kim 189: ## [[!template id=man name="groupmod" section="8"]]
1.2 schmonz 190:
191: # Other
192:
1.11 ! kim 193: ## [[!template id=man name="chmod" section="1"]]
1.2 schmonz 194:
1.11 ! kim 195: ## [[!template id=man name="chown" section="8"]]
1.2 schmonz 196:
197: To change files/directory ownership:
198:
199: #chown -R myuser path
200:
201:
202: Where myuser is the name of user and path is directory where files are located.
203:
1.11 ! kim 204: ## [[!template id=man name="chgrp" section="1"]]
1.2 schmonz 205:
1.11 ! kim 206: ## [[!template id=man name="chroot" section="8"]]
1.2 schmonz 207:
1.11 ! kim 208: ## [[!template id=man name="quota" section="1"]]
1.2 schmonz 209:
210: Use quota to set users quotas per desire.
211:
212: # See also
213:
214: * [[How to set up per-user timezones]]
215: * How to [[Hide other user's processes]]
216: * [[Userland version]]
217: * [[The_NetBSD_System_Manager's_Manual#Users_and_Accounts_Management]]
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb