File:  [NetBSD Developer Wiki] / wikisrc / tutorials / user_management.mdwn
Revision 1.11: download - view: text, annotated - select for diffs
Wed Sep 9 14:28:56 2020 UTC (2 months, 2 weeks ago) by kim
Branches: MAIN
CVS tags: HEAD
Use man template

    1: **Contents**
    2: 
    3: [[!toc levels=2]]
    4: 
    5: #Preface
    6: 
    7: Before you start to do user and group management you must: 
    8: 
    9: 1. For security reasons, create substitute user and name it as you like, here it is referred as _noroot_: 
   10: 
   11: [[!template id=programlisting text="""
   12: # useradd -m -G wheel _noroot_
   13: """]]
   14: 
   15: 2. Set password for _noroot_ user: 
   16: 
   17: [[!template id=programlisting text="""
   18: # passwd _noroot_
   19: """]]
   20: 
   21: 3. Exit and log in as _noroot_ user. 
   22: 
   23: 4. Use the `su` command to obtain the root privileges for _noroot_: 
   24:     
   25: [[!template id=programlisting text="""
   26: $ su
   27: """]]
   28:     
   29: 
   30: 5. Forget to use the `root` for maintenance or regular administration of the system. You free to find any secure and convenient spot for the root password be available upon your need. 
   31: 
   32:   
   33: If your favorite user with login password is already assigned in the system and no need to create new one. Omit first steps from above. Do modify user information by adding _your no root user_ into the wheel group and `su` anytime per your desire: 
   34:     
   35: [[!template id=programlisting text="""
   36: # usermod -G wheel _noroot_
   37: """]]
   38:     
   39: 
   40: #**User**
   41: 
   42: The NetBSD maintains information in regard of each user who logs into, access system, runs processes on so forth. This include and not limited to: 
   43:     
   44:  - user name
   45:  - password
   46:  - group
   47:  - base_dir
   48:  - skel_dir
   49:  - shell
   50:  - class
   51:  - homeperm
   52:  - inactive
   53:  - expire
   54:     
   55: 
   56: The superuser called root has no limitations on its privileges. 
   57: 
   58: To limit user priveleges consider to set limits by: coredumpsize, cputime, filesize, quota, maxproc, memory, openfiles etc. 
   59: 
   60: `[[!template id=man name="user" section="8"]]` is frontend to the useradd, usermod, userinfo and userdel commands, it helps to manage users in the system. 
   61: 
   62: Use [[!template id=man name="id" section="1"]] to see user identity: 
   63: 
   64:     $ id
   65:     
   66: 
   67: Use [[!template id=man name="w" section="1"]] to see who present and what they are doing: 
   68: 
   69:     $ w
   70:     
   71: 
   72: Use [[!template id=man name="last" section="1"]] to see last logins: 
   73: 
   74: 
   75:     $ last
   76:     
   77: 
   78: ##  [[!template id=man name="useradd" section="8"]]
   79: 
   80: To add user do: 
   81:     
   82:     user add [options] _user_
   83:     
   84: 
   85: To add a user and create a new home directory: 
   86:     
   87:     # useradd -m _myuser_
   88:     
   89: 
   90: Look into the NetBSD Guide [Chapter 5.6](http://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-adding-users)
   91: 
   92: ##  [[!template id=man name="userinfo" section="8"]]
   93: 
   94: To see user information do: 
   95:     
   96:     $ userinfo _myuser_
   97:     
   98: 
   99: ##  [[!template id=man name="usermod" section="8"]]
  100: 
  101: To modify existing user login do: 
  102:     
  103:     # user mod [options] _user_
  104:     
  105:     
  106:     # usermod -C yes _username_             ; set Close lock on user account
  107:     
  108:     
  109:     # usermod -C no _username_              ; unlock user account
  110:     
  111:     
  112:     # usermod -G wheel _username_           ; add user to group _wheel_
  113:     
  114:     
  115:     # usermod -s /sbin/nologin _username_   ; remove login shell
  116:     
  117:     
  118:     # usermod -s /bin/sh _username_         ; set login shell
  119:     
  120:     
  121:     # usermod -F _username_                 ; force user to change password
  122:     
  123: 
  124: ##  [[!template id=man name="userdel" section="8"]]
  125: 
  126: To remove a user from the system do: 
  127:     
  128:     # userdel _myuser_
  129:     
  130: 
  131: ##  [[!template id=man name="passwd" section="5"]]
  132: 
  133: To see a list of all users in the system do: 
  134:     
  135:     $ cat /etc/passwd
  136:     
  137: 
  138: To edit _/etc/passwd_ file do: 
  139:     
  140:     # vipw
  141:     
  142: 
  143: ##  [[!template id=man name="chpass" section="1"]]
  144: 
  145: Use chpass, chfn, and chsh ([[!template id=man name="chpass" section="1"]]) to add or change user database information. 
  146: 
  147: To change the shell of _myuser_, for an exapmle to /bin/ksh: 
  148:     
  149:     # chpass -s /bin/ksh _myuser_
  150:     
  151: 
  152:   
  153: 
  154: 
  155: #  **Group**
  156: 
  157: To manage groups check `/etc/group` file which maintains name of each group, group id and list of users who is a group member. 
  158: 
  159: `[[!template id=man name="group" section="8"]]` is frontend to the groupadd, groupmod, groupinfo and groupdel commands, it helps to manage groups in the system. 
  160: 
  161: To add group do: 
  162:     
  163:     group add [options] _group_
  164:     
  165: 
  166: To delete group do: 
  167:     
  168:     group del [options] _group_
  169:     
  170: 
  171: To obtain group information do: 
  172:     
  173:     group info [options] _group_
  174:     
  175: 
  176: To modify existing group do: 
  177:     
  178:     group mod [options] _group_
  179:     
  180: 
  181: To remove user from the group you have to do `user del` and then add user again. 
  182: 
  183: ##  [[!template id=man name="groupadd" section="8"]]
  184: 
  185: ##  [[!template id=man name="groupdel" section="8"]]
  186: 
  187: ##  [[!template id=man name="groupinfo" section="8"]]
  188: 
  189: ##  [[!template id=man name="groupmod" section="8"]]
  190: 
  191: #  Other
  192: 
  193: ##  [[!template id=man name="chmod" section="1"]]
  194: 
  195: ##  [[!template id=man name="chown" section="8"]]
  196: 
  197: To change files/directory ownership: 
  198:     
  199:     #chown -R  myuser path 
  200:     
  201: 
  202: Where myuser is the name of user and path is directory where files are located. 
  203: 
  204: ##  [[!template id=man name="chgrp" section="1"]]
  205: 
  206: ##  [[!template id=man name="chroot" section="8"]]
  207: 
  208: ##  [[!template id=man name="quota" section="1"]]
  209: 
  210: Use quota to set users quotas per desire. 
  211: 
  212: #  See also
  213: 
  214:   * [[How to set up per-user timezones]]
  215:   * How to [[Hide other user's processes]]
  216:   * [[Userland version]]
  217:   * [[The_NetBSD_System_Manager's_Manual#Users_and_Accounts_Management]]

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb