File:  [NetBSD Developer Wiki] / wikisrc / tutorials / user_management.mdwn
Revision 1.6: download - view: text, annotated - select for diffs
Fri Apr 5 09:43:35 2019 UTC (2 years, 7 months ago) by leot
Branches: MAIN
CVS tags: HEAD
Avoid to directly use HTML tags by adding newlines for code parts.

    1: **Contents**
    2: 
    3: [[!toc levels=2]]
    4: 
    5: #Preface
    6: 
    7: Before you start to do user and group management you must: 
    8: 
    9: 1. For security reasons, create substitute user and name it as you like, here it is referred as _noroot_: 
   10: 
   11:     # useradd -m -G wheel _noroot_
   12: 
   13: 2. Set password for _noroot_ user: 
   14: 
   15:     # passwd _noroot_
   16: 
   17: 3. Exit and log in as _noroot_ user. 
   18: 
   19: 4. Use the `su` command to obtain the root privileges for _noroot_: 
   20:     
   21:     $ su
   22:     
   23: 
   24: 5. Forget to use the `root` for maintenance or regular administration of the system. You free to find any secure and convenient spot for the root password be available upon your need. 
   25: 
   26:   
   27: If your favorite user with login password is already assigned in the system and no need to create new one. Omit first steps from above. Do modify user information by adding _your no root user_ into the wheel group and `su` anytime per your desire: 
   28:     
   29:     # usermod -G wheel _noroot_
   30:     
   31: 
   32: #[**User**](http://netbsd.gw.com/cgi-bin/man-cgi?user++NetBSD-current)
   33: 
   34: The NetBSD maintains information in regard of each user who logs into, access system, runs processes on so forth. This include and not limited to: 
   35:     
   36:     - user name
   37:     - password
   38:     - group
   39:     - base_dir
   40:     - skel_dir
   41:     - shell
   42:     - class
   43:     - homeperm
   44:     - inactive
   45:     - expire
   46:     
   47: 
   48: The superuser called root has no limitations on its privileges. 
   49: 
   50: To limit user priveleges consider to set limits by: coredumpsize, cputime, filesize, quota, maxproc, memory, openfiles etc. 
   51: 
   52: `user` is frontend to the useradd, usermod, userinfo and userdel commands, it helps to manage users in the system. 
   53: 
   54: Use [id](http://netbsd.gw.com/cgi-bin/man-cgi?id+1+NetBSD-current) to see user identity: 
   55: 
   56:     $ id
   57:     
   58: 
   59: Use [w](http://netbsd.gw.com/cgi-bin/man-cgi?w+1+NetBSD-current) to see who present and what they are doing: 
   60: 
   61:     $ w
   62:     
   63: 
   64: Use [last](http://netbsd.gw.com/cgi-bin/man-cgi?last+1+NetBSD-current) to see last logins: 
   65: 
   66: 
   67:     $ last
   68:     
   69: 
   70: ##  [useradd](http://netbsd.gw.com/cgi-bin/man-cgi?useradd++NetBSD-current)
   71: 
   72: To add user do: 
   73:     
   74:     user add [options] _user_
   75:     
   76: 
   77: To add a user and create a new home directory: 
   78:     
   79:     # useradd -m _myuser_
   80:     
   81: 
   82: Look into the NetBSD Guide [Chapter 5.6](http://netbsd.org/docs/guide/en/chap-boot.html#chap-boot-adding-users)
   83: 
   84: ##  [userinfo](http://netbsd.gw.com/cgi-bin/man-cgi?userinfo++NetBSD-current)
   85: 
   86: To see user information do: 
   87:     
   88:     $ userinfo _myuser_
   89:     
   90: 
   91: ##  [usermod](http://netbsd.gw.com/cgi-bin/man-cgi?usermod++NetBSD-current)
   92: 
   93: To modify existing user login do: 
   94:     
   95:     # user mod [options] _user_
   96:     
   97:     
   98:     # usermod -C yes _username_             ; set Close lock on user account
   99:     
  100:     
  101:     # usermod -C no _username_              ; unlock user account
  102:     
  103:     
  104:     # usermod -G wheel _username_           ; add user to group _wheel_
  105:     
  106:     
  107:     # usermod -s /sbin/nologin _username_   ; remove login shell
  108:     
  109:     
  110:     # usermod -s /bin/sh _username_         ; set login shell
  111:     
  112:     
  113:     # usermod -F _username_                 ; force user to change password
  114:     
  115: 
  116: ##  [userdel](http://netbsd.gw.com/cgi-bin/man-cgi?userdel++NetBSD-current)
  117: 
  118: To remove a user from the system do: 
  119:     
  120:     # userdel _myuser_
  121:     
  122: 
  123: ##  [passwd](http://netbsd.gw.com/cgi-bin/man-cgi?passwd++NetBSD-current)
  124: 
  125: To see a list of all users in the system do: 
  126:     
  127:     $ cat /etc/passwd
  128:     
  129: 
  130: To edit _/etc/passwd_ file do: 
  131:     
  132:     # vipw
  133:     
  134: 
  135: ##  [chpass](http://netbsd.gw.com/cgi-bin/man-cgi?chpass++NetBSD-current)
  136: 
  137: Use [chpass, chfn, chsh]((http://netbsd.gw.com/cgi-bin/man-cgi?chpass+1+NetBSD-current)) to add or change user database information. 
  138: 
  139: To change the shell of _myuser_, for an exapmle to /bin/ksh: 
  140:     
  141:     # chpass -s /bin/ksh _myuser_
  142:     
  143: 
  144:   
  145: 
  146: 
  147: #  [**Group**](http://netbsd.gw.com/cgi-bin/man-cgi?group++NetBSD-current)
  148: 
  149: To manage groups check `/etc/group` file which maintains name of each group, group id and list of users who is a group member. 
  150: 
  151: `group` is frontend to the groupadd, groupmod, groupinfo and groupdel commands, it helps to manage groups in the system. 
  152: 
  153: To add group do: 
  154:     
  155:     group add [options] _group_
  156:     
  157: 
  158: To delete group do: 
  159:     
  160:     group del [options] _group_
  161:     
  162: 
  163: To obtain group information do: 
  164:     
  165:     group info [options] _group_
  166:     
  167: 
  168: To modify existing group do: 
  169:     
  170:     group mod [options] _group_
  171:     
  172: 
  173: To remove user from the group you have to do `user del` and then add user again. 
  174: 
  175: ##  [groupadd](http://netbsd.gw.com/cgi-bin/man-cgi?groupadd+8+NetBSD-current)
  176: 
  177: ##  [groupdel](http://netbsd.gw.com/cgi-bin/man-cgi?groupdel+8+NetBSD-current)
  178: 
  179: ##  [groupinfo](http://netbsd.gw.com/cgi-bin/man-cgi?groupinfo+8+NetBSD-current)
  180: 
  181: ##  [groupmod](http://netbsd.gw.com/cgi-bin/man-cgi?groupmod+8+NetBSD-current)
  182: 
  183: #  Other
  184: 
  185: ##  [chmod](http://netbsd.gw.com/cgi-bin/man-cgi?chmod++NetBSD-current)
  186: 
  187: ##  [chown](http://netbsd.gw.com/cgi-bin/man-cgi?chown++NetBSD-current)
  188: 
  189: To change files/directory ownership: 
  190:     
  191:     #chown -R  myuser path 
  192:     
  193: 
  194: Where myuser is the name of user and path is directory where files are located. 
  195: 
  196: ##  [chgrp](http://netbsd.gw.com/cgi-bin/man-cgi?chgrp++NetBSD-current)
  197: 
  198: ##  [chroot](http://netbsd.gw.com/cgi-bin/man-cgi?chroot++NetBSD-current)
  199: 
  200: ##  [quota](http://netbsd.gw.com/cgi-bin/man-cgi?quota++NetBSD-current)
  201: 
  202: Use quota to set users quotas per desire. 
  203: 
  204: #  See also
  205: 
  206:   * [[How to set up per-user timezones]]
  207:   * How to [[Hide other user's processes]]
  208:   * [[Userland version]]
  209:   * [[The_NetBSD_System_Manager's_Manual#Users_and_Accounts_Management]]

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb