We have useradd(8) now.
This commit is contained in:
parent
1b29e1a5d2
commit
be4a157e48
@ -1,7 +1,7 @@
|
||||
# $NetBSD: Makefile,v 1.33 1999/11/05 07:59:38 elric Exp $
|
||||
# $NetBSD: Makefile,v 1.34 1999/12/07 23:55:14 soren Exp $
|
||||
# @(#)Makefile 8.1 (Berkeley) 6/5/93
|
||||
|
||||
MAN= adduser.8 compat_freebsd.8 compat_ibcs2.8 compat_linux.8 \
|
||||
MAN= compat_freebsd.8 compat_ibcs2.8 compat_linux.8 \
|
||||
compat_osf1.8 compat_sunos.8 compat_svr4.8 compat_ultrix.8 \
|
||||
diskless.8 genassym.sh.8 intro.8 rc.8 sticky.8 yp.8
|
||||
MLINKS+= compat_svr4.8 compat_sco.8
|
||||
|
@ -1,295 +0,0 @@
|
||||
.\" $NetBSD: adduser.8,v 1.7 1999/03/17 20:31:19 garbled Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1999 The NetBSD Foundation, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This code is derived from software contributed to The NetBSD Foundation
|
||||
.\" by Eric Haszlakiewicz
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\" 3. All advertising materials mentioning features or use of this software
|
||||
.\" must display the following acknowledgement:
|
||||
.\" This product includes software developed by the NetBSD
|
||||
.\" Foundation, Inc. and its contributors.
|
||||
.\" 4. Neither the name of The NetBSD Foundation nor the names of its
|
||||
.\" contributors may be used to endorse or promote products derived
|
||||
.\" from this software without specific prior written permission.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
||||
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
||||
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
||||
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
||||
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
||||
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
||||
.\" POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd January 23, 1999
|
||||
.Dt ADDUSER 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm adduser
|
||||
.Nd procedure for adding new users
|
||||
.Sh OVERVIEW
|
||||
Although there exists an
|
||||
.Nm addnerd
|
||||
package for adding users (see the
|
||||
.Nm SEE ALSO
|
||||
section below), the standard
|
||||
.Nx
|
||||
distribution does not include an
|
||||
adduser command. This is a brief description of the actions that
|
||||
should be taken to add a user:
|
||||
|
||||
.Bl -bullet -compact
|
||||
.It
|
||||
Edit the password file and add an appropriate entry.
|
||||
.Pq Xr vipw 8 , Xr passwd 5
|
||||
.It
|
||||
Edit the group file and add the new user to the appropriate groups.
|
||||
.Pq Xr group 5
|
||||
.It
|
||||
Set a password for the new user with passwd.
|
||||
.Pq Xr passwd 1
|
||||
.It
|
||||
Create a home directory for this user.
|
||||
.Pq "see below" , Pa /usr/share/skel
|
||||
.El
|
||||
|
||||
In general, new users should be created with unique user ids and login names.
|
||||
Home directories should be owned by that user. Avoid empty passwords and
|
||||
blank lines in the password file.
|
||||
|
||||
.Sh DESCRIPTION
|
||||
Procedure for adding a new user:
|
||||
|
||||
.Ss "Adding a new user to the password file:"
|
||||
The command to safely modify the password file is
|
||||
.Ic vipw .
|
||||
\ When run as root this edits the password file after setting the
|
||||
appropriate locks. Be careful while changing the password file since
|
||||
arbitrary changes can easily compromise the security of your system.
|
||||
A more detailed description can be obtained from the
|
||||
.Xr vipw 8
|
||||
manual page.
|
||||
.Pp
|
||||
When creating a new user it is probably easiest to copy one of the existing
|
||||
entries and modify the fields as needed. For a description of the fields in
|
||||
the password file see the
|
||||
.Xr passwd 5
|
||||
manual page.
|
||||
Here are some guidelines on how to modify the password entry:
|
||||
.Bl -tag -compat -width 8n
|
||||
.It Em name
|
||||
This must be a unique login name: it must not appear in
|
||||
.Pa /etc/passwd
|
||||
or
|
||||
.Pa /etc/aliases .
|
||||
It must not begin with the hyphen
|
||||
.Ql Em -
|
||||
character.
|
||||
It is strongly recommended that is be all lower-case, and not contain the dot
|
||||
.Ql Em \&.
|
||||
character, as that tends to confuse mailers.
|
||||
.It Em password
|
||||
The easiest way to set the password is with the
|
||||
.Xr passwd 1
|
||||
program, which is mentioned below. For now, set this field to the asterisk
|
||||
.Ql Em *
|
||||
character to prevent any password from working.
|
||||
.It Em uid
|
||||
A new user should be given a user id that is unique across the system, and
|
||||
often across a group of systems, since user ids are used to control file
|
||||
access. One of the simplest way of choosing a user id is to find the
|
||||
maximum id used and add one. For example, if you started adding users at
|
||||
id 1000, and the highest id so far is 1020, the next user will have 1021
|
||||
as his id.
|
||||
.It Em gid
|
||||
This is where you should set a user's primary group. Additional group
|
||||
membership can be granted by editing the
|
||||
.Pa /etc/group
|
||||
file
|
||||
.Pq see below .
|
||||
Typically, users working on similar projects will be put in the same groups.
|
||||
For instance, at the University of California, Berkeley, there are groups
|
||||
for system staff, faculty, graduate students and special groups for large
|
||||
projects.
|
||||
.Pp
|
||||
Group
|
||||
.Em 0 ,
|
||||
named
|
||||
.Em wheel ,
|
||||
is used to control what users may use su to gain root
|
||||
privileges. Often, instead of setting a user's primary group to wheel, the
|
||||
.Pa /etc/group
|
||||
file is used to control access to this privilege. In these cases the primary
|
||||
group is set to some other group, such as the generic staff or users group.
|
||||
.It Em class , change , expire
|
||||
Ignore these field for now. Make the class field empty, the change set to "0",
|
||||
and the expire field set to "0".
|
||||
.It Em gecos
|
||||
This is where you should place, among other information, the user's name.
|
||||
For instance, if the user's name is
|
||||
.Qq John Doe ,
|
||||
this field would look like this:
|
||||
.Qq John Doe,,,
|
||||
.It Em home_dir
|
||||
This field should be set to the location of the user's home directory.
|
||||
For instance, assuming home directories are located in
|
||||
.Pa /home
|
||||
on your system, this would be set to
|
||||
.Pa /home/<username> .
|
||||
You will probably need to create this directory.
|
||||
See below for a more detailed explanation on how to create a home
|
||||
directory and what to put in it.
|
||||
.It Em shell
|
||||
Set this field to the desired shell. See
|
||||
.Xr shells 5
|
||||
for more information.
|
||||
.El
|
||||
|
||||
.Ss Setting the password:
|
||||
Once the user exists in the password file you can use the
|
||||
.Ic passwd
|
||||
utility to change his password. Executing
|
||||
.Ic passwd Ar <username>
|
||||
will prompt you for the password. If you do not wish to use password
|
||||
authentication for this user then skip this step. For instance, if you
|
||||
wanted to only allow logins though ssh RSA authentication then a password
|
||||
would be undesirable. If you do skip this step make sure that you have set
|
||||
the password to the asterisk
|
||||
.Ql *
|
||||
character in the password file. Placing nothing
|
||||
.Pq Ql
|
||||
in the password field would allow this user to login with
|
||||
.Em NO
|
||||
password. This is probably not what you want.
|
||||
|
||||
.Ss The chpass, chfn and chsh utilities:
|
||||
These utilities allow you to change a single user's infomation in a more
|
||||
user-friendly fasion than
|
||||
.Ic vipw .
|
||||
After creating the user with vipw, you may find it easier to use
|
||||
these instead.
|
||||
.Ss Editing /etc/group:
|
||||
The simplest thing to do here is to add a user onto an already existing
|
||||
group. This is done by appending the user's login name to the desired
|
||||
group line, separated from any other user names with a comma.
|
||||
.Pp
|
||||
For example, to add a user named
|
||||
.Qq Joe
|
||||
to the
|
||||
.Qq staff
|
||||
group you would change the line that looks like this:
|
||||
.Dl staff:*:20:root
|
||||
to look like this:
|
||||
.Dl staff:*:20:root,Joe
|
||||
.Pp
|
||||
Be careful of who you add to group 0, since the su utility uses this list
|
||||
to determine who is allowed to gain root privileges.
|
||||
.Pp
|
||||
For more information see
|
||||
.Xr group 5
|
||||
and
|
||||
.Xr su 1 .
|
||||
|
||||
.Ss Create the home directory:
|
||||
After you have created the user in the password file you will probably need
|
||||
to create a home directory for him. You will probably want to copy
|
||||
skeletal configuration files from
|
||||
.Em /usr/share/skel
|
||||
to give new users some help getting started.
|
||||
Finally you want to set the ownership and permissions on the directory
|
||||
and files.
|
||||
.Pp
|
||||
Assuming that you have set the home directory in the password file,
|
||||
here are the steps you will want to take:
|
||||
|
||||
.Bl -item -compact
|
||||
.It
|
||||
mkdir ~$username
|
||||
.It
|
||||
cp /usr/share/skel/dot.profile ~$username/.profile
|
||||
.It
|
||||
cp /usr/share/skel/dot.login ~$username/.login
|
||||
.It
|
||||
cp /usr/share/skel/dot.mailrc ~$username/.mailrc
|
||||
.It
|
||||
cp /usr/share/skel/dot.cshrc ~$username/.cshrc
|
||||
.It
|
||||
cp /usr/share/skel/dot.rhosts ~$username/.rhosts
|
||||
.It
|
||||
chown -R $username:$usergroup ~$username
|
||||
.It
|
||||
chmod -R 700 ~$username
|
||||
.It
|
||||
chmod 755 ~$username
|
||||
.El
|
||||
.Pp
|
||||
(If you set the username and usergroup environment variables you can cut
|
||||
and paste this list of steps.)
|
||||
.Pp
|
||||
See
|
||||
.Xr cp 1 ,
|
||||
.Xr chown 8 ,
|
||||
.Xr chmod 1
|
||||
and
|
||||
.Xr mkdir 1
|
||||
for more information about these commands.
|
||||
|
||||
.Sh SEE ALSO
|
||||
.Bl -item -compact
|
||||
.It
|
||||
.Xr vipw 8 ,
|
||||
.Xr passwd 1 ,
|
||||
.Xr group 5 ,
|
||||
.Xr passwd 5 ,
|
||||
.It
|
||||
.Xr chpass 1 ,
|
||||
.Xr chfn 1 ,
|
||||
.Xr chsh 1 ,
|
||||
.It
|
||||
.Xr pwd_mkdb 8 ,
|
||||
.Xr finger 1 ,
|
||||
.Xr aliases 5 ,
|
||||
.It
|
||||
.Xr chown 8 ,
|
||||
.Xr chmod 1 ,
|
||||
.Xr mkdir 1 ,
|
||||
.Xr cp 1 ,
|
||||
.Xr man 1
|
||||
.El
|
||||
.Pp
|
||||
For many useful programs, including
|
||||
.Em ssh
|
||||
and
|
||||
.Em addnerd
|
||||
(a utility for adding users),
|
||||
see the
|
||||
.Nx
|
||||
packages collection. Information about packages can be
|
||||
found at
|
||||
.Em http://www.netbsd.org/Documentation/software/packages.html
|
||||
|
||||
.Sh FILES
|
||||
.Bl -tag -width 20n -compact
|
||||
.It Pa /etc/passwd
|
||||
the system password file
|
||||
.It Pa /etc/group
|
||||
the system group file
|
||||
.It Pa /usr/share/skel/*
|
||||
skeletal login directory
|
||||
.El
|
||||
|
||||
.Sh BUGS
|
||||
User information should (and eventually will) be stored elsewhere.
|
Loading…
Reference in New Issue
Block a user