Date: Sat, 05 Aug 2006 13:12:08 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: beno <beno@web.vi> Cc: freebsd-questions@freebsd.org Subject: Re: User Information (Easy Questions!) Message-ID: <44D48B18.3020401@infracaninophile.co.uk> In-Reply-To: <44D478C2.5040205@web.vi> References: <44D478C2.5040205@web.vi>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigC61F19E87E1EC7B6F3C4A8FC
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
beno wrote:
> Hi;
> * How do I find out which users have access to the box and what their
> permissions/groups are?
Type:
% id username
which will tell you the users' UID and what groups they are a member of.
> * How do I edit those permissions/groups?
Unless you're using NIS or LDAP or some other directory program, then
all you need to do is edit the /etc/master.passwd and /etc/group files.
You can do that directly; use the vipw(8) command to edit
the password file safely and to automatically rebuild /etc/passwd the=20
various .db files from /etc/master.passwd, but beware that screwing up
the password file can lock you out of the machine.
However using the pw(8) command is recommended.
> * If I delete a user, does that affect the files/programs he installed,=
> etc?
No -- file and program ownership is recorded in the filesystem using
the UID and GID numbers. Deleting the user from the password file remove=
s
the human readable name and the password needed to log in and the mapping=
from username to UID. The files will still exist in the system, but
when you look at the ownership of them using ls(1) you'll see a number=20
instead of a name for the owner.
Note: this is potentially a problem. If the UID number gets reused for a=
different account, that new user will get all the ownership rights to the=
old users' files. It can often be a better policy to disable an old acco=
unt
-- set the password field in /etc/master.passwd to '!!' and change the sh=
ell
to /sbin/nologin -- rather than to delete it.
You can also get a report on any 'unowned' files in the weekly periodic
e-mail by adding
weekly_noid_enable=3D"YES"
to /etc/periodic.conf
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------enigC61F19E87E1EC7B6F3C4A8FC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE1Ise8Mjk52CukIwRCJNyAJ9xmxiQd5Kb1TK2EcYxzEpvkGKWEgCfX0PF
rcL6G7y/t5kCvc4DD9XmNLc=
=4GNe
-----END PGP SIGNATURE-----
--------------enigC61F19E87E1EC7B6F3C4A8FC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44D48B18.3020401>