From owner-svn-doc-all@FreeBSD.ORG Mon Oct 14 16:44:16 2013 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3BCF4E3C; Mon, 14 Oct 2013 16:44:16 +0000 (UTC) (envelope-from dru@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 279BA2611; Mon, 14 Oct 2013 16:44:16 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9EGiGXm017309; Mon, 14 Oct 2013 16:44:16 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9EGiFRE017295; Mon, 14 Oct 2013 16:44:15 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201310141644.r9EGiFRE017295@svn.freebsd.org> From: Dru Lavigne Date: Mon, 14 Oct 2013 16:44:15 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r42953 - in head/en_US.ISO8859-1/books/handbook: . basics bsdinstall preface users X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 16:44:16 -0000 Author: dru Date: Mon Oct 14 16:44:15 2013 New Revision: 42953 URL: http://svnweb.freebsd.org/changeset/doc/42953 Log: This patch integrates the contents of users/chapter.xml into basics/chapter.xml. Approved by: hrs (mentor) Deleted: head/en_US.ISO8859-1/books/handbook/users/ Modified: head/en_US.ISO8859-1/books/handbook/Makefile head/en_US.ISO8859-1/books/handbook/basics/chapter.xml head/en_US.ISO8859-1/books/handbook/book.xml head/en_US.ISO8859-1/books/handbook/bsdinstall/chapter.xml head/en_US.ISO8859-1/books/handbook/chapters.ent head/en_US.ISO8859-1/books/handbook/preface/preface.xml Modified: head/en_US.ISO8859-1/books/handbook/Makefile ============================================================================== --- head/en_US.ISO8859-1/books/handbook/Makefile Mon Oct 14 15:58:30 2013 (r42952) +++ head/en_US.ISO8859-1/books/handbook/Makefile Mon Oct 14 16:44:15 2013 (r42953) @@ -275,7 +275,6 @@ SRCS+= preface/preface.xml SRCS+= printing/chapter.xml SRCS+= security/chapter.xml SRCS+= serialcomms/chapter.xml -SRCS+= users/chapter.xml SRCS+= virtualization/chapter.xml SRCS+= x11/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Mon Oct 14 15:58:30 2013 (r42952) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Mon Oct 14 16:44:15 2013 (r42953) @@ -36,6 +36,11 @@ + How to create and manage users and groups on + &os;. + + + How &unix; file permissions and &os; file flags work. @@ -286,6 +291,996 @@ console none + + + + Users and Basic Account Management + + &os; allows multiple users to use the computer at the same + time. While only one user can sit in front of the screen and + use the keyboard at any one time, any number of users can log + in to the system through the network. To use the system, each + user should have their own user account. + + This chapter describes: + + + + The different types of user accounts on a + &os; system. + + + + How to add, remove, and modify user accounts. + + + + How to set limits to control the + resources that users and + groups are allowed to access. + + + + How to create groups and add users as members of a group. + + + + + Account Types + + Since all access to the &os; system is achieved using accounts + and all processes are run by users, user and account management + is important. + + There are three main types of accounts: + system accounts, + user accounts, and the + superuser account. + + + System Accounts + + + accounts + system + + + System accounts are used to run services such as DNS, + mail, and web servers. The reason for this is security; if + all services ran as the superuser, they could act without + restriction. + + + accounts + daemon + + + accounts + operator + + + Examples of system accounts are + daemon, operator, + bind, news, and + www. + + + accounts + nobody + + + nobody is the generic unprivileged + system account. However, the more services that use + nobody, the more files and processes that + user will become associated with, and hence the more + privileged that user becomes. + + + + User Accounts + + + accounts + user + + + User accounts are + assigned to real people and are used to log in and use the + system. Every person accessing the system should have a unique + user account. This allows the administrator to find out who + is doing what and prevents users from clobbering the + settings of other users. + + Each user can set up their own environment to accommodate + their use of the system, by configuring their default shell, editor, + key bindings, and language settings. + Every user account on a &os; system has certain information + associated with it: + + + + User name + + + The user name is typed at the login: + prompt. User names must be unique on the system as no two + users can have the same user name. There are a number of + rules for creating valid user names which are documented in + &man.passwd.5;. It is recommended to use user names that consist of eight or + fewer, all lower case characters in order to maintain + backwards compatibility with applications. + + + + + Password + + + Each user account should have an associated password. While the + password can be blank, this is highly discouraged. + + + + + User ID (UID) + + + The User ID (UID) is a number + used to uniquely identify the user to the + &os; system. Commands that + allow a user name to be specified will first convert it to + the UID. It is recommended to use a UID of + 65535 or lower as higher UIDs may cause compatibility + issues with software that does not support integers larger + than 32-bits. + + + + + Group ID (GID) + + + The Group ID (GID) is a number used to uniquely identify + the primary group that the user belongs to. Groups are a + mechanism for controlling access to resources based on a + user's GID rather than their + UID. This can significantly reduce the + size of some configuration files and allows users to be + members of more than one group. It is recommended to use a GID of + 65535 or lower as higher GIDs may break some + software. + + + + + Login class + + + Login classes are an extension to the group mechanism + that provide additional flexibility when tailoring the + system to different users. Login classes are discussed + further in + + + + + Password change time + + + By default, &os; does not force users to change their + passwords periodically. Password expiration can be + enforced on a per-user basis using &man.pw.8;, forcing some or all users to + change their passwords after a certain amount of time has + elapsed. + + + + + Account expiry time + + + By default, &os; does not expire accounts. When + creating accounts that need a limited lifespan, such as + student accounts in a school, specify the account expiry + date using &man.pw.8;. After the expiry time has elapsed, the account + cannot be used to log in to the system, although the + account's directories and files will remain. + + + + + User's full name + + + The user name uniquely identifies the account to &os;, + but does not necessarily reflect the user's real name. + Similar to a comment, this information + can contain a space, uppercase characters, and be more + than 8 characters long. + + + + + Home directory + + + The home directory is the full path to a directory on + the system. This is the user's starting directory when + the user logs in. A common convention is to put all user + home directories under /home/username + or /usr/home/username. + Each user stores their personal files and subdirectories + in their own home directory. + + + + + User shell + + + The shell provides the user's default environment for + interacting with the system. There are many different + kinds of shells and experienced users will have their own + preferences, which can be reflected in their account + settings. + + + + + + + The Superuser Account + + + accounts + superuser (root) + + + The superuser account, usually called + root, is used to + manage the system with no limitations on privileges. For this + reason, it should not be used for day-to-day + tasks like sending and receiving mail, general exploration of + the system, or programming. + + The superuser, unlike other user + accounts, can operate without limits, and misuse of the + superuser account may result in spectacular disasters. User + accounts are unable to destroy the operating system by mistake, so it is + recommended to login as a user account and to only become the superuser + when a command requires extra privilege. + + Always double and triple-check any commands issued as the + superuser, since an extra space or missing character can mean + irreparable data loss. + + There are several ways to become gain superuser privilege. While one + can log in as root, this is highly discouraged. + + Instead, use &man.su.1; to become the superuser. If + - is specified when running this command, the user will also inherit the root user's environment. + The user running this command must + be in the wheel group or else the command + will fail. The user must also know the password for the + root user account. + + In this example, the user only becomes superuser in order to run + make install as this step requires superuser privilege. + Once the command completes, the user types exit + to leave the superuser account and return to the privilege of + their user account. + + + Install a Program As The Superuser + + &prompt.user; configure +&prompt.user; make +&prompt.user; su - +Password: +&prompt.root; make install +&prompt.root; exit +&prompt.user; + + + The built-in &man.su.1; framework works well for single systems or small + networks with just one system administrator. An alternative + is to install the + security/sudo package or port. This software + provides activity logging and allows the administrator to configure which users + can run which commands + as the superuser. + + + + + Managing Accounts + + + accounts + modifying + + + &os; provides a variety of different commands to manage + user accounts. The most common commands are summarized below, + followed by more detailed examples of their usage. + + + + + + + + + Command + Summary + + + + + &man.adduser.8; + The recommended command-line application for adding + new users. + + + + &man.rmuser.8; + The recommended command-line application for + removing users. + + + + &man.chpass.1; + A flexible tool for changing user database + information. + + + + &man.passwd.1; + The simple command-line tool to change user + passwords. + + + + &man.pw.8; + A powerful and flexible tool for modifying all + aspects of user accounts. + + + + + + + <command>adduser</command> + + + accounts + adding + + + adduser + + + /usr/share/skel + + skeleton directory + &man.adduser.8; is a simple program for adding new users + When a new user is added, this program automatically updates + /etc/passwd and + /etc/group. It also creates a home + directory for the new user, copies in the default + configuration files from /usr/share/skel, and can + optionally mail the new user a welcome message. + + + Adding a User on &os; + + &prompt.root; adduser +Username: jru +Full name: J. Random User +Uid (Leave empty for default): +Login group [jru]: +Login group is jru. Invite jru into other groups? []: wheel +Login class [default]: +Shell (sh csh tcsh zsh nologin) [sh]: zsh +Home directory [/home/jru]: +Home directory permissions (Leave empty for default): +Use password-based authentication? [yes]: +Use an empty password? (yes/no) [no]: +Use a random password? (yes/no) [no]: +Enter password: +Enter password again: +Lock out the account after creation? [no]: +Username : jru +Password : **** +Full Name : J. Random User +Uid : 1001 +Class : +Groups : jru wheel +Home : /home/jru +Shell : /usr/local/bin/zsh +Locked : no +OK? (yes/no): yes +adduser: INFO: Successfully added (jru) to the user database. +Add another user? (yes/no): no +Goodbye! +&prompt.root; + + + + Since the password is not echoed when typed, be careful + to not mistype the password when creating the user + account. + + + + + <command>rmuser</command> + + rmuser + + accounts + removing + + + To completely remove a user from the system use + &man.rmuser.8;. This command performs the following + steps: + + + + Removes the user's &man.crontab.1; entry if one + exists. + + + + Removes any &man.at.1; jobs belonging to the + user. + + + + Kills all processes owned by the user. + + + + Removes the user from the system's local password + file. + + + + Removes the user's home directory, if it is owned by + the user. + + + + Removes the incoming mail files belonging to the user + from /var/mail. + + + + Removes all files owned by the user from temporary + file storage areas such as /tmp. + + + + Finally, removes the username from all groups to which + it belongs in /etc/group. + + + If a group becomes empty and the group name is the + same as the username, the group is removed. This + complements the per-user unique groups created by + &man.adduser.8;. + + + + + &man.rmuser.8; cannot be used to remove superuser + accounts since that is almost always an indication of massive + destruction. + + By default, an interactive mode is used, as shown + in the following example. + + + <command>rmuser</command> Interactive Account + Removal + + &prompt.root; rmuser jru +Matching password entry: +jru:*:1001:1001::0:0:J. Random User:/home/jru:/usr/local/bin/zsh +Is this the entry you wish to remove? y +Remove user's home directory (/home/jru)? y +Updating password file, updating databases, done. +Updating group file: trusted (removing group jru -- personal group is empty) done. +Removing user's incoming mail file /var/mail/jru: done. +Removing files belonging to jru from /tmp: done. +Removing files belonging to jru from /var/tmp: done. +Removing files belonging to jru from /var/tmp/vi.recover: done. +&prompt.root; + + + + + <command>chpass</command> + + chpass + &man.chpass.1; can be used to change user database + information such as passwords, shells, and personal + information. + + Only the superuser can change other users' information and + passwords with &man.chpass.1;. + + When passed no options, aside from an optional username, + &man.chpass.1; displays an editor containing user information. + When the user exists from the editor, the user database is + updated with the new information. + + + You will be asked for your password after exiting the + editor if you are not the superuser. + + + + Interactive <command>chpass</command> by + Superuser + + #Changing user database information for jru. +Login: jru +Password: * +Uid [#]: 1001 +Gid [# or name]: 1001 +Change [month day year]: +Expire [month day year]: +Class: +Home directory: /home/jru +Shell: /usr/local/bin/zsh +Full Name: J. Random User +Office Location: +Office Phone: +Home Phone: +Other information: + + + A user can change only a small subset of this + information, and only for their own user account. + + + Interactive <command>chpass</command> by Normal + User + + #Changing user database information for jru. +Shell: /usr/local/bin/zsh +Full Name: J. Random User +Office Location: +Office Phone: +Home Phone: +Other information: + + + + &man.chfn.1; and &man.chsh.1; are links to + &man.chpass.1;, as are &man.ypchpass.1;, &man.ypchfn.1;, and + &man.ypchsh.1;. NIS support is + automatic, so specifying the yp before + the command is not necessary. How to configure NIS is + covered in . + + + + <command>passwd</command> + + passwd + + accounts + changing password + + &man.passwd.1; is the usual way to change your own + password as a user, or another user's password as the + superuser. + + + To prevent accidental or unauthorized changes, the user + must enter their original password before a new password can + be set. This is not the case when the superuser changes a + user's password. + + + + Changing Your Password + + &prompt.user; passwd +Changing local password for jru. +Old password: +New password: +Retype new password: +passwd: updating the database... +passwd: done + + + + Changing Another User's Password as the + Superuser + + &prompt.root; passwd jru +Changing local password for jru. +New password: +Retype new password: +passwd: updating the database... +passwd: done + + + + As with &man.chpass.1;, &man.yppasswd.1; is a link to + &man.passwd.1;, so NIS works with either command. + + + + + + <command>pw</command> + + pw + + &man.pw.8; is a command line utility to create, remove, + modify, and display users and groups. It functions as a front + end to the system user and group files. &man.pw.8; has a very + powerful set of command line options that make it suitable for + use in shell scripts, but new users may find it more + complicated than the other commands presented in this + section. + + + + + Limiting Users + + limiting users + + accounts + limiting + + &os; provides several methods for an administrator to limit + the amount of system resources an individual may use. These + limits are discussed in two sections: disk quotas and other + resource limits. + + quotas + + limiting users + quotas + + disk quotas + Disk quotas limit the amount of disk space available to + users and provide a way to quickly check that usage without + calculating it every time. Quotas are discussed in . + + The other resource limits include ways to limit the amount + of CPU, memory, and other resources a user may consume. These + are defined using login classes and are discussed here. + + + /etc/login.conf + + Login classes are defined in + /etc/login.conf and are described in detail + in &man.login.conf.5;. Each user account is assigned to a login + class, default by default, and each login + class has a set of login capabilities associated with it. A + login capability is a + name=value + pair, where name is a well-known + identifier and value is an arbitrary + string which is processed accordingly depending on the + name. Setting up login classes and + capabilities is rather straightforward and is also described in + &man.login.conf.5;. + + + &os; does not normally read the configuration in + /etc/login.conf directly, but instead + reads the /etc/login.conf.db database + which provides faster lookups. Whenever + /etc/login.conf is edited, the + /etc/login.conf.db must be updated by + executing the following command: + + &prompt.root; cap_mkdb /etc/login.conf + + + Resource limits differ from the default login capabilities + in two ways. First, for every limit, there is a soft (current) + and hard limit. A soft limit may be adjusted by the user or + application, but may not be set higher than the hard limit. The + hard limit may be lowered by the user, but can only be raised + by the superuser. Second, most resource limits apply per + process to a specific user, not to the user as a whole. These + differences are mandated by the specific handling of the limits, + not by the implementation of the login capability + framework. + + Below are the most commonly used resource limits. The rest + of the limits, along with all the other login capabilities, can + be found in &man.login.conf.5;. + + + + coredumpsize + + + The limit on the size of a core filecoredumpsize generated by a + program is subordinate to other limitslimiting userscoredumpsize on disk usage, such + as filesize, or disk quotas. + This limit is often used as a less-severe method of + controlling disk space consumption. Since users do not + generate core files themselves, and often do not delete + them, setting this may save them from running out of disk + space should a large program crash. + + + + + cputime + + + The maximum amount of CPUcputimelimiting userscputime time a user's process may + consume. Offending processes will be killed by the + kernel. + + + This is a limit on CPU time + consumed, not percentage of the CPU as displayed in + some fields by &man.top.1; and &man.ps.1;. + + + + + + filesize + + + The maximum size of a filefilesizelimiting usersfilesize the user may own. Unlike + disk quotas, this limit is + enforced on individual files, not the set of all files a + user owns. + + + + + maxproc + + + The maximum number of processesmaxproclimiting usersmaxproc a user can run. This + includes foreground and background processes. This limit + may not be larger than the system limit specified by the + kern.maxproc &man.sysctl.8;. Setting + this limit too small may hinder a user's productivity as + it is often useful to be logged in multiple times or to + execute pipelines. Some tasks, such as compiling a large + program, spawn multiple processes and other intermediate + preprocessors. + + + + + memorylocked + + + The maximum amount of memorymemorylockedlimiting usersmemorylocked a process may request + to be locked into main memory using &man.mlock.2;. Some + system-critical programs, such as &man.amd.8;, lock into + main memory so that if the system begins to swap, they do + not contribute to disk thrashing. + + + + + memoryuse + + + The maximum amount of memorymemoryuselimiting usersmemoryuse a process may consume at + any given time. It includes both core memory and swap + usage. This is not a catch-all limit for restricting + memory consumption, but is a good start. + + + + + openfiles + + + The maximum number of files a process may have openopenfileslimiting usersopenfiles. + In &os;, files are used to represent sockets and IPC + channels, so be careful not to set this too low. The + system-wide limit for this is defined by the + kern.maxfiles &man.sysctl.8;. + + + + + sbsize + + + The limit on the amount of network memory, and + thus mbufssbsizelimiting userssbsize, a user may consume in order to limit network + communications. + + + + + stacksize + + + The maximum size of a process stackstacksizelimiting usersstacksize. This alone is + not sufficient to limit the amount of memory a program + may use so it should be used in conjunction with other + limits. + + + + + There are a few other things to remember when setting + resource limits. Following are some general tips, suggestions, + and miscellaneous comments. + + + + Processes started at system startup by + /etc/rc are assigned to the + daemon login class. + + + + Although the /etc/login.conf that + comes with the system is a good source of reasonable values + for most limits, they may not be appropriate for every + system. Setting a limit too high may open the system up to + abuse, while setting it too low may put a strain on + productivity. + + + + Users of &xorg; should + probably be granted more resources than other users. + &xorg; by itself takes a lot of + resources, but it also encourages users to run more programs + simultaneously. + + + + Many limits apply to individual processes, not the user + as a whole. For example, setting + openfiles to 50 means that each process + the user runs may open up to 50 files. The total amount + of files a user may open is the value of + openfiles multiplied by the value of + maxproc. This also applies to memory + consumption. + + + + For further information on resource limits and login classes + and capabilities in general, refer to &man.cap.mkdb.1;, + &man.getrlimit.2;, and &man.login.conf.5;. + + + + Managing Groups + + groups + + /etc/groups + + + accounts + groups + + A group is a list of users. A group is identified by its + group name and GID. In &os;, the + kernel uses the UID of a process, and the + list of groups it belongs to, to determine what the process is + allowed to do. Most of the time, the GID of + a user or process usually means the first group in the + list. + + The group name to GID mapping is listed + in /etc/group. This is a plain text file + with four colon-delimited fields. The first field is the group + name, the second is the encrypted password, the third the + GID, and the fourth the comma-delimited list + of members. For a more complete description of the syntax, + refer to &man.group.5;. + + The superuser can modify /etc/group + using a text editor. Alternatively, &man.pw.8; can be used to + add and edit groups. For example, to add a group called + teamtwo and then confirm that it + exists: + + + Adding a Group Using &man.pw.8; + + &prompt.root; pw groupadd teamtwo +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100: + + + In this example, 1100 is the + GID of teamtwo. Right + now, teamtwo has no members. This + command will add jru as a member of + teamtwo. + + + Adding User Accounts to a New Group Using + &man.pw.8; + + &prompt.root; pw groupmod teamtwo -M jru +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100:jru + + + The argument to is a comma-delimited + list of users to be added to a new (empty) group or to replace + the members of an existing group. To the user, this group + membership is different from (and in addition to) the user's + primary group listed in the password file. This means that + the user will not show up as a member when using + with &man.pw.8;, but will show up + when the information is queried via &man.id.1; or a similar + tool. When &man.pw.8; is used to add a user to a group, it only + manipulates /etc/group and does not attempt + to read additional data from + /etc/passwd. + + + Adding a New Member to a Group Using &man.pw.8; + + &prompt.root; pw groupmod teamtwo -m db +&prompt.root; pw groupshow teamtwo +teamtwo:*:1100:jru,db + + + In this example, the argument to is a + comma-delimited list of users who are to be added to the group. + Unlike the previous example, these users are appended to the + group list and do not replace the list of existing users in the + group. *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***