svn commit: r43257 - head/en_US.ISO8859-1/books/handbook/basics
Warren Block
wblock at FreeBSD.org
Tue Nov 26 18:09:30 UTC 2013
Author: wblock
Date: Tue Nov 26 18:09:29 2013
New Revision: 43257
URL: http://svnweb.freebsd.org/changeset/doc/43257
Log:
Whitespace-only fixes, translators please ignore.
Modified:
head/en_US.ISO8859-1/books/handbook/basics/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Nov 26 17:37:42 2013 (r43256)
+++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Tue Nov 26 18:09:29 2013 (r43257)
@@ -4,7 +4,10 @@
$FreeBSD$
-->
-<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="basics">
+<chapter xmlns="http://docbook.org/ns/docbook"
+ xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
+ xml:id="basics">
+
<!--
<chapterinfo>
<authorgroup>
@@ -82,9 +85,15 @@
<sect1 xml:id="consoles">
<title>Virtual Consoles and Terminals</title>
- <indexterm><primary>virtual consoles</primary></indexterm>
- <indexterm><primary>terminals</primary></indexterm>
- <indexterm><primary>console</primary></indexterm>
+ <indexterm>
+ <primary>virtual consoles</primary>
+ </indexterm>
+ <indexterm>
+ <primary>terminals</primary>
+ </indexterm>
+ <indexterm>
+ <primary>console</primary>
+ </indexterm>
<para>Unless &os; has been configured to automatically start a
graphical environment during startup, the system will boot
@@ -194,17 +203,17 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon"
<para>To disable a virtual console, put a comment symbol
(<literal>#</literal>) at the beginning of the line
- representing that virtual console. For example, to reduce
- the number of available virtual consoles from eight to four,
- put a <literal>#</literal> in front of the last four lines
- representing virtual consoles
- <filename>ttyv5</filename> through
- <filename>ttyv8</filename>. <emphasis>Do not</emphasis>
- comment out the line for the system console
- <filename>ttyv0</filename>. Note that the last virtual
- console (<filename>ttyv8</filename>) is used to access
+ representing that virtual console. For example, to reduce the
+ number of available virtual consoles from eight to four, put a
+ <literal>#</literal> in front of the last four lines
+ representing virtual consoles <filename>ttyv5</filename>
+ through <filename>ttyv8</filename>.
+ <emphasis>Do not</emphasis> comment out the line for the
+ system console <filename>ttyv0</filename>. Note that the last
+ virtual console (<filename>ttyv8</filename>) is used to access
the graphical environment if <application>&xorg;</application>
- has been installed and configured as described in <xref linkend="x11"/>.</para>
+ has been installed and configured as described in
+ <xref linkend="x11"/>.</para>
<para>For a detailed description of every column in this file
and the available options for the virtual consoles, refer to
@@ -219,15 +228,16 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon"
the system will boot into a special mode known as
<quote>single user mode</quote>. This mode is typically used
to repair a system that will not boot or to reset the
- <systemitem class="username">root</systemitem> password when it is not known.
- While in single user mode, networking and other virtual
- consoles are not available. However, full
- <systemitem class="username">root</systemitem> access to the system is available,
- and by default, the <systemitem class="username">root</systemitem> password is not
- needed. For these reasons, physical access to the keyboard
- is needed to boot into this mode and determining who has
- physical access to the keyboard is something to consider when
- securing a &os; system.</para>
+ <systemitem class="username">root</systemitem> password when
+ it is not known. While in single user mode, networking and
+ other virtual consoles are not available. However, full
+ <systemitem class="username">root</systemitem> access to the
+ system is available, and by default, the
+ <systemitem class="username">root</systemitem> password is not
+ needed. For these reasons, physical access to the keyboard is
+ needed to boot into this mode and determining who has physical
+ access to the keyboard is something to consider when securing
+ a &os; system.</para>
<para>The settings which control single user mode are found in
this section of <filename>/etc/ttys</filename>:</para>
@@ -239,23 +249,23 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon"
console none unknown off secure</programlisting>
<para>By default, the status is set to
- <literal>secure</literal>. This assumes that who has
- physical access to the keyboard is either not important or it
- is controlled by a physical security policy. If this setting
- is changed to <literal>insecure</literal>, the assumption is
- that the environment itself is insecure because anyone can
- access the keyboard. When this line is changed to
+ <literal>secure</literal>. This assumes that who has physical
+ access to the keyboard is either not important or it is
+ controlled by a physical security policy. If this setting is
+ changed to <literal>insecure</literal>, the assumption is that
+ the environment itself is insecure because anyone can access
+ the keyboard. When this line is changed to
<literal>insecure</literal>, &os; will prompt for the
- <systemitem class="username">root</systemitem> password when a user selects to
- boot into single user mode.</para>
+ <systemitem class="username">root</systemitem> password when a
+ user selects to boot into single user mode.</para>
<note>
<para><emphasis>Be careful when changing this setting to
<literal>insecure</literal></emphasis>! If the
- <systemitem class="username">root</systemitem> password is forgotten, booting
- into single user mode is still possible, but may be
- difficult for someone who is not familiar with the &os;
- booting process.</para>
+ <systemitem class="username">root</systemitem> password is
+ forgotten, booting into single user mode is still possible,
+ but may be difficult for someone who is not familiar with
+ the &os; booting process.</para>
</note>
</sect2>
@@ -360,28 +370,34 @@ console none
<indexterm>
<primary>accounts</primary>
- <secondary><systemitem class="username">daemon</systemitem></secondary>
+ <secondary><systemitem
+ class="username">daemon</systemitem></secondary>
</indexterm>
<indexterm>
<primary>accounts</primary>
- <secondary><systemitem class="username">operator</systemitem></secondary>
+ <secondary><systemitem
+ class="username">operator</systemitem></secondary>
</indexterm>
<para>Examples of system accounts are
- <systemitem class="username">daemon</systemitem>, <systemitem class="username">operator</systemitem>,
- <systemitem class="username">bind</systemitem>, <systemitem class="username">news</systemitem>, and
+ <systemitem class="username">daemon</systemitem>,
+ <systemitem class="username">operator</systemitem>,
+ <systemitem class="username">bind</systemitem>,
+ <systemitem class="username">news</systemitem>, and
<systemitem class="username">www</systemitem>.</para>
<indexterm>
<primary>accounts</primary>
- <secondary><systemitem class="username">nobody</systemitem></secondary>
+ <secondary><systemitem
+ class="username">nobody</systemitem></secondary>
</indexterm>
- <para><systemitem class="username">nobody</systemitem> is the generic unprivileged
- system account. However, the more services that use
- <systemitem class="username">nobody</systemitem>, the more files and processes
- that user will become associated with, and hence the more
- privileged that user becomes.</para>
+ <para><systemitem class="username">nobody</systemitem> is the
+ generic unprivileged system account. However, the more
+ services that use
+ <systemitem class="username">nobody</systemitem>, the more
+ files and processes that user will become associated with,
+ and hence the more privileged that user becomes.</para>
</sect3>
<sect3 xml:id="users-user">
@@ -410,300 +426,314 @@ console none
<varlistentry>
<term>User name</term>
- <listitem>
- <para>The user name is typed at the <prompt>login:</prompt>
- prompt. User names must be unique on the system as no two
- users can have the same user name. There are a number of
- rules for creating valid user names which are documented
- in &man.passwd.5;. It is recommended to use user names
- that consist of eight or fewer, all lower case characters
- in order to maintain backwards compatibility with
- applications.</para>
- </listitem>
- </varlistentry>
+ <listitem>
+ <para>The user name is typed at the
+ <prompt>login:</prompt> prompt. User names must be
+ unique on the system as no two users can have the same
+ user name. There are a number of rules for creating
+ valid user names which are documented in
+ &man.passwd.5;. It is recommended to use user names
+ that consist of eight or fewer, all lower case
+ characters in order to maintain backwards
+ compatibility with applications.</para>
+ </listitem>
+ </varlistentry>
- <varlistentry>
- <term>Password</term>
+ <varlistentry>
+ <term>Password</term>
- <listitem>
- <para>Each user account should have an associated password.
- While the password can be blank, this is highly
- discouraged.</para>
- </listitem>
- </varlistentry>
+ <listitem>
+ <para>Each user account should have an associated
+ password. While the password can be blank, this is
+ highly discouraged.</para>
+ </listitem>
+ </varlistentry>
- <varlistentry>
- <term>User ID (<acronym>UID</acronym>)</term>
+ <varlistentry>
+ <term>User ID (<acronym>UID</acronym>)</term>
- <listitem>
- <para>The User ID (<acronym>UID</acronym>) is a number used
- to uniquely identify the user to the &os; system.
- Commands that allow a user name to be specified will
- first convert it to the <acronym>UID</acronym>. It is
- recommended to use a UID of 65535 or lower as higher UIDs
- may cause compatibility issues with software that does
- not support integers larger than 32-bits.</para>
- </listitem>
- </varlistentry>
+ <listitem>
+ <para>The User ID (<acronym>UID</acronym>) is a number
+ used to uniquely identify the user to the &os; system.
+ Commands that allow a user name to be specified will
+ first convert it to the <acronym>UID</acronym>. It is
+ recommended to use a UID of 65535 or lower as higher
+ UIDs may cause compatibility issues with software that
+ does not support integers larger than 32-bits.</para>
+ </listitem>
+ </varlistentry>
- <varlistentry>
- <term>Group ID (<acronym>GID</acronym>)</term>
+ <varlistentry>
+ <term>Group ID (<acronym>GID</acronym>)</term>
- <listitem>
- <para>The Group ID (<acronym>GID</acronym>) is a number
- used to uniquely identify the primary group that the user
- belongs to. Groups are a mechanism for controlling
- access to resources based on a user's
- <acronym>GID</acronym> rather than their
- <acronym>UID</acronym>. This can significantly reduce the
- size of some configuration files and allows users to be
- members of more than one group. It is recommended to use
- a GID of 65535 or lower as higher GIDs may break some
- software.</para>
- </listitem>
- </varlistentry>
+ <listitem>
+ <para>The Group ID (<acronym>GID</acronym>) is a number
+ used to uniquely identify the primary group that the
+ user belongs to. Groups are a mechanism for
+ controlling access to resources based on a user's
+ <acronym>GID</acronym> rather than their
+ <acronym>UID</acronym>. This can significantly reduce
+ the size of some configuration files and allows users
+ to be members of more than one group. It is
+ recommended to use a GID of 65535 or lower as higher
+ GIDs may break some software.</para>
+ </listitem>
+ </varlistentry>
- <varlistentry>
- <term>Login class</term>
+ <varlistentry>
+ <term>Login class</term>
- <listitem>
- <para>Login classes are an extension to the group mechanism
- that provide additional flexibility when tailoring the
- system to different users. Login classes are discussed
- further in <xref linkend="users-limiting"/></para>
- </listitem>
- </varlistentry>
+ <listitem>
+ <para>Login classes are an extension to the group
+ mechanism that provide additional flexibility when
+ tailoring the system to different users. Login
+ classes are discussed further in
+ <xref linkend="users-limiting"/></para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>Password change time</term>
- <varlistentry>
- <term>Password change time</term>
+ <listitem>
+ <para>By default, &os; does not force users to change
+ their passwords periodically. Password expiration can
+ be enforced on a per-user basis using &man.pw.8;,
+ forcing some or all users to change their passwords
+ after a certain amount of time has elapsed.</para>
+ </listitem>
+ </varlistentry>
- <listitem>
- <para>By default, &os; does not force users to change their
- passwords periodically. Password expiration can be
- enforced on a per-user basis using &man.pw.8;, forcing
- some or all users to change their passwords after a
- certain amount of time has elapsed.</para>
- </listitem>
- </varlistentry>
+ <varlistentry>
+ <term>Account expiry time</term>
- <varlistentry>
- <term>Account expiry time</term>
+ <listitem>
+ <para>By default, &os; does not expire accounts. When
+ creating accounts that need a limited lifespan, such
+ as student accounts in a school, specify the account
+ expiry date using &man.pw.8;. After the expiry time
+ has elapsed, the account cannot be used to log in to
+ the system, although the account's directories and
+ files will remain.</para>
+ </listitem>
+ </varlistentry>
- <listitem>
- <para>By default, &os; does not expire accounts. When
- creating accounts that need a limited lifespan, such as
- student accounts in a school, specify the account expiry
- date using &man.pw.8;. After the expiry time has
- elapsed, the account cannot be used to log in to the
- system, although the account's directories and files will
- remain.</para>
- </listitem>
- </varlistentry>
+ <varlistentry>
+ <term>User's full name</term>
- <varlistentry>
- <term>User's full name</term>
+ <listitem>
+ <para>The user name uniquely identifies the account to
+ &os;, but does not necessarily reflect the user's real
+ name. Similar to a comment, this information can
+ contain a space, uppercase characters, and be more
+ than 8 characters long.</para>
+ </listitem>
+ </varlistentry>
- <listitem>
- <para>The user name uniquely identifies the account to &os;,
- but does not necessarily reflect the user's real name.
- Similar to a comment, this information can contain a
- space, uppercase characters, and be more than 8
- characters long.</para>
- </listitem>
- </varlistentry>
+ <varlistentry>
+ <term>Home directory</term>
- <varlistentry>
- <term>Home directory</term>
+ <listitem>
+ <para>The home directory is the full path to a directory
+ on the system. This is the user's starting directory
+ when the user logs in. A common convention is to put
+ all user home directories under
+ <filename>/home/username</filename> or
+ <filename>/usr/home/username</filename>. Each user
+ stores their personal files and subdirectories in
+ their own home directory.</para>
+ </listitem>
+ </varlistentry>
- <listitem>
- <para>The home directory is the full path to a directory on
- the system. This is the user's starting directory when
- the user logs in. A common convention is to put all user
- home directories under <filename>/home/username</filename>
- or <filename>/usr/home/username</filename>.
- Each user stores their personal files and subdirectories
- in their own home directory.</para>
- </listitem>
- </varlistentry>
+ <varlistentry>
+ <term>User shell</term>
- <varlistentry>
- <term>User shell</term>
+ <listitem>
+ <para>The shell provides the user's default environment
+ for interacting with the system. There are many
+ different kinds of shells and experienced users will
+ have their own preferences, which can be reflected in
+ their account settings.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </sect3>
- <listitem>
- <para>The shell provides the user's default environment for
- interacting with the system. There are many different
- kinds of shells and experienced users will have their own
- preferences, which can be reflected in their account
- settings.</para>
- </listitem>
- </varlistentry>
- </variablelist>
- </sect3>
+ <sect3 xml:id="users-superuser">
+ <title>The Superuser Account</title>
- <sect3 xml:id="users-superuser">
- <title>The Superuser Account</title>
+ <indexterm>
+ <primary>accounts</primary>
+ <secondary>superuser (root)</secondary>
+ </indexterm>
- <indexterm>
- <primary>accounts</primary>
- <secondary>superuser (root)</secondary>
- </indexterm>
+ <para>The superuser account, usually called
+ <systemitem class="username">root</systemitem>, is used to
+ manage the system with no limitations on privileges. For
+ this reason, it should not be used for day-to-day tasks like
+ sending and receiving mail, general exploration of the
+ system, or programming.</para>
+
+ <para>The superuser, unlike other user accounts, can operate
+ without limits, and misuse of the superuser account may
+ result in spectacular disasters. User accounts are unable
+ to destroy the operating system by mistake, so it is
+ recommended to login as a user account and to only become
+ the superuser when a command requires extra
+ privilege.</para>
+
+ <para>Always double and triple-check any commands issued as
+ the superuser, since an extra space or missing character can
+ mean irreparable data loss.</para>
+
+ <para>There are several ways to become gain superuser
+ privilege. While one can log in as
+ <systemitem class="username">root</systemitem>, this is
+ highly discouraged.</para>
+
+ <para>Instead, use &man.su.1; to become the superuser. If
+ <literal>-</literal> is specified when running this command,
+ the user will also inherit the root user's environment. The
+ user running this command must be in the
+ <systemitem class="groupname">wheel</systemitem> group or
+ else the command will fail. The user must also know the
+ password for the
+ <systemitem class="username">root</systemitem> user
+ account.</para>
- <para>The superuser account, usually called
- <systemitem class="username">root</systemitem>, is used to
- manage the system with no limitations on privileges. For this
- reason, it should not be used for day-to-day
- tasks like sending and receiving mail, general exploration of
- the system, or programming.</para>
-
- <para>The superuser, unlike other user
- accounts, can operate without limits, and misuse of the
- superuser account may result in spectacular disasters. User
- accounts are unable to destroy the operating system by
- mistake, so it is recommended to login as a user account and
- to only become the superuser when a command requires extra
- privilege.</para>
-
- <para>Always double and triple-check any commands issued as the
- superuser, since an extra space or missing character can mean
- irreparable data loss.</para>
-
- <para>There are several ways to become gain superuser privilege.
- While one can log in as <systemitem class="username">root</systemitem>, this is
- highly discouraged.</para>
-
- <para>Instead, use &man.su.1; to become the superuser. If
- <literal>-</literal> is specified when running this command,
- the user will also inherit the root user's environment. The
- user running this command must be in the
- <systemitem class="groupname">wheel</systemitem> group or else the command will
- fail. The user must also know the password for the
- <systemitem class="username">root</systemitem> user account.</para>
-
- <para>In this example, the user only becomes superuser in order
- to run <command>make install</command> as this step requires
- superuser privilege. Once the command completes, the user
- types <command>exit</command> to leave the superuser account
- and return to the privilege of their user account.</para>
+ <para>In this example, the user only becomes superuser in
+ order to run <command>make install</command> as this step
+ requires superuser privilege. Once the command completes,
+ the user types <command>exit</command> to leave the
+ superuser account and return to the privilege of their user
+ account.</para>
- <example>
- <title>Install a Program As the Superuser</title>
+ <example>
+ <title>Install a Program As the Superuser</title>
- <screen>&prompt.user; <userinput>configure</userinput>
+ <screen>&prompt.user; <userinput>configure</userinput>
&prompt.user; <userinput>make</userinput>
&prompt.user; <userinput>su -</userinput>
Password:
&prompt.root; <userinput>make install</userinput>
&prompt.root; <userinput>exit</userinput>
&prompt.user;</screen>
- </example>
+ </example>
- <para>The built-in &man.su.1; framework works well for single
- systems or small networks with just one system administrator.
- An alternative is to install the <package>security/sudo</package> package or port.
- This software provides activity logging and allows the
- administrator to configure which users can run which commands
- as the superuser.</para>
- </sect3>
- </sect2>
-
- <sect2 xml:id="users-modifying">
- <title>Managing Accounts</title>
-
- <indexterm>
- <primary>accounts</primary>
- <secondary>modifying</secondary>
- </indexterm>
-
- <para>&os; provides a variety of different commands to manage
- user accounts. The most common commands are summarized in Table
- 4.1, followed by some examples of their usage. Refer to the
- manual page for each utility for more details and usage
- examples.</para>
+ <para>The built-in &man.su.1; framework works well for single
+ systems or small networks with just one system
+ administrator. An alternative is to install the
+ <package>security/sudo</package> package or port. This
+ software provides activity logging and allows the
+ administrator to configure which users can run which
+ commands as the superuser.</para>
+ </sect3>
+ </sect2>
- <table frame="none" pgwide="1">
- <title>Utilities for Managing User Accounts</title>
+ <sect2 xml:id="users-modifying">
+ <title>Managing Accounts</title>
- <tgroup cols="2">
- <colspec colwidth="1*"/>
- <colspec colwidth="2*"/>
+ <indexterm>
+ <primary>accounts</primary>
+ <secondary>modifying</secondary>
+ </indexterm>
- <thead>
- <row>
- <entry>Command</entry>
- <entry>Summary</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>&man.adduser.8;</entry>
- <entry>The recommended command-line application for adding
- new users.</entry>
- </row>
+ <para>&os; provides a variety of different commands to manage
+ user accounts. The most common commands are summarized in
+ Table 4.1, followed by some examples of their usage. Refer to
+ the manual page for each utility for more details and usage
+ examples.</para>
- <row>
- <entry>&man.rmuser.8;</entry>
- <entry>The recommended command-line application for
- removing users.</entry>
- </row>
+ <table frame="none" pgwide="1">
+ <title>Utilities for Managing User Accounts</title>
- <row>
- <entry>&man.chpass.1;</entry>
- <entry>A flexible tool for changing user database
- information.</entry>
- </row>
+ <tgroup cols="2">
+ <colspec colwidth="1*"/>
+ <colspec colwidth="2*"/>
- <row>
- <entry>&man.passwd.1;</entry>
- <entry>The command-line tool to change user
- passwords.</entry>
- </row>
+ <thead>
+ <row>
+ <entry>Command</entry>
+ <entry>Summary</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>&man.adduser.8;</entry>
+ <entry>The recommended command-line application for
+ adding new users.</entry>
+ </row>
- <row>
- <entry>&man.pw.8;</entry>
- <entry>A powerful and flexible tool for modifying all
- aspects of user accounts.</entry>
- </row>
- </tbody>
- </tgroup>
- </table>
+ <row>
+ <entry>&man.rmuser.8;</entry>
+ <entry>The recommended command-line application for
+ removing users.</entry>
+ </row>
- <sect3 xml:id="users-adduser">
- <title><command>adduser</command></title>
+ <row>
+ <entry>&man.chpass.1;</entry>
+ <entry>A flexible tool for changing user database
+ information.</entry>
+ </row>
- <indexterm>
- <primary>accounts</primary>
- <secondary>adding</secondary>
- </indexterm>
- <indexterm>
- <primary><command>adduser</command></primary>
- </indexterm>
- <indexterm>
- <primary><filename>/usr/share/skel</filename></primary>
- </indexterm>
- <indexterm><primary>skeleton directory</primary></indexterm>
- <para>The recommended program for adding new users is
- &man.adduser.8;. When a new user is added, this program
- automatically updates <filename>/etc/passwd</filename> and
- <filename>/etc/group</filename>. It also creates a home
- directory for the new user, copies in the default
- configuration files from <filename>/usr/share/skel</filename>, and can
- optionally mail the new user a welcome message. This utility
- must be run as the <systemitem class="username">superuser</systemitem></para>
-
- <para>The &man.adduser.8; utility is interactive and walks
- through the steps for creating a new user account. As seen in
- Example 4.2, either input the required information or press
- <keycap>Return</keycap> to accept the default value shown in
- square brackets. In this example, the user has been invited
- into the <systemitem class="groupname">wheel</systemitem> group, which is
- required to provide the account with superuser access. When
- finished, the utility will prompt to either create another
- user or to exit.</para>
+ <row>
+ <entry>&man.passwd.1;</entry>
+ <entry>The command-line tool to change user
+ passwords.</entry>
+ </row>
- <example>
- <title>Adding a User on &os;</title>
+ <row>
+ <entry>&man.pw.8;</entry>
+ <entry>A powerful and flexible tool for modifying all
+ aspects of user accounts.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+
+ <sect3 xml:id="users-adduser">
+ <title><command>adduser</command></title>
+
+ <indexterm>
+ <primary>accounts</primary>
+ <secondary>adding</secondary>
+ </indexterm>
+ <indexterm>
+ <primary><command>adduser</command></primary>
+ </indexterm>
+ <indexterm>
+ <primary><filename>/usr/share/skel</filename></primary>
+ </indexterm>
+ <indexterm>
+ <primary>skeleton directory</primary>
+ </indexterm>
+
+ <para>The recommended program for adding new users is
+ &man.adduser.8;. When a new user is added, this program
+ automatically updates <filename>/etc/passwd</filename> and
+ <filename>/etc/group</filename>. It also creates a home
+ directory for the new user, copies in the default
+ configuration files from
+ <filename>/usr/share/skel</filename>, and can optionally
+ mail the new user a welcome message. This utility must be
+ run as the
+ <systemitem class="username">superuser</systemitem></para>
+
+ <para>The &man.adduser.8; utility is interactive and walks
+ through the steps for creating a new user account. As seen
+ in Example 4.2, either input the required information or
+ press <keycap>Return</keycap> to accept the default value
+ shown in square brackets. In this example, the user has
+ been invited into the
+ <systemitem class="groupname">wheel</systemitem> group,
+ which is required to provide the account with superuser
+ access. When finished, the utility will prompt to either
+ create another user or to exit.</para>
- <screen>&prompt.root; <userinput>adduser</userinput>
+ <example>
+ <title>Adding a User on &os;</title>
+
+ <screen>&prompt.root; <userinput>adduser</userinput>
Username: <userinput>jru</userinput>
Full name: <userinput>J. Random User</userinput>
Uid (Leave empty for default):
@@ -733,125 +763,133 @@ adduser: INFO: Successfully added (jru)
Add another user? (yes/no): <userinput>no</userinput>
Goodbye!
&prompt.root;</screen>
- </example>
-
- <note>
- <para>Since the password is not echoed when typed, be careful
- to not mistype the password when creating the user
- account.</para>
- </note>
- </sect3>
-
- <sect3 xml:id="users-rmuser">
- <title><command>rmuser</command></title>
-
- <indexterm><primary><command>rmuser</command></primary></indexterm>
- <indexterm>
- <primary>accounts</primary>
- <secondary>removing</secondary>
- </indexterm>
-
- <para>To completely remove a user from the system, run
- &man.rmuser.8; as the superuser. This command performs the
- following steps:</para>
-
- <procedure>
- <step>
- <para>Removes the user's &man.crontab.1; entry, if one
- exists.</para>
- </step>
-
- <step>
- <para>Removes any &man.at.1; jobs belonging to the
- user.</para>
- </step>
+ </example>
- <step>
- <para>Kills all processes owned by the user.</para>
- </step>
-
- <step>
- <para>Removes the user from the system's local password
- file.</para>
- </step>
-
- <step>
- <para>Optionally removes the user's home directory, if it is
- owned by the user.</para>
- </step>
-
- <step>
- <para>Removes the incoming mail files belonging to the user
- from <filename>/var/mail</filename>.</para>
- </step>
-
- <step>
- <para>Removes all files owned by the user from temporary
- file storage areas such as <filename>/tmp</filename>.</para>
- </step>
-
- <step>
- <para>Finally, removes the username from all groups to which
- it belongs in <filename>/etc/group</filename>. If a group
- becomes empty and the group name is the same as the
- username, the group is removed. This complements the
- per-user unique groups created by &man.adduser.8;.</para>
- </step>
- </procedure>
+ <note>
+ <para>Since the password is not echoed when typed, be
+ careful to not mistype the password when creating the user
+ account.</para>
+ </note>
+ </sect3>
- <para>&man.rmuser.8; cannot be used to remove superuser
- accounts since that is almost always an indication of massive
- destruction.</para>
+ <sect3 xml:id="users-rmuser">
+ <title><command>rmuser</command></title>
- <para>By default, an interactive mode is used, as shown
- in the following example.</para>
+ <indexterm>
+ <primary><command>rmuser</command></primary>
+ </indexterm>
+ <indexterm>
+ <primary>accounts</primary>
+ <secondary>removing</secondary>
+ </indexterm>
- <example>
- <title><command>rmuser</command> Interactive Account
- Removal</title>
+ <para>To completely remove a user from the system, run
+ &man.rmuser.8; as the superuser. This command performs the
+ following steps:</para>
+
+ <procedure>
+ <step>
+ <para>Removes the user's &man.crontab.1; entry, if one
+ exists.</para>
+ </step>
+
+ <step>
+ <para>Removes any &man.at.1; jobs belonging to the
+ user.</para>
+ </step>
+
+ <step>
+ <para>Kills all processes owned by the user.</para>
+ </step>
+
+ <step>
+ <para>Removes the user from the system's local password
+ file.</para>
+ </step>
+
+ <step>
+ <para>Optionally removes the user's home directory, if it
+ is owned by the user.</para>
+ </step>
+
+ <step>
+ <para>Removes the incoming mail files belonging to the
+ user from <filename>/var/mail</filename>.</para>
+ </step>
+
+ <step>
+ <para>Removes all files owned by the user from temporary
+ file storage areas such as
+ <filename>/tmp</filename>.</para>
+ </step>
+
+ <step>
+ <para>Finally, removes the username from all groups to
+ which it belongs in <filename>/etc/group</filename>. If
+ a group becomes empty and the group name is the same as
+ the username, the group is removed. This complements
+ the per-user unique groups created by
+ &man.adduser.8;.</para>
+ </step>
+ </procedure>
+
+ <para>&man.rmuser.8; cannot be used to remove superuser
+ accounts since that is almost always an indication of
+ massive destruction.</para>
+
+ <para>By default, an interactive mode is used, as shown
+ in the following example.</para>
+
+ <example>
+ <title><command>rmuser</command> Interactive Account
+ Removal</title>
- <screen>&prompt.root; <userinput>rmuser jru</userinput>
+ <screen>&prompt.root; <userinput>rmuser jru</userinput>
Matching password entry:
jru:*:1001:1001::0:0:J. Random User:/home/jru:/usr/local/bin/zsh
Is this the entry you wish to remove? <userinput>y</userinput>
Remove user's home directory (/home/jru)? <userinput>y</userinput>
Removing user (jru): mailspool home passwd.
&prompt.root;</screen>
- </example>
- </sect3>
-
- <sect3 xml:id="users-chpass">
- <title><command>chpass</command></title>
+ </example>
+ </sect3>
- <indexterm><primary><command>chpass</command></primary></indexterm>
- <para>Any user can use &man.chpass.1; to change their default
- shell and personal information associated with their user
- account. The superuser can use this utility to change
- additional account information for any user.</para>
-
- <para>When passed no options, aside from an optional username,
- &man.chpass.1; displays an editor containing user information.
- When the user exists from the editor, the user database is
- updated with the new information.</para>
+ <sect3 xml:id="users-chpass">
+ <title><command>chpass</command></title>
- <note>
- <para>This utility will prompt for the user's password when
- exiting the editor, unless the utility is run as the
- superuser.</para>
- </note>
+ <indexterm>
+ <primary><command>chpass</command></primary>
+ </indexterm>
- <para>In Example 4.4, the superuser has typed
- <command>chpass jru</command> and is now viewing the fields
- that can be changed for this user. If
- <systemitem class="username">jru</systemitem> runs this command instead, only the
- last six fields will be displayed and available for editing.
- This is shown in Example 4.5.</para>
+ <para>Any user can use &man.chpass.1; to change their default
+ shell and personal information associated with their user
+ account. The superuser can use this utility to change
+ additional account information for any user.</para>
+
+ <para>When passed no options, aside from an optional username,
+ &man.chpass.1; displays an editor containing user
+ information. When the user exists from the editor, the user
+ database is updated with the new information.</para>
+
+ <note>
+ <para>This utility will prompt for the user's password when
+ exiting the editor, unless the utility is run as the
+ superuser.</para>
+ </note>
+
+ <para>In Example 4.4, the superuser has typed
+ <command>chpass jru</command> and is now viewing the fields
+ that can be changed for this user. If
+ <systemitem class="username">jru</systemitem> runs this
+ command instead, only the last six fields will be displayed
+ and available for editing. This is shown in Example
+ 4.5.</para>
+
+ <example>
+ <title>Using <command>chpass</command> as
+ Superuser</title>
- <example>
- <title>Using <command>chpass</command> as
- Superuser</title>
-
- <screen>#Changing user database information for jru.
+ <screen>#Changing user database information for jru.
Login: jru
Password: *
Uid [#]: 1001
@@ -866,448 +904,509 @@ Office Location:
Office Phone:
Home Phone:
Other information:</screen>
- </example>
+ </example>
- <example>
- <title>Using <command>chpass</command> as Regular
- User</title>
+ <example>
+ <title>Using <command>chpass</command> as Regular
+ User</title>
- <screen>#Changing user database information for jru.
+ <screen>#Changing user database information for jru.
Shell: /usr/local/bin/zsh
Full Name: J. Random User
Office Location:
Office Phone:
Home Phone:
Other information:</screen>
- </example>
+ </example>
- <note>
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-doc-head
mailing list