User Accounts Carole Williams, carole@redhat.com Linuxconf can create and manage various types of user accounts. Regu- lar login accounts allow users to manage files and access system pro- grams. PPP (Point-to-Point Protocol) and SLIP (Serial Line Internet Protocol) accounts are accounts for users who dial in via point-to- point serial line connections. UUCP (UNIX to UNIX Copy Program) accounts allow for file transfers over direct serial connections or modems. POP (Post Office Protocol) accounts are for users who retrieve their e-mail from POP e-mail servers. Virtual POP accounts are the same as POP accounts, but they're used for virtual e-mail domains. ______________________________________________________________________ Table of Contents 1. AID CDATA login 1.1 Base 1.2 Mail Settings 2. PPP Accounts 3. SLIP Accounts Via Normal Login 4. UUCP Accounts 5. POP and Virtual POP Accounts (mail only) ______________________________________________________________________ 11.. LLooggiinn AAccccoouunnttss Users need login accounts in order to keep files and access programs on a Linux system. 11..11.. BBaassee Base info is where you specify basic information about the user. TThhee aaccccoouunntt iiss eennaabblleedd New accounts are enabled by default. If you want to disable an existing or new user's account, unselect this option. Disabling a user's account is preferable to deleting a user's account, unless you need the storage space or you're certain that his/her data will not be needed in the future. If a user's account is disabled, they will not be allowed to log in. LLooggiinn nnaammee Also known as a username, you're required to fill in the Login name field when you're creating a user's account. The login name is a string of text that uniquely identifies a particular account (from a human's perspective). The user will need to type in their login name and a password when they log in. The user's login name will also be used in their e-mail address. You may need some guidelines for login names. A login name should be between three and eight lowercase characters. More than eight characters can be used, but the characters beyond the eighth one will not be recognized by your system. This could cause a problem if the differentiating characters between two usernames (for example, jamessmith and jamessmithers) are past the eighth character. To your system, the two usernames are the same. The characters can include numbers and letters, but shouldn't include spaces or any special characters (except for - or _). You may want to standardize the format of login names. For example, you might use the first four letters of the person's last name plus their first initial, so Jane Smith would have a login name of smitj). Standardized login names are easy for the users to remember; they also make it easy to figure out a person's login name from their real name. FFuullll nnaammee You should fill in the full name of the user if you're creating a new account. So, Jane Smith's full name would be Jane Smith. The user's full name will show up in their e-mail From: header, as well as in other places. You don't need to use all lowercase letters for the full name. You shouldn't include any colons in the full name; linuxconf will reward you with an error message if you do. You shouldn't use an ampersand (&) in this field because it will resolve into the user's username. If you want, you can fill in more than just the user's name in the full name field. If the finger command is in use on your system, this field provides input for responses to the finger command. Commas are delimiters for finger information in the full name field (so if you have a user named John Smith, Jr., you should type their name in without a comma: John Smith Jr.). You'll need to experiment with your system to see how the information in the Full name field is used to respond to finger commands. GGrroouupp:: You don't have to fill in the user's initial default group; your system will fill one in for you if you leave it blank. Every account is a member of at least one group. Traditionally, UNIX and UNIX-like systems put users into default groups based upon the files or processes to which they need access. For example, many systems have one primary user group called users, which includes all users (what a surprise). On some systems, new users will automatically be assigned to the users group. The User Private Group (UPG) scheme is another way to assign users to groups. With UPG, every user's default group is a group of one, which includes only that user. For example, the user smitj is in a default group of smitj. On Red Hat Linux systems, new users will automatically be assigned to their own group (their login name). SSuupppplleemmeennttaarryy ggrroouuppss Users can be members of groups other than their primary group. Usually, this is so that a group of users can access the same directory of files. HHoommee ddiirreeccttoorryy The system will automatically assign the user to a home directory, if you don't fill one in. On some systems, the user's home directory is /home/username. For example, a new account with username smitj would be assigned a home directory of /home/smitj. CCoommmmaanndd iinntteerrpprreetteerr The user's command interpreter is the shell that the user will be in after a successful login. Linuxconf offers many choices, but if you need to add one, use Config--Networking--Users Accounts--Available User Shells. UUsseerr IIDD The User ID number or UID is the number that the system uses to identify an account. The system doesn't really care about the username; it identifies process and file ownership according to UIDs. You should just leave this field blank and let your system assign a UID to new users; it will default to the next UID available for regular users. 11..22.. MMaaiill SSeettttiinnggss Under Mail settings, you can redirect e-mail messages from or to a particular user or alias. RReeddiirreecctt mmeessssaaggeess ttoo If you fill in an e-mail address here, e-mail messages to the user will go to the redirected address instead. EEmmaaiill aalliiaass An e-mail alias is a supplemental e-mail address that will be accepted by the system and forwarded on to a specific user. For example, you could add the alias jane_smith@yourdomain.com to user smitj's account. Then, e-mail sent to jane_smith@yourdomain.com would automatically be forwarded to smitj@yourdomain.com. 22.. PPPPPP AAccccoouunnttss PPP accounts are for users who dial in to your system via a modem. Most of the parameters for a PPP account should be filled in the same as a regular login account, so see ``'' if you need more information on login name, full name, home directory, user ID, and the mail settings. You can't set the group for a PPP user; all PPP accounts are in the pppusers group. The default command interpreter or login shell for a PPP user is /usr/lib/linuxconf/lib/ppplogin, which is a script for handling PPP logins. If you have another command interpreter script for handling PPP logins, you'll need to add it to linuxconf's choices using Config--Networking--Users Accounts--Available PPP Shells. 33.. SSLLIIPP AAccccoouunnttss VViiaa NNoorrmmaall LLooggiinn SLIP accounts are for users who dial in to your system via a modem. PPP is more commonly used than SLIP for this purpose. Most of the parameters for a SLIP account should be filled in the same as a regular login account. See ``'' if you need more information on login name, full name, home directory, user ID, and the mail settings. You can't set the group for a SLIP user; all SLIP accounts are in the slipusers group. The default command interpreter or login shell for a SLIP user is /sbin/diplogin, which is a symbolic link to the dip utility for handling dialup IP connections. If you have another script for handling SLIP logins, you'll need to add it to linuxconf's choices using Config--Networking--Users Accounts--Available SLIP Shells. 44.. UUUUCCPP AAccccoouunnttss UUCP accounts allow for file transfers via direct serial connections or via modems. Most of the parameters for a UUCP account should be filled in the same as a regular login account. See ``'' if you need more information on login name, full name, user ID, and the mail settings. You can't set the group for a UUCP user; all UUCP accounts are in the uucp group. The default home directory for UUCP accounts is /var/spool/uucppublic; you can set this to a different directory if you use another place for UUCP file transfers. 55.. PPOOPP aanndd VViirrttuuaall PPOOPP AAccccoouunnttss ((mmaaiill oonnllyy)) POP accounts are used for e-mail. POP users download their entire mailbox from a POP server, manage their mail on their POP client, and then upload the mailbox back to the POP server. If you've defined a virtual e-mail domain (Config--Networking--Mail delivery system (sendmail)--virtual e-mail domain), you can define virtual POP accounts. A virtual e-mail domain allows you to serve different e-mail domains from the same server. Most of the parameters for a POP account should be filled in the same as a regular login account. See ``'' if you need more information on login name, full name, home directory, user ID, and the mail settings. You can't set the group for a POP user; all POP accounts are in the popusers group.