unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-4.1.3)
Page:
Section:
Apropos / Subsearch:
optional field

ADDUSER(8)                  System Manager's Manual                 ADDUSER(8)



NAME
       adduser - procedure for adding new users

DESCRIPTION
       To  add  an account for a new user, the system administrator (or super-
       user):

              o  Create an entry for the  new  user  in  the  system  password
                 files.

              o  Create a home directory for the user, and change ownership so
                 the new user owns that directory.

              o  Optionally set  up  skeletal  dot  files  for  the  new  user
                 (.cshrc, .login, .profile...).

              o  If the account is on a system running the Network Information
                 Service (NIS), take additional measures.

USAGE
   Making an Entry in the Password File
       To add an entry for the new login name on a local host, first edit  the
       /etc/passwd  file  --  inserting a line for the new user.  This must be
       done with the password file locked, for instance, by using vipw(8), and
       the insertion must be made above the line containing the string:

              +::0:0:::

       This  line  indicates  that additional accounts can be found in the NIS
       service.

       To add an entry for the new login name into the  NIS  service,  add  an
       identical  line  to  the file /etc/passwd on the NIS master server, and
       run make(1) in the directory /var/yp (see  ypmake(8)  for  details)  to
       propagate the change.

       The  new  user  is  assigned  a  group  and user ID number (GID and UID
       respectively).  UIDs should be unique  for  each  user  and  consistent
       across  the  NFS domain, since they control access to files.  GIDs need
       not be unique.  Typically,  users  working  on  similar  projects  will
       assigned  to the same group.  The system staff is group 10 for histori-
       cal reasons, and the super-user is in this group.

       An entry for a new user francine would look like this:

              francine::235:20:&& Featherstonehaugh:/usr/francine:/bin/csh

       Fields in each password-file entry are delimited by  colons,  and  have
       the following meanings:

              o  Login  name  (francine).   The login name is limited to eight
                 characters in length.

              o  Encrypted password or the string ##name  if  encrypted  pass-
                 words are stored in the password adjunct file.  Typically, if
                 passwords are to be stored in the main  password  file,  this
                 field  is  left empty, so no password is needed when the user
                 first logs in.  If security demands a password, it should  be
                 assigned  by  running passwd(1) immediately after exiting the
                 editor. The number of significant characters in a password is
                 eight. (See passwd(1).)

              o  User  ID.   The  UID  is  a number which identifies that user
                 uniquely in the system.  Files owned by the  user  have  this
                 number  stored  in their data blocks, and commands such as ls
                 (1V) (see ls(1V)), use it to look up the owner's login  name.
                 For  this reason, you cannot randomly change this number. See
                 passwd(5) for more information.

              o  Group ID.  The GID number identifies the group to  which  the
                 user  belongs  by  default  (although  the user may belong to
                 additional groups as well).  All files that the user  creates
                 have  this  number  stored in their data blocks, and commands
                 such as ls(1V) (see ls(1V), use it to look up the group name.
                 Group names and assignments are listed in the file /etc/group
                 (which is described in group(5)) or in the NIS group map.

              o  This field is called the GCOS field (from earlier implementa-
                 tion  of  the  operating system) and is traditionally used to
                 hold the user's full name.   Some  installations  have  other
                 information  encoded in this field.  From this information we
                 can tell that Francine's real name is `Francine Featherstone-
                 haugh'.  The && in the entry is shorthand for the user's login
                 name.

              o  User's home directory.  This is the directory in  which  that
                 user is "positioned" when they log in.

              o  Initial  shell  which  this  user will see on login.  If this
                 field is empty, sh(1) is used as the initial shell.

       An entry for a new user francine would look like this:

              francine:::::lo:ad,+dw

       Fields in each password adjunct file entry are delimited by colons, and
       have the following meanings:

              o  Login  name  (francine).  This name must match the login name
                 in the password file.

              o  Encrypted password.  Typically, this field is left empty when
                 adding  the  line  using the editor.  passwd(1) should be run
                 immediately after exiting the editor.

              o  The next three fields are  the  minimum  label,  the  maximum
                 label,  and  the  default label.  These fields should be left
                 empty, since they are reserved for future use.

              o  The next two fields are for the always-audit  flags  and  the
                 never-audit  flags.   Always-audit flags specify which events
                 are guaranteed to be  audited  for  that  user.   Never-audit
                 flags  specify  which events are guaranteed not to be audited
                 for that  user.   For  a  description  of  audit  flags,  see
                 audit_data(5).

   Making a Home Directory
       As  shown in the password file entry above, the name of Francine's home
       directory is to be /usr/francine.  This directory must be created using
       mkdir(1), and Francine must be given ownership of it using chown(8), in
       order for her profile files to be read and executed, and to  have  con-
       trol over access to it by other users:
              example# mkdir /usr/francine
              example# /usr/etc/chown francine /usr/francine

       If  running  under NFS, the mkdir(1) and chown(8) commands must be per-
       formed on the NFS server.

   Setting Up Skeletal Profile Files
       New users often need assistance in setting up their  profile  files  to
       initialize the terminal properly, configure their search path, and per-
       form other desired functions at startup.  Providing them with  skeletal
       profile  files  saves  time and interruptions for both the new user and
       the system administrator.

       Such files as .profile (if they  use  /usr/bin/sh  as  the  shell),  or
       .cshrc  and .login (if they use /usr/bin/csh as the shell), can include
       commands that are performed automatically at each login, or whenever  a
       shell  is  invoked, such as tset(1).  The ownership of these files must
       be changed to belong to the new user, either by running  su(1V)  before
       making copies, or by using chown(8).

FILES
       /etc/passwd                   password file
       /etc/security/passwd.adjunct
       /etc/group                    group file
       /etc/yp/src/passwd
        /.cshrc
        /.login
        /.profile

SEE ALSO
       csh(1),  ls(1V),  make(1), mkdir(1), passwd(1), sh(1), su(1V), tset(1),
       audit(2), audit_control(5), audit_data(5), passwd.adjunct(5), group(5),
       passwd(5),  passwd.adjunct(5)  audit(8),  auditd(8), chown(8), vipw(8),
       ypmake(8),

NOTES
       The Network Information Service (NIS) was formerly known as Sun  Yellow
       Pages  (YP).   The  functionality of the two remains the same; only the
       name has changed.



                               7 September 1989                     ADDUSER(8)