Adding new users

From Applied Optics Wiki
Revision as of 14:59, 8 September 2008 by Sds (talk | contribs)

Jump to: navigation, search

Adding new users to the Applied Optics Linux/Unix system

This is a reminder for Steve/Roger/Matt. It's the way I (Steve) do it, it seems to work for me.

  • Log onto armchair as root
  • Edit /etc/passwd
    • Find the next available UID:
Range Type
17000-18000 People with existing UIDs on the EEE (James') UNIX system
24000-24099 Special local "system users" (scan, share, etc)
24100-24899 Regular users
24900-24999 Undergrads / MSc / external to EEE (can be temporary)
    • Add a line for the new user, in UID order.
    • The second number is their default group. This can either be the same as their UID (more secure for them), or it may be more useful to set it to the scan UID (24001) if they're going to be creating a lot of files/directories that others may need to access.
  • Edit /etc/group
    • Add a group under their name with the GID the same as the UID
    • Add their username to (at the very least) the share group, and (if appropriate) the scan group.
  • Edit /etc/shadow
    • Add a line for the new user. In the password hash field (after the first ":") just put a "!"
  • Edit /etc/auto.home
    • Add a line for the new user. This will determine where their home directory is to be stored (armchair, bed or optik, and if on bed, which hard disk)
  • As root on armchair:
cd /var/yp
/etc/init.d/SuSEfirewall2_setup stop
make
/etc/init.d/SuSEfirewall2_setup start
passwd <username>

(get them to type their password)

  • Log onto the machine where their home directory is going to go
  • Go to the appropriate directory
mkdir <username>
chown <username>: <username>
exit

(so you're no longer root) - you're done.

Example

  • A new member of Applied Optics wants a log-in. Their name is Hoang Zhu. They will be working over in the SiOS lab
  • You have searched /etc/passwd on armchair and found that there is already someone else in the group with a surname Zhu, but there is no-one else with initials hz.
  • You decide to give them the username hz.
  • They will be doing a lot of work on a shared experiment, and are likely to be saving data a lot in /home/scan/ which will be used by others. You decide to give them the default group of scan.
  • You find the next available UID in the range 24100-24899: 24127.
  • You add the following line to armchair:/etc/passwd (in UID order):
hz:x:24127:24001:Hoang Zhu:/home/hz:/bin/bash
  • You add the following line to armchair:/etc/group (in GID order):
hz:!:24127:
  • You add hz to the end of the list of users in the scan and share groups
  • You add the following line to armchair:/etc/shadow:
hz:!:14130:0:99999:7:::
  • You add the following line to armchair:/etc/auto.home (in alphabetical order):
hz  bed:/optics/heavy:&
  • As root on armchair
cd /var/yp
/etc/init.d/SuSEfirewall2_setup stop
make
/etc/init.d/SuSEfirewall2_setup start
passwd hz

(you get them to type their password)

  • You log onto bed and become root.
cd /optics/heavy
mkdir hz
chown hz: hz
exit

(so you're no longer root) - you're done.