FreeBSD - Tutorials, Security
Home   Archives   Sitemap   About   Contact

Creating/Adding (temporary) users on FreeBSD 6

Home NEW! Unix Forum News 100 Tips and Tricks Website Development Server Operating Systems Databases
 Ivorde.ROarrow Server Operating Systems arrowAdministration GuidesarrowCreating/Adding (temporary) users on FreeBSD 6  

Article Sections

    Hello, Guest !
User name:
Password:
 
Google

 SSD VPS Hosting - Vpsie.com
 Mo.nitor.me
 Ivorde forum
 FreeBSD Tutorials
 Linux LVM Commands
 Free Shell Accounts
 FreeBSD Project
 FreeBSD Handbook
 Advanced Bash-Scripting Guide
 The OpenBSD Project
 Distrowatch
 FreeBSD Handbook


Apache Webserver Home Page

Posted on: 22 Nov 2007
Author: mandrei
Section: Server Operating Systems | Administration Guides
Views: 643
Comments: 0 (Add)

Creating/Adding (temporary) users on FreeBSD 6
Creating/adding users and changing their account's expiration date, password expiration date on FreeBSD.

 



Creating users and changing their account's expiration date, password expiration date on FreeBSD.

There are many ways to create users on a FreeBSD box but the easiest way (to me) is using pw(8)


The following options apply to the useradd and usermod commands:

-n name Specify the user/account name.

-u uid Specify the user/account numeric id.

Usually, you only need to provide one or the other of these
options, as the account name will imply the uid, or vice
versa. However, there are times when you need to provide
both. For example, when changing the uid of an existing
user with usermod, or overriding the default uid when cre-
ating a new account. If you wish pw to automatically allo-
cate the uid to a new user with useradd, then you should
not use the -u option. You may also provide either the
account or userid immediately after the useradd, userdel,
usermod or usershow keywords on the command line without
using the -n or -u options.

-c comment This field sets the contents of the passwd GECOS field,
which normally contains up to four comma-separated fields
containing the user's full name, office or location, and
work and home phone numbers. These sub-fields are used by
convention only, however, and are optional. If this field
is to contain spaces, you need to quote the comment itself
with double quotes `"'. Avoid using commas in this field
as these are used as sub-field separators, and the colon
`:' character also cannot be used as this is the field sep-
arator for the passwd file itself.

-d dir This option sets the account's home directory. Normally,
you will only use this if the home directory is to be dif-
ferent from the default determined from /etc/pw.conf - nor-
mally /home with the account name as a subdirectory.

-e date Set the account's expiration date. Format of the date is
either a UNIX time in decimal, or a date in `dd-mmm-yy[yy]'
format, where dd is the day, mmm is the month, either in
numeric or alphabetic format ('Jan', 'Feb', etc) and year
is either a two or four digit year. This option also
accepts a relative date in the form `+n[mhdwoy]' where `n'
is a decimal, octal (leading 0) or hexadecimal (leading 0x)
digit followed by the number of Minutes, Hours, Days,
Weeks, Months or Years from the current date at which the
expiration date is to be set.

-p date Set the account's password expiration date. This field is
similar to the account expiration date option, except that
it applies to forced password changes. This is set in the
same manner as the -e option.

-g group Set the account's primary group to the given group. group
may be defined by either its name or group number.

-G grouplist Set additional group memberships for an account. grouplist
is a comma-separated list of group names or group numbers.
The user's name is added to the group lists in /etc/group,
and removed from any groups not specified in grouplist.
Note: a user should not be added to their primary group
with grouplist. Also, group membership changes do not take
effect for current user login sessions, requiring the user
to reconnect to be affected by the changes.

-L class This option sets the login class for the user being cre-
ated. See login.conf(5) and passwd(5) for more information
on user login classes.

-m This option instructs pw to attempt to create the user's
home directory. While primarily useful when adding a new
account with useradd, this may also be of use when moving
an existing user's home directory elsewhere on the file
system. The new home directory is populated with the con-
tents of the skeleton directory, which typically contains a
set of shell configuration files that the user may person-
alize to taste. Files in this directory are usually named
dot. where the dot prefix will be stripped. When
-m is used on an account with usermod, existing configura-
tion files in the user's home directory are not overwritten
from the skeleton files.

When a user's home directory is created, it will by default
be a subdirectory of the basehome directory as specified by
the -b option (see below), bearing the name of the new
account. This can be overridden by the -d option on the
command line, if desired.

-k dir Set the skeleton directory, from which basic startup and
configuration files are copied when the user's home direc-
tory is created. This option only has meaning when used
with the -d or -m flags.

-s shell Set or changes the user's login shell to shell. If the
path to the shell program is omitted, pw searches the
shellpath specified in /etc/pw.conf and fills it in as
appropriate. Note that unless you have a specific reason
to do so, you should avoid specifying the path - this will
allow pw to validate that the program exists and is exe-
cutable. Specifying a full path (or supplying a blank ""
shell) avoids this check and allows for such entries as
/nonexistent that should be set for accounts not intended
for interactive login.

-h fd This option provides a special interface by which interac-
tive scripts can set an account password using pw. Because
the command line and environment are fundamentally insecure
mechanisms by which programs can accept information, pw
will only allow setting of account and group passwords via
a file descriptor (usually a pipe between an interactive
script and the program). sh, bash, ksh and perl all pos-
sess mechanisms by which this can be done. Alternatively,
pw will prompt for the user's password if -h 0 is given,
nominating stdin as the file descriptor on which to read
the password. Note that this password will be read only
once and is intended for use by a script rather than for
interactive use. If you wish to have new password confir-
mation along the lines of passwd(1), this must be imple-
mented as part of an interactive script that calls pw.

If a value of `-' is given as the argument fd, then the
password will be set to `*', rendering the account inacces-
sible via password-based login.

-H fd Read an encrypted password string from the specified file
descriptor. This is like -h, but the password should be
supplied already encrypted in a form suitable for writing
directly to the password database.


Quick command for adding users:
pw useradd -n user_name -e 01-06-2008 -m -s /usr/local/bin/ksh93 -h 0
-e sets user's account expiration date
-p sets user's password expiration date
-n name of account (user_name)
-m automatically create /home/user_name
-s sets user's shell
-h 0 prompts for password

At this point we have user_name added to your system with the password chosen by us and we want this user to change his password as soon as possible (let's say tomorrow).

Quick command for changing expiration date for a user's account:
pw user mod user_name -e 23-11-2007 #Changes this account to expire on 23rd of November 2007

Quick command for changing expiration password for a user:
pw user mod user_name -p 22-11-2007 #Changes this account so that user_name's password will expire next day, in my case 22nd of november 2007.

After su - user_name I see:
Warning: your account expires on Fri Nov 23 00:00:00 2007
Warning: your password expires on Thu Nov 22 00:00:00 2007



Now that we have our users created and forced to change their passwords as soon as possible we need to implement the strong password policy for FreeBSD.

Also see: FreeBSD: Password expiry (aging policy) and FreeBSD add user command

Bookmarks: Echo "Creating/Adding (temporary) users on FreeBSD 6 " around:
del.icio.usdiggFurlYahooMyWebGoogleBookmarksFaceBookTechnocratti
Test king offers up-to-date and modern testing services with tests like 156-215 which prepares students for 100% results. Test king is also known for preparing students for Microsoft certifications with test such as 70-553 and 70-272. Other popular Microsoft prep tests are 70-271 and 70-553. Test king is also training students for Cisco certifications with tests such as 310-055 and 310-055.

Other articles in Server Operating Systems / Administration Guides
» ProFTPd + MySQL - 530 Login incorrect
» How to allow access to su to root on FreeBSD
» BSD Guides for BSD fans http://www.bsdguides.org/
» How to change a user's password in AIX with the output from ECHO command
» How to start/enable telnet on a FreeBSD server




Contact webmaster regarding this article
Register or Login to post your article
Hello, Guest ! You can Login or Register to www.ivorde.ro!

 Post comment:

Name:
Title:
Comment:
Please type the word you see in the image (anti-spam verification). Refresh the page if you don't understand the word.
Allowed HTML Tags for comments:<p><strong><em><u><h1><h2><h3><h4><h5><h6><img><li>
<ol><ul><span><div><br><ins><del>

0 comment(s) to Creating/Adding (temporary) users on FreeBSD 6 :

   Latest topics on the forum:
 
   Most viewed articles:
How to copy a mysql database using mysqldump - 10087 views
How to change a user's password in AIX with the output from ECHO command - 9286 views
FreeBSD: Add/remove an additional IP alias - 6453 views
Qmail relay to smarthost: How to route all mail to a smarthost - 4364 views
Change user shell on FreeBSD Linux and AIX - 3118 views

   Latest 10 articles:
Qmail relay to smarthost: How to route all mail to a smarthost - 03 Feb 2009
EXIM 4 relay to smarthost: How to route all mail except local domain - 03 Feb 2009
Windows XP: print LISTEN ports and network connections using netstat - 30 Jan 2009
How to cut out first last n characters from each file name, from a filelist - 04 Nov 2008
Mozilla Firefox3 is now released - 18 Jun 2008
How to switch lower case to upper case and upper case to lower case in a string - 17 Jun 2008
How to rename files/directories to uppercase/lowercase character names - 17 Jun 2008
How to convert lower case to upper case letters in a shell script/command - 17 Jun 2008
Unix,Linux,FreeBSD - How to rename a list of files, replacing spaces inside their names - 12 Jun 2008
How to change a user's password in AIX with the output from ECHO command - 21 May 2008


Archives
» 2007  |  June  |  October  |  November  |  December
» 2008  |  January  |  February  |  March  |  April  |  May  |  June  |  November
» 2009  |  January  |  February



Home | Archives | Sitemap | About | Contact

Designed and developed by Andrei Manescu. Optimized for Mozilla Firefox.  
Copyright 2007 Andrei Manescu
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by those who posted them.
Valid W3 Document Valid XHTML 1.0 Transitional Valid CSS! The FreeBSD Project Viewable With Any Browser