- Advance Praise for Absolute OpenBSD, 2nd Edition
- Dedication
- About the Author
- About the Technical Reviewer
- Foreword
- Acknowledgments
- Introduction
- 1. Getting Additional Help
- 2. Installation Preparations
- 3. Installation Walk-Through
- 4. Post-Install Setup
- 5. The Boot Process
- 6. User Management
- 7. Root, and How to Avoid It
- The Root Password
- Using Groups
- Hiding Root with sudo
- Using sudo
- sudoedit
- The Biggest sudo Mistake: Exclusions
- sudo Logs
- 8. Disks and Filesystems
- Device Nodes
- DUIDs and /etc/fstab
- MBR Partitions and fdisk(8)
- Labeling Disks
- The Fast File System
- What’s Currently Mounted?
- Mounting and Unmounting Partitions
- How Full Is That Partition?
- Adding New Hard Disks
- 9. More Filesystems
- 10. Securing Your System
- 11. Overview of TCP/IP
- 12. Connecting to the Network
- 13. Software Management
- 14. Everything /etc
- /etc Across Unix Variants
- The /etc Files
- /etc/adduser.conf
- /etc/amd
- /etc/authpf
- /etc/bgpd.conf
- /etc/boot.conf
- /etc/changelist
- /etc/chio.conf
- /etc/csh.*
- /etc/daily and /etc/daily.local
- /etc/dhclient.conf
- /etc/dhcpd.conf
- /etc/disklabels/
- /etc/disktab
- /etc/dumpdates
- /etc/dvmrpd.conf
- /etc/exports
- /etc/fbtab
- /etc/firmware
- /etc/fonts/
- /etc/fstab
- /etc/ftpchroot
- /etc/ftpusers
- /etc/gettytab
- /etc/group
- /etc/hostapd.conf
- /etc/hostname.*
- /etc/hosts
- /etc/hosts.equiv
- /etc/hosts.lpd
- /etc/hotplug/
- /etc/ifstated.conf
- /etc/iked/, /etc/iked.conf, /etc/ipsec.conf, and /etc/isakmpd
- /etc/inetd.conf
- /etc/kbdtype
- /etc/kerberosV/
- /etc/ksh.kshrc
- /etc/ldap/ and /etc/ldapd.conf
- /etc/localtime
- /etc/locate.rc
- /etc/login.conf
- /etc/lynx.cfg
- /etc/magic
- /etc/mail/
- /etc/mail.rc
- /etc/mailer.conf
- /etc/man.conf
- /etc/master.passwd, /etc/passwd, /etc/spwd.db, and /etc/pwd.db
- /etc/mixerctl.conf
- /etc/mk.conf
- /etc/moduli
- /etc/monthly and /etc/monthly.local
- /etc/motd
- /etc/mrouted.conf
- /etc/mtree/
- /etc/mygate
- /etc/myname
- /etc/netstart
- /etc/networks
- /etc/newsyslog.conf
- /etc/nginx/
- /etc/nsd.conf
- /etc/ntpd.conf
- /etc/ospf6d.conf and /etc/ospfd.conf
- /etc/pf.conf and /etc/pf.os
- /etc/ppp/
- /etc/printcap
- /etc/protocols
- /etc/rbootd.conf
- /etc/rc.*
- /etc/relayd.conf
- /etc/remote
- /etc/resolv.conf and /etc/resolv.conf.tail
- /etc/ripd.conf
- /etc/rmt
- /etc/rpc
- /etc/sasyncd.conf
- /etc/sensorsd.conf
- /etc/services
- /etc/shells
- /etc/skel/
- /etc/sliphome/
- /etc/snmpd.conf
- /etc/ssh/
- /etc/ssl/
- /etc/sudoers
- /etc/sysctl.conf
- /etc/syslog.conf
- /etc/systrace/
- /etc/termcap
- /etc/ttys
- /etc/weekly and /etc/weekly.local
- /etc/wsconsctl.conf
- /etc/X11
- /etc/ypldap.conf
- 15. System Maintenance
- 16. Network Servers
- 17. Desktop OpenBSD
- 18. Kernel Configuration
- 19. Building Custom Kernels
- 20. Upgrading
- 21. Packet Filtering
- 22. Advanced PF
- 23. Customizing OpenBSD
- A. Afterword
- Index
- About the Author
- Copyright
Editing User Accounts
You create users with privileges based on the knowledge you have at the time. The information you have is probably wrong, so get comfortable with editing users. In most cases, chpass(1) does everything you need in a user-friendly way.
Users can edit their own accounts by running chpass without any arguments.
$ chpass
$ Changing user database information for mwlucas.
Shell: /usr/local/bin/tcsh
Full Name: mwlucas
Office Location:
Office Phone:
Home Phone:
Here, users can update their shell or change their directory information. Many applications ignore the directory information (phone numbers and office location) stored in /etc/passwd, but in some places, it’s important. Make changes, save, and exit.
If you run chpass as root, giving a username as an argument, you get a very different picture.
# chpass mwlucas
# Changing user database information for mwlucas.
Login: mwlucas
Encrypted password: $2a$08$s2EVX.cAhYHskOaHk/4C5eLn76atAmGPU7z5DqRKAYe/V.OGgWXVi
Uid [#]: 1000
Gid [# or name]: 1000
Change [month day year]:
Expire [month day year]:
Class: staff
Home directory: /home/mwlucas
Shell: /usr/local/bin/tcsh
Full Name: mwlucas
Office Location:
Office Phone:
Home Phone:
Here, you can forcibly change the user’s password (although there are better ways to do this), shell, UID, password expiration, and so on, in addition to all of the user’s directory information.
Changes made through chpass affect only /etc/passwd, /etc/master.passwd, and /etc/group. If you change a user’s UID, GID, or home directory, you must also make the corresponding changes to the files the user owns and his home directory; otherwise, the user’s account won’t work correctly. If /etc/passwd lists your home directory as /newhome/mwlucas in /etc/passwd, but your files are in /home/mwlucas, you’ll have trouble on your hands.
Note that you can’t edit /etc/master.passwd or /etc/passwd with just any text editor; you need to use tools that manage the corresponding password databases. If you insist on editing the password file by hand, you can use vipw(8) to directly edit /etc/passwd. If you’re not familiar with vipw, stick with chpass. The most common use for vipw is when the password file is damaged, and the most common way someone damages the password file is by using vipw.
-
No Comment