A user is added to the system when they're given an entry in the passwd file, as in the following entry:
mike:*:1007:1007:Mike User:/usr/home/mike:/usr/local/bin/bash
The elements, delimited by colons that make up this record, are:
In the example, "mike" has a UID of 1007, belongs to group 1007, has a home directory in /usr/home/mike, and logs into a bash shell. In this FreeBSD system, the password is stored in a separate shadow file.
Usernames are usually no more than 8 characters, though this differs based on type of system. Usernames consist of alphanumeric characters and are case-sensitive. Case sensitivity also applies with passwords, which can be longer and use other characters.
The UID must be unique, as would be expected. When a new user is added, the next available UID is usually used, but there's no restriction on having gaps or using order with UIDs. However, if the Unix box is part of a network, it is essential that the person's UID be unique across the network. The same constraints apply to the group ID: in most cases a new group ID equal to the UID is assigned the person. Addition to other groups occurs after the person is added to the system.
The UID of 0 (zero) is the superuser, root. The GID of 0 (zero) is wheel, the superuser group.
The user's name, address, office location, etc. can be included in the comment field, and the default home directory (created before adding the user) and person's startup shell is added to the record.
Adding users varies widely between systems. Apple's Darwin uses a separate system called NetInfo, an open source application (available at http://sourceforge.net/projects/netinfo4unix/) to manage users, groups, directories, and so on. A daemon uses information from NetInfo to control user access; the user "flat files," as passwd and group are known in this system, are used only in single-user environments.
In Linux, Solaris, and other systems, the process of adding a user is simplified with a utility, adduser (or useradd). The simple form of the utility is:
# adduser username
The utility is called with the username of the new user. Based on the system, the user is then added with defaults or you're interactively asked for more information. Or you can specify information on the command line that's used to create the user.
In Red Hat Linux, adduser is an alias for useradd. Default values are used for each user, such as a home location of /home/username and a default shell (bash), unless specified otherwise on the command line. In the following example, a new user, testuser, is added. Command-line options are used to override the default information:
# useradd -c "Test User" -d /home/local/testuser -G 501, 502 -p changepassword -s /bin/bash -e 2002-05-24
In this example, -c is used to add a username comment (the user's full name), -G specifies what groups to add the person to, -p adds a password, -s sets the person's default shell, and -e specifies that the username expires on a certain date. The person is added to their own group -- 503 in this example. To override this I would use the -g command-line parameter -- the -G only adds the person to additional groups, it doesn't override default behavior.
Within Mac OS X, user and group management is handled through Netinfo. Find out more about Netinfo at http://www.opensource.apple.com/projects/documentation/howto/html/netinfo.html. The command-line utility to add a user via Netinfo is niutil. An example of its use is:
shelleyp% niutil-create//users/newbie
Use the system's manpages to see if useradd or adduser is installed and the command line parameters supported.
-- SP
Copyright © 2003 O'Reilly & Associates. All rights reserved.