10 Adding new users.
Steps involved (usually automated).
- Determine login name, user ID (UID), group ID (GID) & netgroup (if using NIS or NIS+)
- Enter data in /etc/passwd file
- Assign password
- Set account parameters (e.g., password aging, account expiration, quotas)
- Create home directory
- Copy initialization files
- Set file ownerships and protections (use chown, chgrp, chmod commands)
- Add user to other facilities (quota system, aliases file)
- Perform other site-specific initialization tasks
- Test new account
10.1 Fields in the /etc/passwd file.
logname:passwd:uid:gid:user info:home:shell
10.2 Fields in the /etc/group file.
group:passwd:gid:members
10.3 Choosing passwords.
One of the best algorithms to use is to take two non-related words, separate them with a punctuation character, mix in some upper-case characters, and perhaps reverse one of the words. E.g.,
- DOg.tenT (mixed upper/lower case)
- t00l%p0nd (zeros instead of "O")
- p33l*BOARd (substitute numeric for alpha)
- tned-Pile (reversed first word)
10.4 Shell initialization files.
- C shell: .cshrc, .login, .logout, /etc/cshrc,/etc/cshrc.std
- Borne shell: .profile, /etc/profile,/etc/profile.std
- Skeleton files: in /usr/skel, /etc/skel, or/etc/security directories
10.5 Automating account creation.
- sysadm (System V)
- passmgmt (System V)
- useradd (System V.4)
- adduser, addgroup (Some BSD, OSF/1)
- SMIT (AIX)
- nu (NeXTStep)
- Public domain scripts
10.6 Disabling and/or removing user accounts.
- Remove or modify entry in /etc/passwd
- Remove entry in NIS/NIS+ maps
- Remove $HOME/.rhosts files
- Remove mail spool file
- Remove from mail aliases file
- Remove any cron or at jobs
- Remove directory
10.7 Related articles
"Developing Common Login Scripts," Dinah McNutt, Unix Review, December 1995, p73. (includes sample .profile file for the Korn shell)www.washington.edu
0 komentar:
Post a Comment