From owner-freebsd-questions@FreeBSD.ORG  Sat Aug  5 12:12:43 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 192B616A4DE
	for <freebsd-questions@freebsd.org>;
	Sat,  5 Aug 2006 12:12:43 +0000 (UTC)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk
	[81.187.76.162])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D035043D53
	for <freebsd-questions@freebsd.org>;
	Sat,  5 Aug 2006 12:12:39 +0000 (GMT)
	(envelope-from m.seaman@infracaninophile.co.uk)
Received: from [IPv6:::1] (localhost [IPv6:::1])
	by smtp.infracaninophile.co.uk (8.13.6/8.13.6) with ESMTP id
	k75CCEpw017706; Sat, 5 Aug 2006 13:12:14 +0100 (BST)
	(envelope-from m.seaman@infracaninophile.co.uk)
Authentication-Results: smtp.infracaninophile.co.uk
	from=m.seaman@infracaninophile.co.uk; sender-id=softfail;
	spf=softfail
X-SenderID: Sendmail Sender-ID Filter v0.2.14 smtp.infracaninophile.co.uk
	k75CCEpw017706
Message-ID: <44D48B18.3020401@infracaninophile.co.uk>
Date: Sat, 05 Aug 2006 13:12:08 +0100
From: Matthew Seaman <m.seaman@infracaninophile.co.uk>
Organization: Infracaninophile
User-Agent: Thunderbird 1.5.0.5 (X11/20060801)
MIME-Version: 1.0
To: beno <beno@web.vi>
References: <44D478C2.5040205@web.vi>
In-Reply-To: <44D478C2.5040205@web.vi>
X-Enigmail-Version: 0.94.0.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="------------enigC61F19E87E1EC7B6F3C4A8FC"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.0.2
	(smtp.infracaninophile.co.uk [IPv6:::1]);
	Sat, 05 Aug 2006 13:12:34 +0100 (BST)
X-Virus-Scanned: ClamAV 0.88.3/1635/Fri Aug 4 14:00:11 2006 on
	happy-idiot-talk.infracaninophile.co.uk
X-Virus-Status: Clean
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,NO_RELAYS 
	autolearn=ham version=3.1.3
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on 
	happy-idiot-talk.infracaninophile.co.uk
Cc: freebsd-questions@freebsd.org
Subject: Re: User Information (Easy Questions!)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Aug 2006 12:12:43 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigC61F19E87E1EC7B6F3C4A8FC
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable

beno wrote:
> Hi;
> * How do I find out which users have access to the box and what their
> permissions/groups are?

Type:

    % id username

which will tell you the users' UID and what groups they are a member of.

> * How do I edit those permissions/groups?

Unless you're using NIS or LDAP or some other directory program, then
all you need to do is edit the /etc/master.passwd and /etc/group files.
You can do that directly; use the vipw(8) command to edit
the password file safely and to automatically rebuild /etc/passwd the=20
various .db files from /etc/master.passwd, but beware that screwing up
the password file can lock you out of the machine.

However using the pw(8) command is recommended.

> * If I delete a user, does that affect the files/programs he installed,=

> etc?

No -- file and program ownership is recorded in the filesystem using
the UID and GID numbers.  Deleting the user from the password file remove=
s
the human readable name and the password needed to log in and the mapping=

from username to UID.  The files will still exist in the system, but
when you look at the ownership of them using ls(1) you'll see a number=20
instead of a name for the owner.

Note: this is potentially a problem.  If the UID number gets reused for a=

different account, that new user will get all the ownership rights to the=

old users' files.  It can often be a better policy to disable an old acco=
unt
-- set the password field in /etc/master.passwd to '!!' and change the sh=
ell
to /sbin/nologin -- rather than to delete it.

You can also get a report on any 'unowned' files in the weekly periodic
e-mail by adding

    weekly_noid_enable=3D"YES"

to /etc/periodic.conf

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       7 Priory Courtyard
                                                      Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey         Ramsgate
                                                      Kent, CT11 9PW


--------------enigC61F19E87E1EC7B6F3C4A8FC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE1Ise8Mjk52CukIwRCJNyAJ9xmxiQd5Kb1TK2EcYxzEpvkGKWEgCfX0PF
rcL6G7y/t5kCvc4DD9XmNLc=
=4GNe
-----END PGP SIGNATURE-----

--------------enigC61F19E87E1EC7B6F3C4A8FC--