Using the NetInfo Database to Customize a User


Using the NetInfo Database to Customize a User

In this section you learn to use the Accounts control panel to create a user, but then customize the user by editing information in the NetInfo database.

The example makes a user that will be a general software user. This is a specialized user whose account you want to use when compiling software for the system, but this user should not be one of the administrators for the machine. The user is to belong to a group called tire with group ID 100 . You'd also like to have a specific user ID, 502 , for the user, whose account you intend to call software . To create this user, do the following:

  1. Open the Accounts control pane in System Preferences. Click the lock icon if it's set not to allow changes. Add a new user with a short name of software . The software user's display name is skuld . Choose whatever password you prefer. Don't give your software user admin privileges.

  2. Open NetInfo Manager and select the local domain if it's not already selected. Click the lock to make changes and enter the administrator username and password.

  3. Click the groups directory and scroll through the list. Because tire is not a default group that comes with the system, you should not see a group called tire . Therefore, you must make a new group. Click any group to see what values are typically included in a group. Figure 10.4 shows the types of properties that belong to a group.

    Figure 10.4. Looking at the staff directory, you can see that the typical properties for a group are passwd , name , gid , and users .


  4. Click groups . From the Directory menu, select New Subdirectory. A new directory called new_directory appears. Edit the name property and add other properties as follows :











    The * in the passwd field means that a group password is not being assigned. So far, you have only one user in your group: the user named software . As the term group implies, you can have more than one user in a group.

  5. Select Save from the Domain menu. A question to Confirm Modification appears. Click Update This Copy. Now new_directory has become tire , as shown in Figure 10.5.

    Figure 10.5. We now have a new group called tire with gid 100 . At this time, only one user, software , belongs to the group.


  6. Click users and then click software . Now the default information about user software appears in the bottom window. If this is one of your first users, UID 502 might already be the user ID; otherwise , you can change software 's UID shortly. A group ID of 20 is probably what was made. If you look at the values section for software , you can see that the Accounts pane added quite a bit of information about software to the NetInfo database. The password you see is an encrypted version of the password.

    Because software was not one of the first users on my system, I already have a user with UID 502 . Therefore, I have to either change the UID of my original user or delete the user. Because my original user with UID 502 was simply a demonstration user to run various commands, I chose to delete it. If I want to keep my user, I could change the UID of the original user to one that wasn't already taken, and then change the UID of software to 502.


    If I had decided to rearrange UIDs instead of simply deleting the user, I would also have had to change the ownership of all the files that belonged to my previous user to belong to their new UID. File ownerships are stored based on numeric UID. Changing a user to a previously used UID gives that user access to and ownership of any files that still belong to that numeric UID.

    For your purposes, the user ID for software might not be important. Because you want to share some of your resources with another machine that also has a user called software and whose UID is 502, it's important to make software 's UID 502 for compatibility purposes. In both cases, you want the user software to belong to group tire . Change the GID to 100. Change the UID as appropriate for your situation. Select Save from the Domain menu, and click Update This Copy in the Confirm Modification box. Figure 10.6 shows the updated information for the user software .

    Figure 10.6. Now the user software has uid 502 and gid 100 . You can see from this information that user software has been assigned a password, a home directory in /Users/software , and a default shell of /bin/tcsh .


  7. Click the lock to save your changes and end your ability to make further changes.

  8. Open a Terminal window, go to software 's home directory, and look at the directory's contents. Take note that the directory was created by the Users pane with the default values. The update to the information in the NetInfo database, however, was not entirely reflected in the system. So you must manually implement those changes. Here's the default information for the software user that was created on our system:

     [localhost:~software] joray%  ls -al  total 8 drwxr-xr-x  11 505  staff  330 Jan 30 18:17 . drwxr-xr-x   8 root wheel  228 May  4 13:45 .. -rw-r--r--   1 505  staff    3 Nov 14 13:39 .CFUserTextEncoding drwx------   3 505  staff  264 Feb 20 12:29 Desktop drwx------   2 505  staff  264 Nov 14 16:45 Documents drwx------  15 505  staff  466 Feb  2 19:40 Library drwx------   2 505  staff  264 Nov 15 17:14 Movies drwx------   2 505  staff  264 Nov 15 17:14 Music drwx------   2 505  staff  264 Nov 15 17:14 Pictures drwxr-xr-x   3 505  staff  264 Nov 15 17:09 Public drwxr-xr-x   4 505  staff  264 Feb 13 19:31 Sites 

In the example, software 's original UID was 505. If you didn't change your software user's UID, you should see Software in that column, not 505. The default GID that the Users pane used for creating software was GID 20 , which is the staff group on Mac OS X. So the information that you see for software 's home directory is the information that was originally assigned to software . You have to update the information to software 's directory to reflect the new information.

As root, in the /Users directory, recusively ( chown R ) change the ownership of software 's directory to the software user in group tire :

 [localhost:/Users] root#  chown -R software.tire software  

Check the results:

 [localhost:/Users] root#  ls -ld software  drwxr-xr-x  11 software  tire  330 Jan 30 18:17 software [localhost:/Users] root#  ls -l software  total 8 -rw-r--r--   1 software  tire    3 Nov 14 13:39 .CFUserTextEncoding drwx------   3 software  tire   58 Feb 20 12:29 Desktop drwx------   2 software  tire   24 Nov 14 16:45 Documents drwx------  15 software  tire  466 Feb  2 19:40 Library drwx------   2 software  tire   24 Nov 15 17:14 Movies drwx------   2 software  tire   24 Nov 15 17:14 Music drwx------   2 software  tire   24 Nov 15 17:14 Pictures drwxr-xr-x   3 software  tire   58 Nov 15 17:09 Public drwxr-xr-x   4 software  tire   92 Feb 13 19:31 Sites 

If you changed the UID of a user who was originally assigned UID 502, look at that user's home directory and make the appropriate ownership changes.


Mac OS X Maximum Security
Maximum Mac OS X Security
ISBN: 0672323818
EAN: 2147483647
Year: 2003
Pages: 158 © 2008-2017.
If you may any questions please contact us: