In this section you learn to use the Accounts control panel to create a user, but then customize the user by editing information in the NetInfo database.
The example makes a user that will be a general software user. This is a specialized user whose account you want to use when compiling software for the system, but this user should not be one of the administrators for the machine. The user is to belong to a group called tire with group ID 100 . You'd also like to have a specific user ID, 502 , for the user, whose account you intend to call software . To create this user, do the following:
Open the Accounts control pane in System Preferences. Click the lock icon if it's set not to allow changes. Add a new user with a short name of software . The software user's display name is skuld . Choose whatever password you prefer. Don't give your software user admin privileges.
Open NetInfo Manager and select the local domain if it's not already selected. Click the lock to make changes and enter the administrator username and password.
Click the groups directory and scroll through the list. Because tire is not a default group that comes with the system, you should not see a group called tire . Therefore, you must make a new group. Click any group to see what values are typically included in a group. Figure 10.4 shows the types of properties that belong to a group.
Click groups . From the Directory menu, select New Subdirectory. A new directory called new_directory appears. Edit the name property and add other properties as follows :
The * in the passwd field means that a group password is not being assigned. So far, you have only one user in your group: the user named software . As the term group implies, you can have more than one user in a group.
Select Save from the Domain menu. A question to Confirm Modification appears. Click Update This Copy. Now new_directory has become tire , as shown in Figure 10.5.
Click users and then click software . Now the default information about user software appears in the bottom window. If this is one of your first users, UID 502 might already be the user ID; otherwise , you can change software 's UID shortly. A group ID of 20 is probably what was made. If you look at the values section for software , you can see that the Accounts pane added quite a bit of information about software to the NetInfo database. The password you see is an encrypted version of the password.
Because software was not one of the first users on my system, I already have a user with UID 502 . Therefore, I have to either change the UID of my original user or delete the user. Because my original user with UID 502 was simply a demonstration user to run various commands, I chose to delete it. If I want to keep my user, I could change the UID of the original user to one that wasn't already taken, and then change the UID of software to 502.
If I had decided to rearrange UIDs instead of simply deleting the user, I would also have had to change the ownership of all the files that belonged to my previous user to belong to their new UID. File ownerships are stored based on numeric UID. Changing a user to a previously used UID gives that user access to and ownership of any files that still belong to that numeric UID.
For your purposes, the user ID for software might not be important. Because you want to share some of your resources with another machine that also has a user called software and whose UID is 502, it's important to make software 's UID 502 for compatibility purposes. In both cases, you want the user software to belong to group tire . Change the GID to 100. Change the UID as appropriate for your situation. Select Save from the Domain menu, and click Update This Copy in the Confirm Modification box. Figure 10.6 shows the updated information for the user software .
Click the lock to save your changes and end your ability to make further changes.
Open a Terminal window, go to software 's home directory, and look at the directory's contents. Take note that the directory was created by the Users pane with the default values. The update to the information in the NetInfo database, however, was not entirely reflected in the system. So you must manually implement those changes. Here's the default information for the software user that was created on our system:
[localhost:~software] joray% ls -al total 8 drwxr-xr-x 11 505 staff 330 Jan 30 18:17 . drwxr-xr-x 8 root wheel 228 May 4 13:45 .. -rw-r--r-- 1 505 staff 3 Nov 14 13:39 .CFUserTextEncoding drwx------ 3 505 staff 264 Feb 20 12:29 Desktop drwx------ 2 505 staff 264 Nov 14 16:45 Documents drwx------ 15 505 staff 466 Feb 2 19:40 Library drwx------ 2 505 staff 264 Nov 15 17:14 Movies drwx------ 2 505 staff 264 Nov 15 17:14 Music drwx------ 2 505 staff 264 Nov 15 17:14 Pictures drwxr-xr-x 3 505 staff 264 Nov 15 17:09 Public drwxr-xr-x 4 505 staff 264 Feb 13 19:31 Sites
In the example, software 's original UID was 505. If you didn't change your software user's UID, you should see Software in that column, not 505. The default GID that the Users pane used for creating software was GID 20 , which is the staff group on Mac OS X. So the information that you see for software 's home directory is the information that was originally assigned to software . You have to update the information to software 's directory to reflect the new information.
As root, in the /Users directory, recusively ( chown R ) change the ownership of software 's directory to the software user in group tire :
[localhost:/Users] root# chown -R software.tire software
Check the results:
[localhost:/Users] root# ls -ld software drwxr-xr-x 11 software tire 330 Jan 30 18:17 software [localhost:/Users] root# ls -l software total 8 -rw-r--r-- 1 software tire 3 Nov 14 13:39 .CFUserTextEncoding drwx------ 3 software tire 58 Feb 20 12:29 Desktop drwx------ 2 software tire 24 Nov 14 16:45 Documents drwx------ 15 software tire 466 Feb 2 19:40 Library drwx------ 2 software tire 24 Nov 15 17:14 Movies drwx------ 2 software tire 24 Nov 15 17:14 Music drwx------ 2 software tire 24 Nov 15 17:14 Pictures drwxr-xr-x 3 software tire 58 Nov 15 17:09 Public drwxr-xr-x 4 software tire 92 Feb 13 19:31 Sites
If you changed the UID of a user who was originally assigned UID 502, look at that user's home directory and make the appropriate ownership changes.