xref: /freebsd/usr.sbin/bsdconfig/usermgmt/include/usermgmt.hlp (revision 4928135658a9d0eaee37003df6137ab363fcb0b4)
1These screens allow you to add groups and users to your system.
2
3Many of the settings get reasonable defaults if you leave them blank.
4The first time you have entered the name of the new group or user, the
5system will show you what it would chose for most of these fields.
6You are free to change them, of course.
7
8
9User groups
10===========
11
12It's certainly almost generally a good idea to first create a new
13group for your users.  Common names for such a group are "users", or
14even simply "other".  Group names are used to control file access
15permissions for users that belong to the same group.  Several group
16names are already used for system files.
17
18The numerical user or group IDs are often nothing you want to care for
19explicitly.  If you don't fill in these fields, the system will choose
20reasonable defaults.  However, these numbers (rather than the
21associated names) are what the operating system actually uses to
22distinguish users and groups -- hence they should normally be unique
23to each person or group, respectively.
24
25
26Users
27=====
28
29The user's login ID is a short (up to 15 characters) alphanumeric ID
30that the user must enter when logging into the system.  It's often the
31initial letters of the user's name, and commonly used in lower case.
32It's also the local mail name for this user (though it's possible to
33also set up more descriptive mail alias names later).
34
35The user's login group determines which group access rights the user
36will initially get when logging in.  If an additional list of groups is
37provided which the user will become a member of, (s)he will also be
38able to access files of those groups later without providing any
39additional password etc.  Except for the "wheel" case mentioned below,
40the additional group membership list should normally not contain the
41login group again.
42
43The user's password can also be set here, and should be chosen with
44care - 6 or more characters, intermixing punctuation and numerics, and
45*not* a word from the dictionary or related to the username is a good
46password choice.
47
48Some of the system's groups have a special meaning.  In particular,
49members of group "wheel" are the only people who are later allowed to
50become superuser using the command su(1).  So if you're going to add a
51new user who should later perform administrative tasks, don't forget
52to add him to this group!  (Well, ``he'' will most likely be yourself
53in the very first place. :)
54
55Also, members of group "operator" will by default get permissions for
56minor administrative operations, like performing system backups, or
57shutting down the system -- without first becoming superuser!  So,
58take care when adding people to this group.
59
60The ``full name'' field serves as a comment only.  It is also used by
61mail front ends to determine the real name of the user, hence you
62should actually fill in the first and last name of this user.  By
63convention, this field can be divided into comma-separated subfields,
64where the office location, the work phone number, and the home phone
65number follow the full name of the user.
66
67The home directory is the directory in the filesystem where the user
68is being logged into, and where his personalized setup files (``dot
69files'', since they usually begin with a `.' and are not displayed by
70the ls(1) command by default) will be looked up.  It is often created
71under /usr/home/ or /home/.
72
73Finally, the shell is the user's initial command interpreter.  The
74default shell is /bin/sh, some users prefer the more historic
75/bin/csh.  Other, often more user-friendly and comfortable shells can
76be found in the ports and packages collection.
77