1These screens allow you to add groups and users to your system. 2 3Many of the settings get reasonable defaults if you leave them blank. 4The first time you have entered the name of the new group or user, the 5system will show you what it would chose for most of these fields. 6You are free to change them, of course. 7 8 9User groups 10=========== 11 12It's certainly almost generally a good idea to first create a new 13group for your users. Common names for such a group are "users", or 14even simply "other". Group names are used to control file access 15permissions for users that belong to the same group. Several group 16names are already used for system files. 17 18The numerical user or group IDs are often nothing you want to care for 19explicitly. If you don't fill in these fields, the system will choose 20reasonable defaults. However, these numbers (rather than the 21associated names) are what the operating system actually uses to 22distinguish users and groups -- hence they should normally be unique 23to each person or group, respectively. 24 25 26Users 27===== 28 29The user's login ID is a short (up to 15 characters) alphanumeric ID 30that the user must enter when logging into the system. It's often the 31initial letters of the user's name, and commonly used in lower case. 32It's also the local mail name for this user (though it's possible to 33also set up more descriptive mail alias names later). 34 35The user's login group determines which group access rights the user 36will initially get when logging in. If an additional list of groups is 37provided which the user will become a member of, (s)he will also be 38able to access files of those groups later without providing any 39additional password etc. Except for the "wheel" case mentioned below, 40the additional group membership list should normally not contain the 41login group again. 42 43The user's password can also be set here, and should be chosen with 44care - 6 or more characters, intermixing punctuation and numerics, and 45*not* a word from the dictionary or related to the username is a good 46password choice. 47 48Some of the system's groups have a special meaning. In particular, 49members of group "wheel" are the only people who are later allowed to 50become superuser using the command su(1). So if you're going to add a 51new user who should later perform administrative tasks, don't forget 52to add him to this group! (Well, ``he'' will most likely be yourself 53in the very first place. :) 54 55Also, members of group "operator" will by default get permissions for 56minor administrative operations, like performing system backups, or 57shutting down the system -- without first becoming superuser! So, 58take care when adding people to this group. 59 60The ``full name'' field serves as a comment only. It is also used by 61mail front ends to determine the real name of the user, hence you 62should actually fill in the first and last name of this user. By 63convention, this field can be divided into comma-separated subfields, 64where the office location, the work phone number, and the home phone 65number follow the full name of the user. 66 67The home directory is the directory in the filesystem where the user 68is being logged into, and where his personalized setup files (``dot 69files'', since they usually begin with a `.' and are not displayed by 70the ls(1) command by default) will be looked up. It is often created 71under /usr/home/ or /home/. 72 73Finally, the shell is the user's initial command interpreter. The 74default shell is /bin/sh, some users prefer the more historic 75/bin/csh. Other, often more user-friendly and comfortable shells can 76be found in the ports and packages collection. 77