[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Best practices on system users and groups



> Usermod is only called if the user does not exist and the package creates
> it. gdm, postgresql and logcheck already do this. In the example code,
> if the system user exists, then usermod is not called, which is better than
> what logcheck or postgresl currently do.


One very short notice for information: usermod recently got long
options added, similarly to useradd/userdel. This happened in passwd 4.0.13-4

(all utilities in passwd are slowly getting GNU-style long options added)

So, scripts calling it can use more readable options:

bubulle@mykerinos:~/src/debian/dl10n> usermod -h
Usage: usermod [options] LOGIN

Options:
  -c, --comment COMMENT         new value of the GECOS field
  -d, --home-dir HOME_DIR       new login directory for the new user account
                -m, --move      Use -m option to move data to
                                the new directory
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
  -f, --inactive INACTIVE       set password inactive after expiration
                                to INACTIVE
  -g, --gid GROUP               force use GROUP as new initial login group
  -G, --groups GROUPS           list of supplementary groups
                -a, --append    Use -a option to append the user
                                to the supplemental groups
  -h, --help                    display this help message and exit
  -l, --new-login LOGIN         new value of the login name
  -L, --lock                    lock the user account
  -o, --non-unique              allow using duplicate (non-unique) UID
  -p, --password PASSWORD       use encrypted password for the new password
  -s, --shell SHELL             new login shell for the user account
  -u, --uid UID                 new UID for the user account
  -U, --unlock                  unlock the user account


Of course, this is currently possible only in unstable....




Reply to: