45. User Administration
Introduction to FreeBSD
45.1.  Deleting Old Users
45.2.  Moving Home Directories
45.3.  vipw; chpass;
45.4.  Managing Groups; /etc/group

45.1.   Deleting Old Users

Deleting users in FreeBSD is super simple thanks to the handy program rmuser. All you do is type rmuser username, where username is the name of the user who is about to be nuked.

rmuser basically does four things for you:

1. Removes the user's home directory, as it is defined in the password file. Usually, this will be /home/username.

2. Removes the user's mail spool. This is located in /var/mail/username

3. Removes the user from any groups they are present in. Groups are stored in /etc/group.

4. Removes the user from the password file, /etc/passwd

It's good to know the steps that are involved in cleansing a user from your system. If you're a system administrator, it will often be necessary to temporarily remove users from a system by preventing them from logging in. You can do this by simply editing the password file with vipw and placing a # at the front of their encrypted password. When you want to reinstate the user you just remove the # sign!

45.2.   Moving Home Directories

Not Yet Scheduled

45.3.   vipw; chpass;

Not Yet Scheduled -- Modified for review GA Vipw provides the interface for a sysadmin to edit the password file. It must be used as root, and it uses the EDITOR variable to determine which editor to use (or vi if not set). This is an advanced interface, allowing a sysadmin with knowledge of the layout to quickly edit the password file. The format of the records, one per line, is: operator:*:2:20::0:0:System:/usr/guest/operator:/bin/csh The first field is the user id. This is the string identifier that the user actually sees and works with. The second field is the encrypted password. Third is the numeric userid, commonly called UID, that the system actually uses. Next is the numeric groupid, or GID, which is mapped to a "group" name in the groups file. The fourth field encodes the user's login class; this is used for associating a user with various pre-defined settings. The fifth field is the time a password must be changed. The sixth field is the time an account expires. Both of these times are in seconds since the epoch GMT. The seventh field is the so-called "GECOS" field, more commonly used for the user's full name. It can, if comma seperated, contain the user's fullname, their office location, work phone and home phone. The eighth field specifies the absolute path to the user's home directory. The ninth field is the shell field. If left blank, will run the Bourne shell; otherwise, it specifies the full path to the shell. In our example, the user "operator" has no password; He is UID 2, and GID 20. He has no login class, and his password and account don't expire. His fullname is "System", and his home directory is /usr/guest/operator. He uses the C Shell. Vipw is a tool that lets a savvy sys-admin edit the password file in a safe but efficient way. It allows you to use all of the power and comfort you have with your own editor to simply and quickly change the password file. Chpass similarly provides the interface for a user to edit his/her entry in the password file. It places the user in an editor and allows them to edit Fields in the password file they are allowed to change. If our username was sample, a chpass session might look like: #Changing user database information for sample. Shell: /bin/csh Full Name: Sample Guy Location: Office Phone: Home Phone: In this case, we are allowed to change any of the GECOS information and our shell. Usually, that is all we want to change (as an end user). Of course as root we can specify other users and we are allowed to edit more fields. This may be useful for an occaional admin, or one just starting out.

45.4.   Managing Groups; /etc/group

Not Yet Scheduled

Return to Table of Contents

Visit the Gifcom