1242123SdteskeThese screens allow you to add groups and users to your system. 2242123Sdteske 3242123SdteskeMany of the settings get reasonable defaults if you leave them blank. 4242123SdteskeThe first time you have entered the name of the new group or user, the 5242123Sdteskesystem will show you what it would chose for most of these fields. 6242123SdteskeYou are free to change them, of course. 7242123Sdteske 8242123Sdteske 9242123SdteskeUser groups 10242123Sdteske=========== 11242123Sdteske 12242123SdteskeIt's certainly almost generally a good idea to first create a new 13242123Sdteskegroup for your users. Common names for such a group are "users", or 14242123Sdteskeeven simply "other". Group names are used to control file access 15242123Sdteskepermissions for users that belong to the same group. Several group 16242123Sdteskenames are already used for system files. 17242123Sdteske 18242123SdteskeThe numerical user or group IDs are often nothing you want to care for 19242123Sdteskeexplicitly. If you don't fill in these fields, the system will choose 20242123Sdteskereasonable defaults. However, these numbers (rather than the 21242123Sdteskeassociated names) are what the operating system actually uses to 22242123Sdteskedistinguish users and groups -- hence they should normally be unique 23242123Sdtesketo each person or group, respectively. 24242123Sdteske 25242123Sdteske 26242123SdteskeUsers 27242123Sdteske===== 28242123Sdteske 29242123SdteskeThe user's login ID is a short (up to 15 characters) alphanumeric ID 30242123Sdteskethat the user must enter when logging into the system. It's often the 31242123Sdteskeinitial letters of the user's name, and commonly used in lower case. 32242123SdteskeIt's also the local mail name for this user (though it's possible to 33242123Sdteskealso set up more descriptive mail alias names later). 34242123Sdteske 35242123SdteskeThe user's login group determines which group access rights the user 36242123Sdteskewill initially get when logging in. If an additional list of groups is 37242123Sdteskeprovided which the user will become a member of, (s)he will also be 38242123Sdteskeable to access files of those groups later without providing any 39242123Sdteskeadditional password etc. Except for the "wheel" case mentioned below, 40242123Sdteskethe additional group membership list should normally not contain the 41242123Sdteskelogin group again. 42242123Sdteske 43242123SdteskeThe user's password can also be set here, and should be chosen with 44242123Sdteskecare - 6 or more characters, intermixing punctuation and numerics, and 45242123Sdteske*not* a word from the dictionary or related to the username is a good 46242123Sdteskepassword choice. 47242123Sdteske 48242123SdteskeSome of the system's groups have a special meaning. In particular, 49242123Sdteskemembers of group "wheel" are the only people who are later allowed to 50242123Sdteskebecome superuser using the command su(1). So if you're going to add a 51242123Sdteskenew user who should later perform administrative tasks, don't forget 52242123Sdtesketo add him to this group! (Well, ``he'' will most likely be yourself 53242123Sdteskein the very first place. :) 54242123Sdteske 55242123SdteskeAlso, members of group "operator" will by default get permissions for 56242123Sdteskeminor administrative operations, like performing system backups, or 57242123Sdteskeshutting down the system -- without first becoming superuser! So, 58242123Sdtesketake care when adding people to this group. 59242123Sdteske 60242123SdteskeThe ``full name'' field serves as a comment only. It is also used by 61242123Sdteskemail front ends to determine the real name of the user, hence you 62242123Sdteskeshould actually fill in the first and last name of this user. By 63242123Sdteskeconvention, this field can be divided into comma-separated subfields, 64242123Sdteskewhere the office location, the work phone number, and the home phone 65242123Sdteskenumber follow the full name of the user. 66242123Sdteske 67242123SdteskeThe home directory is the directory in the filesystem where the user 68242123Sdteskeis being logged into, and where his personalized setup files (``dot 69242123Sdteskefiles'', since they usually begin with a `.' and are not displayed by 70242123Sdteskethe ls(1) command by default) will be looked up. It is often created 71242123Sdteskeunder /usr/home/ or /home/. 72242123Sdteske 73242123SdteskeFinally, the shell is the user's initial command interpreter. The 74242123Sdteskedefault shell is /bin/sh, some users prefer the more historic 75242123Sdteske/bin/csh. Other, often more user-friendly and comfortable shells can 76242123Sdteskebe found in the ports and packages collection. 77