Difference between revisions of "Sysadmin/Add shell account"
| Line 17: | Line 17: | ||
system-useradd <username> <first_name> <last_name> <email> | system-useradd <username> <first_name> <last_name> <email> | ||
| + | |||
| + | '''NOTE:''' sudo alone does not work because it doesn't switch $HOME to /root, | ||
| + | which is necessary to make the ldap commands source <code>/root/.ldaprc</code>. | ||
At some point the script will prompt you to paste the user's ssh key. | At some point the script will prompt you to paste the user's ssh key. | ||
Revision as of 14:58, 9 December 2011
Users normally follow the Sysadmin/Shell account request. The account requests arrive to a support queue on our RT system (Machine/rt).
Guidelines
Ask users to follow diligently the Service/shell#Requesting_a_shell_account procedure.
Users should briefly motivate their request. A sufficient justification could be: "I have these Sugar-related files that I'd like to distribute on people.sugarlabs.org".
Shell accounts shouldn't be granted to untrusted individuals without referrals. Shell accounts that are known to be unused should be disabled with system-userdel.
Account creation on shell.sugarlabs.org
To create an account, become root on Machine/sunjammer and type:
system-useradd <username> <first_name> <last_name> <email>
NOTE: sudo alone does not work because it doesn't switch $HOME to /root,
which is necessary to make the ldap commands source /root/.ldaprc.
At some point the script will prompt you to paste the user's ssh key. You can skip this part and edit ~user/.ssh/authorized_keys manually.
The procedure automatically sends a welcome email to the user. The email is also copied to ~user/welcome, in case they loose the original message.
See also
- Sysadmin/User_management -- all other operations on user accounts
- Service/Account -- Account information for users
- Service/shell