Changes

906 bytes added , 03:32, 24 June 2015

remote-useradd should no longer be run as root

Line 1: Line 1: −

Users ~~normally follow the [[Sysadmin/Shell~~ account ~~request]].~~

+

'''Users looking for a Sugar Labs account should go to [[Service/Account]].'''

−

~~The account requests arrive~~ to ~~a support queue on our RT system (~~[[~~Machine~~/rt]]).

== Guidelines ==

Line 17: Line 16:

system-useradd <username> <first_name> <last_name> <email>

+

* Note that accents in the first_name or last_name would break the script.

+

* '''NOTE: You have to become root with 'sudo -i'. Prefixing the command with sudo won't work because it doesn't switch $HOME to /root, which is necessary to make the ldap commands source <code>/root/.ldaprc</code>.'''

At some point the script will prompt you to paste the user's ssh key.

Line 24: Line 26:

The email is also copied to ~user/welcome, in case they loose the

original message.

+

== Adding accounts on other machines ==

+

Please '''do not create accounts directly with useradd!''' Instead, copy the existing credentials from sunjammer:

+

* Log into sunjammer, forwarding your ssh keys with the ssh-agent:

+

ssh -A sunjammer

+

* Run this shell script to create a user and copy the credentials from sunjammer:

+

remote-useradd <remotehost> <user> <groups...>

+

Needless to say, remote-useradd requires your ssh key to be already installed in the remote server.

+

Typically, you'll want to add users to groups <tt>sudo</tt>, <tt>adm</tt>, <tt>libvirtd</tt> and <tt>docker</tt>.

== See also ==

* [[Sysadmin/User_management]] -- all other operations on user accounts

* [[Service/Account]] -- Account information for users

−

* [[Service/shell]]

+

* [[Service/shell]] -- ssh access to shell.sugarlabs.org

+

* [[Machine/sunjammer]] -- shell account server

SAMdroid

Bureaucrats, Administrators, Widget editors

163

edits

Changes

Sysadmin/Add shell account (view source)

Revision as of 03:32, 24 June 2015

Navigation menu

Search