Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I installed RedHat 9 on a new hard drive (NIC card is too old to work with Fedora) and did not create any users except root; got everything working, then tried to create users using adduser. None of them work - cannot even log in from the console. The "Users and Groups" system tool shows them all and they appear to be correct. I've tried deleting and recreating with the GUI tool, everything looks okay, I get no error messages, but the system recognizes no one except root.
When logged in as root, I can su to any other user I've created and it lets me do that without a password. But if I try to log in as another user, it doesn't recognize any of them. It seems like passwords just don't exist. From my tiny bit of experience with Solaris, I know with that system you can create a user and leave the password blank until the first login. Can you do that with RH? Any other suggestions?
Thanks for the reply.
I logged in as root, su'd to another user, then tried passwd. It responded with "Authentication token manipulation error". After some looking on the web, I checked to see if /etc/security/opasswd exists. It does, that wasn't the problem. I tried creating users from the CLI and the GUI tool. Each time it seems to work okay - I get no error messages and the table of users viewable through the GUI gets populated, but none of the users can log in. Any suggestions of things to try would be greatly appreciated.
Check the /etc/passwd, /etc/shadow, and /etc/group files to make sure the new entries are being created successfully, and there isn't some malformed entry screwing things up. I've found that usually an "authentication token manipulation error" usually means that something is wrong in either /etc/passwd or /etc/shadow.
[scuzzy@slackdell /home/scuzzy]$ su -
Men who cherish for women the highest
respect are seldom popular with them.
-- Joseph Addison
Login name for new user : username
User ID ('UID') [ defaults to next available ]: PRESS ENTER
Initial group [ users ]: PRESS ENTER
Additional groups (comma separated) : PRESS ENTER
Home directory [ /home/username ] PRESS ENTER
Shell [ /bin/bash ] PRESS ENTER
Expiry date (YYYY-MM-DD) : PRESS ENTER
New account will be created as follows:
Login name.......: username
UID..............: [ Next available ]
Initial group....: users
Additional groups: [ None ]
Home directory...: /home/username
Expiry date......: [ Never ]
This is it... if you want to bail out, hit Control-C. Otherwise, press
ENTER to go ahead and make the account.
Creating new account...
Changing the user information for username
Enter the new value, or press ENTER for the default
Full Name : PRESS ENTER
Room Number : PRESS ENTER
Work Phone : PRESS ENTER
Home Phone : PRESS ENTER
Other : PRESS ENTER
Changing password for username
Enter the new password (minimum of 5, maximum of 127 characters)
Please use a combination of upper and lower case letters and numbers.
New password: ENTER A PASSWORD
Re-enter new password: RE-ENTER PASSWORD
Account setup complete.
Thanks to all who replied. It's Monday morning here so I'm back at work and can spend some time on this. I tried setting the password to blank and then logging in. It told me there was a permissions error on the home directory. The way it's set up is /Users/individualuser. I set /Users to 777 and I could log in! I then tried to passwd to the password I had used initially, and it told me it did not have enough unique characters. So, I guess I had two problems. Anyway, that's working, so thanks again to all of you. I really appreciate your help!
I would advise against setting the permissions to 777 on your /Users directory. This would give any user the ability to create other directories under /Users and in some circumstances delete other individual users directories. More secure permissions would be 755 with owner and group set to root. The permissions on an individual users directory is normally set to 700 with owner=username and group=defaultgroup. In my example, owner=mickey and group=users. A GID of 100 on most systems is the groupname users.
I'm sure you have your reasons, but why did you create a /Users directory? The standard on all Linux and Unix systems is to create user directories in /home.
Thanks for your interest and advise. I'll change the /Users permission to 755. I made the /Users directory because it's on a separate (from the OS) hard drive and I want to export it via nfs. Now that users are working (thanks to your advice!) I also have nfs working. Maybe you can help with a couple of questions on nfs.
I followed an example I found and set up /etc/exports as:
It works but that word "insecure" makes me uneasy. What's up with that?
Also, I've manually started nfs, to get it to automatically start on reboot, do I need to put a command in one of those rc.d/xxx directories?
The way you set up your mount for /Users will work, but it leaves another opening. The insecure option isn't that big a deal especially since you've limitted access to *.my.sub.domain. What that option does is allow requests for the mount to originate from a port higher than 1024. I could be wrong on this, but my understanding is that you would use the secure option in a situation where a couple of servers shared nfs mounts together and you didn't want anyone else messing with them.
The no_root_squash option is a much bigger deal. This allows a root user on a client machine to become a root user on the filesystem once it is mounted. Which is akin to a bartender saying drinks are on the house. Ideally you would want the user to access this filesystem using their own uid. This may take a bit of administration on your part because the uid's on the client machines need to sync up with the uid's on the server. root_squash is much better option because it will turn any client mounting as root into the anonymous user, usually nfsnobody.
On the last question you asked about setting up nfs as a daemon. You can do this with using the GUI or CLI (command line interface). If you're using Gnome go to Programs>System>Service Configuration. Once the application comes up locate nfs, check the box and save. Next time you boot nfs will be running. On the CLI if you wanted to setup nfs to start on runlevels 3 and 5 you would type.
chkconfig --level 35 nfs on
That's all there is to it. What both of these configuration tools do is manipulate symbolic links inside the runlevel directories rc.d/rc3.d or rc.d/rc5.d. These symbolic links point to scripts in /etc/init.d that start and stop services like nfs.