Initial configuration

Accounts configuration

by ross at 07:22:03 on October 28, 2011

User login classes are defined in /etc/login.conf. Run "cap_mkdb /etc/login.conf" after modifying the file. Changed default class to disable core dumps:

diff -u /usr/share/examples/etc/login.conf /etc/login.conf

--- /usr/share/examples/etc/login.conf  2008-09-27 00:22:12.000000000 +0300
+++ /etc/login.conf     2008-10-09 09:56:47.000000000 +0300
@@ -35,7 +35,7 @@
        :memorylocked=unlimited:\
        :memoryuse=unlimited:\
        :filesize=unlimited:\
-       :coredumpsize=unlimited:\
+       :coredumpsize=0:\
        :openfiles=unlimited:\
        :maxproc=unlimited:\
        :sbsize=unlimited:\

You should modify accounts database with pw utility. If you alter /etc/master.passwd file directly (i.e. when copy it from backup) run "pwd_mkdb /etc/master.passwd".

Setup defaults for pw ("standard" as default login class, nologin as the shell and Maildir structure premade):

# pw useradd -D -L standard -k /etc/skel -s /sbin/nologin
# cp /usr/share/skel/* /etc/skel/
# mkdir /etc/skel/Maildir
# mkdir /etc/skel/Maildir/cur
# mkdir /etc/skel/Maildir/new
# mkdir /etc/skel/Maildir/tmp
# chmod -R 700 /etc/skel/Maildir

pw has created its configuration file /etc/pw.conf. It has a number of useful options like uid ranges, password expiration settings, etc.

Edit /etc/skel/dot.cshrc and other files there. Have a look at my dot.cshrc.

Create your user:

# pw groupadd ross
# pw useradd ross -g ross -G wheel -m -s /bin/tcsh

Setup passwordless login

ross@client> ssh-keygen -t rsa
ross@client> scp .ssh/id_rsa.pub server.example.com:
ross@server> mkdir .ssh
ross@server> chmod 700 .ssh
ross@server> cat id_rsa.pub >> .ssh/authorized_keys
ross@server> rm id_rsa.pub

 

Comments