Administering user accounts

Setting and changing user and group IDs (UID/GID)

Each user and group is assigned an identification number (UID or GID). This ID number is stamped on all files, directories, and processes on local and NFS-mounted filesystems. When you create a new user or group, a new UID or GID number is automatically generated, but you can specify another by entering it in the text field.

WARNING: Within a network environment, each user and group must have a unique identification number across the entire network, rather than just on the home machine. For more information, see ``About user equivalence'' and ``Adding a new user to an NIS domain''.

Change the ID number for an existing user with the usermod(1M) command. You can include -U option to change the users files to the new UID, as in this example:

usermod -u 712 -U jstone

This command also changes any crontab files. The -U option changes the ownership of files found in directories specified in /etc/default/usermod; it does not locate all files owned by the user.

The groupmod(1M) performs similar functions for groups.

NOTE: Changing an ID number of a group does not change the ID on files owned by the group; the system administrator must do this manually as described in ``Changing ownership of files with an obsolete UID/GID''.

To alter the range of GIDs from which you select for new groups, select Options -> Group Defaults.

WARNING: Changing default values may compromise systemwide security parameters set by the SCOadmin Security Manager.

See also:

Changing ownership of files with an obsolete UID/GID

If you have changed or removed a UID or GID, you must change the ownership of files belonging to that ID and check your filesystems for orphaned files. Files without a real owner have a number in the owner and/or group name fields:

   -rw-r--r--   1 obie     pub        68476 Nov 16 12:06 accts.s
   -rw-r--r--   1 15625    pub          508 Oct 31 11:15 balance
   -rw-r--r--   1 obie     pub        40596 Aug 31 13:19 report.2
In this example, the file balance is an orphaned file. The number appears because files are stamped with the ID number rather than the user or group name.

Use the find(1) utility to locate and change the ownership of files. This command-line finds all files on the system owned by user UID and changes ownership to user newowner:

find / -user UID -print | xargs -t chown newowner

This variation changes the group ownership:

find / -user GID -print | xargs -t chgrp newgroup

NOTE: These examples assume a search of the entire system (including all mounted filesystems whether local or imported). To restrict the search to a single filesystem, use the pathname instead of /. In addition, you can skip mounted filesystems by including the -mount option, or restrict the search to local filesystems with the -local option.

Instead of changing the ownership, you can perform other actions, such as archiving the files; see ``Locating files''.

See also:

Next topic: Changing user login groups
Previous topic: Limiting reuse of UIDs

© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004