There are several steps in adding a new user to the Coda file system. First, create a Unix account for the new user on some or all of the Coda clients. Second, add the user to the Coda authentication database and the protection database (described below). Third, create a volume for the user and mount it at the appropriate place in the Coda name space (See Section XXX).
Add a line for each new user to the user.coda
file using the
userId from the new users Unix account. @Foot(If you are at Carnegie
Mellon and the user you intend to add does not have a CMU-CS account,
STOP! The user must get a CMU-CS account before you may
continue. To determine the UID, grep for the login name in
/etc/passwds
.) You may copy the user's entry in
/etc/passwds
to the user.coda file for this purpose if you
wish. Note that only the login name (the first field) and the uid
(the third field) are relevant and that you may delete the other
fields as long as you leave all the ":" characters intact.
Now, add the users name to the appropriate group in the file
groups.coda
. Note that Coda groups are totally separate from
Unix groups. Adding a user to group System:Administrators is
about the equivalent of giving that user root privileges. Only System
Administrators should be in this group. As an example, we add all Coda developers (hard
and soft core) to the system:coda group. Add other Coda
users to groups as appropriate.
Execute
% pwd2pdb -u /vice/db/user.coda -g /vice/db/group.coda > /vice/db/vice.pdb
to generate a Coda protection database.
Finally, execute
pcfgen /vice/db/vice.pdb
to generate the file vice.pcf
.
Now that you have generated the new protection database files, you must install these files. Follow these steps:
cd /vice/db
/vice/bin/mvdb <srcdir> vice.pdb vice.pcf
) where <srcdir>
is the name of the directory containing the new vice.pdb and vice.pcf.
User accounts are added to the authentication database with the
au program, which can also delete and modify user
accounts, change passwords, and get tokens. To add a user, run
au -h <SCM> nu
on a Coda client workstation, giving the System Control Machine's name
in <SCM>.
In response to the prompts, provide your Coda userId and password and then the new users name and temporary password. (Give the new users full name to the "Other info" prompt.) You must be a member of the system:administrators group in order to successfully modify the authentication database. The following example illustrates adding the user "guest" to the authentication database. Note that the new password will echo to the screen.
au -h your-scm.host nu
Your Vice name: raiff
Your password:
RPC2_Bind () --> RPC2_SUCCESS
Vice user: guest
New password: guestpwd
New info: Guest User
Updates made via au will be automatically distributed to the other servers by the Update daemon. Now, the auth server knows about the new users. New users may change their temporary passwords using the cpasswd command.
The file /vice/auth2/AuthLog
has a log of the
auth server activity and can be used to monitor failed login attempts.
You can also monitor password changes in the file
/vice/db/auth2.pw
.