File: user.md

package info (click to toggle)
bundlewrap 4.24.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 3,216 kB
  • sloc: python: 20,299; makefile: 2
file content (101 lines) | stat: -rw-r--r-- 2,641 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# User items

Manages system user accounts.

    users = {
        "jdoe": {
            "full_name": "Jane Doe",
            "gid": 2342,
            "groups": ["admins", "users", "wheel"],
            "home": "/home/jdoe",
            "password_hash": "$6$abcdef$ghijklmnopqrstuvwxyz",
            "shell": "/bin/zsh",
            "uid": 4747,
        },
    }

<br><br>

# Attribute reference

See also: [The list of generic builtin item attributes](../repo/items.py.md#builtin-item-attributes)

All attributes are optional.

<hr>

## delete

When set to `True`, this user will be removed from the system. Note that because of how `userdel` works, the primary group of the user will be removed if it contains no other users. When using `delete`, no other attributes are allowed.

<hr>

## full_name

Full name of the user.

<hr>

## gid

Primary group of the user as numerical ID or group name.

<div class="alert alert-info">Due to how <code>useradd</code> works, this attribute is required whenever you <strong>don't</strong> want the default behavior of <code>useradd</code> (usually that means automatically creating a group with the same name as the user). If you want to use an unmanaged group already on the node, you need this attribute. If you want to use a group managed by BundleWrap, you need this attribute. This is true even if the groups mentioned are in fact named like the user.</div>

<hr>

## groups

List of groups (names, not GIDs) the user should belong to. Must NOT include the group referenced by `gid`.

<hr>

## hash_method

One of:

* `md5`
* `sha256`
* `sha512`

Defaults to `sha512`.

<hr>

## home

Path to home directory. Defaults to `/home/USERNAME`.

<hr>

## password

The user's password in plaintext.

<div class="alert alert-danger">Please do not write any passwords into your bundles. This attribute is intended to be used with an external source of passwords and filled dynamically. If you don't have or want such an elaborate setup, specify passwords using the <code>password_hash</code> attribute instead.</div>

<div class="alert alert-info">If you don't specify a <code>salt</code> along with the password, BundleWrap will use a static salt. Be aware that this is basically the same as using no salt at all.</div>

<hr>

## password_hash

Hashed password as it would be returned by `crypt()` and written to `/etc/shadow`.

<hr>

## salt

Recommended for use with the `password` attribute. BundleWrap will use 5000 rounds of SHA-512 on this salt and the provided password.

<hr>

## shell

Path to login shell executable.

<hr>

## uid

Numerical user ID. It's your job to make sure it's unique.