Installation guide

ManualsBrandsDigital Equipment Corporation ManualsComputer equipmentLG06

221

222

223

224

225

226

227

228

229

230

and enhanced security. The commands are documented in the following

reference pages: useradd

(8), usermod(8), userdel(8), groupadd(8),

groupmod

(8), and groupdel(8).

• The adduser and addgroup utilities, documented in adduser

(8) and

addgroup

(8). These utilities provide simple, interactive scripts you can

use to add new user accounts and groups. These utilities can be used

only on systems that do not use NIS.

• The vipw utility, documented in vipw

(8), allows you to invoke an editor

in order to edit the password ﬁle manually. You can use the utility to

edit the local password database, but you cannot use it to edit the NIS

database. Additionally, you cannot use the vipw utility on systems that

have enhanced security. The vipw command allows you to edit the

passwd ﬁle and at the same time locks the ﬁle to prevent others from

modifying it. This command also does consistency checks on the

password entry for root and does not allow a corrupted root password to

be entered into the passwd ﬁle.

9.1.4 UIDs and GIDs

Each user is known to the system by a unique number called a user

identiﬁer (UID). The system also knows each user group by a unique

number called a group identiﬁer (GID). The system uses these numbers to

track user ﬁle access permissions and group privileges and to collect user

accounting statistics and information.

The maximum number of UIDs and GIDs allowed is 2,147,483,647 (31

bits). This does not mean that 2.14 million users can simultaneously log

onto a system; rather, it means that 2,147,483,647 user and group

identiﬁers are available. The maximum number of users that can be logged

on is determined by the available system resources. To preserve strict

binary compatibility with legacy applications, the new limits are not

enabled by default in this release.

9.1.4.1 Enabling or Disabling Extended UID and GID Support

By default, extended UIDs are not enabled in the kernel. To enable this

feature, you use sysconfig or the dxkerneltuner interface to set the

value of variable enable_extended_uids to 1 (enabled). Note that when

extended UIDs and GIDs are disabled, ﬁles owned by a user with an

extended UID or GID will be inaccessible to all users except root. Any user

with an extended UID or GID will not have access to log in to the system

or use the su command to access their accounts.

To enable or disable extended UID and GID support, do the following:

1. Become the root user (use the su command)

Administering User Accounts and Groups 9–5