Next Previous Contents

1. Policies

1.1 Policies for password

You can define here what is acceptable as a password. You control the minimum length and the number of non-alpha characters. By forcing passwords made with other characters, you encourage the choice of better passwords (which are hard to guess and crack).

Note that this is not effective on PAM aware systems such as Red Hat. The PAM library has its own set of rules for accepting or rejecting a new password.

1.2 Private group

When this feature is enabled, Linuxconf will create a group with the same name as the user account, unless a group is specified. The dialog for a new account appears with the group field empty.

When disabled, Linuxconf assigns a default group to new accounts (users).

This feature is not effective for special accounts such as POP and PPP accounts since those accounts are assigned to a specific group (popusers and pppusers).

Note also that this feature does not prevent you from assigning the group you want to an account. If the group does not exist, you will have the opportunity to create it on the fly.

1.3 Default base directory for homes

Specify the base directory which will be used to create new user accounts. It defaults to /home.

1.4 Creation permissions

This controls how the home directory are created. You must enter an octal number representing three triplets. Each triplet represents the bits for read, write and execute(lookup). The first triplet sets the owner access and we generally enter 7 there (the owner has full access in his home directory. The second triplet represents the group access. The last triplet represents the access for everybody else.

In general, a value of 750 is suitable. This means that the owner has full access and members of his group have read and lookup access.

1.5 Visibility flags

The following check-box control the visibility of some area of the user account dialog. This is intend to remove seldom used field to help casual co-administrators.

These check-box have no effect when Linuxconf is run by root directly.

Show the shadow parameters

This controls the visibility of the parameters defined in /etc/shadow. A complete section of a user account is either shown or hidden.

The check-box is there to simplify the user account dialog, since the shadow parameters are seldom used.

Show the expiration date

This controls the visibility of one parameter defined in /etc/shadow. This fields specify the expiration date of the account. It is optional.

May change the HOME directory path

This check-box controls the visibility of the home directory field in the user account dialog. When this check-box is UN-set, the field is not accessible anymore. New accounts are always created in the default directory (you can setup one defaults directory per group) and can't be changed from Linuxconf.

The check-box is there to simplify the user account dialog, since the home directory is seldom changed on a per user basis.

Note that the account numerical id visibility is also controlled by this check-box.

May change the login shell

This check-box controls the visibility of the login shell field. This is there to simplify the user account dialog, especially in the case where the administrator has defined only one available shell.

May edit the disk quotas

This check-box controls the visibility of the disk quota section.

May edit the scheduled tasks

This controls the availability of the "tasks" button. This button lets you configure the crontab settings of the user accounts.

Next Previous Contents