[OS X TeX] Re: users and groups on Leopard

Tue Mar 11 19:50:56 CET 2008

Hi Bruno,

On 11/03/2008, at 9:32 PM, Bruno Voisin wrote:

> Le 11 mars 08 à 02:56, Alan Litchfield a écrit :
>
>> I missed the original query from Bruno, but to view all the users  
>> on a unix system, type into a Terminal:
>>
>> > cat /etc/passwd
>>
>> You can use the `cut` command to only see one field from the  
>> password file.
>>
>> For example, to just see the Unix user names, use the command:
>>
>> > cat /etc/passwd | cut -d: -f1
>>
>> To find out more about cut read its man pages.
>
> Hi Alan,
>
> With Leopard the above doesn't seem to apply anymore. If you open / 
> etc/passwd you'll see that it begins with

I use Leopard and it works fine for me. You are typing this on the  
command line aren't you?

Perhaps you need to sudo?

>
> So it seems the standard Unix permission mechanism has been  
> superseded by Directory Services, based on Access Control Lists. If  
> I understood correctly, the purpose is to allow authentication to be  
> delegated to LDAP or ActiveDirectory servers, instead of being dealt  
> with locally based on Unix permissions.

I would not have thought so.

>
>
> Directory Utility (in /Applications/Utilities/) allows to configure  
> access to such servers, though I imagine the new mechanism is  
> primarily designed for central administration by a system  
> administrator via Mac OS X Server. Directory Utility has also  
> inherited from NetInfo Manager the ability to activate the root user  
> and change its password.

The Directory utility really only provides a nice user interface so  
you can mount remote directories on your computer and treat them as  
volumes.
>
> For example, yesterday when I realized I could not write to my  
> backup hard drive any longer, I used Get Info in the Finder to set  
> permissions for the drive. I thought I was redefining standard  
> ownership (user, group, all) for this volume, redefining the user  
> (myself) and giving read and write permissions to it. But I realized  
> afterwards I had just added a new "user" having read and write  
> permissions for the volume: in Terminal, the permissions and  
> ownership for the volume hadn't changed (according to ls -l). Thus,  
> some other mechanism must have taken over.

Hmm, can't make comment about that. But if I need to change the mode  
or ownership I only chown or chmod.

>
>
> It seems the dscl command-line tool allows to perform most tasks  
> related to permissions, though its syntax feels a bit obscure.  
> Thanks to John Rawnsley, it appears the list of user ids can be  
> gotten from
>
> 	dscl localhost -list /Local/Default/Users UniqueID
>
> and the list of group ids from
>
> 	dscl localhost -list /Local/Default/Groups PrimaryGroupID
>

[lots of interesting things snipped]

I was unfamiliar with dscl. Nice looking app and well documented too  
(man dscl or info dscl). I'll need to have a play with that I think.

Cheers
Alan

--
Alan Litchfield MBus(Hons), MNZCS
AlphaByte
PO Box 1941, Auckland, NZ. 1140