|
|
To begin seeing how to work with NetInfo, here's a straightforward script that allows you to easily interface with the NetInfo database through the nireport utility.
#!/bin/sh
# listmacusers - Simple script to list users in the Mac OS X NetInfo database.
# Note that Mac OS X also has an /etc/passwd file, but that's
# used only during the initial stages of boot time and for
# recovery bootups. Otherwise, all data is in the NetInfo db.
fields=""
while getopts "Aahnprsu" opt ; do
case $opt in
A ) fields="uid passwd name realname home shell" ;;
a ) fields="uid name realname home shell" ;;
h ) fields="$fields home" ;;
n ) fields="$fields name" ;;
p ) fields="$fields passwd" ;;
r ) fields="$fields realname" ;;
s ) fields="$fields shell" ;;
u ) fields="$fields uid" ;;
? ) cat << EOF >&2
Usage: $0 [A|a|hnprsu]
Where:
-A output all known NetInfo user fields
-a output only the interesting user fields
-h show home directories of accounts
-n show account names
-p passwd (encrypted)
-r show realname/fullname values
-s show login shell
-u uid
EOF
exit 1
esac
done
exec nireport . /users ${fields:=uid name realname home shell}
Almost this entire script is involved in building the variable fields, which starts out blank. The nireport utility allows you to specify the names of the fields you'd like to see, and so, for example, if the user specifies -a for all interesting fields, nireport actually is fed
fields="uid name realname home shell"
This is a clear, straightforward script that should be quite easily understood.
The listmacusers script accepts quite a few different command arguments, as shown in the usage message. You can specify exact fields and field order by using hnprsu, or you can list all fields except the encrypted password field with -a or force everything to be listed with -A. Without any arguments, the default behavior is to show all interesting user fields (-a).
First off, let's specify that we want to see the user ID, login name, real name, and login shell for every account in the NetInfo database:
$ listmacusers -u -n -r -s -2 nobody Unprivileged User /dev/null 0 root System Administrator /bin/tcsh 1 daemon System Services /dev/null 99 unknown Unknown User /dev/null 25 smmsp Sendmail User /dev/null 70 www World Wide Web Server /dev/null 74 mysql MySQL Server /dev/null 75 sshd sshd Privilege separation /dev/null 505 test3 Mr. Test Three /bin/tcsh 501 taylor Dave Taylor /bin/bash 502 badguy Test Account /bin/tcsh 503 test /bin/tcsh 506 tintin Tintin, Boy Reporter /bin/tcsh 507 gary Gary Gary /bin/bash
Notice that it shows many of the administrative accounts (basically everything with a login shell of /dev/null). If we want to see only login accounts, we'll want to screen out the /dev/null shells:
$ listmacusers -u -n -r -s | grep -v /dev/null 0 root System Administrator /bin/tcsh 505 test3 Mr. Test Three /bin/tcsh 501 taylor Dave Taylor /bin/bash 502 badguy Test Account /bin/tcsh 503 test /bin/tcsh 506 tintin Tintin, Boy Reporter /bin/tcsh 507 gary Gary Gary /bin/bash
The badguy account isn't supposed to be there! To find out what's going on there, and to modify NetInfo entries, it's wise to use the Apple-supplied NetInfo Manager application, which can be found in Applications/Utilities or launched from the command line with the command
open -a "NetInfo Manager"
|
|
| This HTML Help has been published using the chm2web software. |