From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <20090217102236.203770@gmx.net> References: <20090217102236.203770@gmx.net> Date: Tue, 17 Feb 2009 06:43:19 -0500 Message-ID: <509071940902170343q3298de2ahb08a170a19a0c027@mail.gmail.com> From: Anthony Sorace To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [9fans] create user with password Topicbox-Message-UUID: a2d8265e-ead4-11e9-9d60-3106f5b1d025 the model around users and passwords can be one of the most confusing things for someone coming from other systems. the very short, oversimplified version is that plan9 doesn't really carae about such things if all you're doing is local access; you'll need a real user/passwd when you start trying to access remote resources. when you boot a plan9 kernel, it has a cocept of "hostowner" (sometimes refered to as 'eve'). conventially, for terminals right after installation, this is "glenda", but it can be almost anything you like. nino, glenda, adm, or iamnotreallyauser should all work. hostowner wil be set to that, and hostowner will own all the kernel resources and all the initial processes (except, perhaps, a few started as "none"). if you'd like to reboot your box as 'adm' or 'glenda' and scribble all over important system files, nothing will stop you. as soon as you try to access some remote resource, however, you're going to be asked to present credentials demonstrating you are who you say you are. an "auth server" will get involved, and then the process with the auth/* files will be necessary. you're entirely able to set this up on your local terminal to get a sense of how it all fits together (read the man pages and wiki entries on setting up an auth server), but keep in mind the local permisiveness remains. this can be disconcerting to somone used to the illusion of security provided by a local password. if your data is that important, you ought to be encrypting it if there's some chance an untrusted party will physically get their hands on it. once someone has their hands on your disk, all bets are off.