How-To: Rename/Change User in Linux

Contents
1. Overview
2. Solution
3. Notes
4. Attribution

NOTE: This entry is just a basic overview and should not be considered complete. Changing an existing user can be complicated by application configuration dependencies that may not be changed when the user is changed. Be sure you have a backup of your data before you proceed!

Overview

Recently I have found that I have a need to change my user account on a virtual machine (VM) running liunx to a more generic account in order that others may use the virtual machine without having to use my user credentials. I find VM’s extremely handy for portable development and stability, as I don’t always want to expose my development environment to the kinds of changes that often accompany upgrades in my desktop distribution.

To that end, I have found that with a few fairly simple commands I can not only rename my user account, but ensure that group associations are maintained and the home path is updated appropriately. However, as I state at the beginning of this article, none of the following commands will guarantee that installed applications will work without a little ‘tweaking’. In my case, my Netbeans project files needed to be updated with the new home path as I did not define them with relative paths but rather with direct path references. You have been warned (again)

Solution

Before beginning, but sure you have logged out of your user account. Do not attempt to run these commands from a shell while logged in as your user! In my case, I booted my machine using the “recovery mode” and dropped to the root-user shell to issue the following commands.


# killall -u old
# id old
# usermod -l new old
# groupmod -n new old
# usermod -d /home/new -m new
# usermod -c “New Real Name” new
# id new


The following is a brief summary of what these commands do. For more information, RTFM (remember, man is your friend)

‘killall -u old’ will kill all processes owned by the user ‘old’ where ‘old’ should be the name of the user to be changed.

‘id old’ will print out the real and effective user and group ID’s for user ‘old’.

‘usermod -l new old’ will change the user name ‘old’ to ‘new’ (where ‘new’ is the new user name to be used). Note that this only changes the users name, not his home directory, groups or any else.

‘groupmod -n new old’ will change the group name ‘old’ to ‘new’. Similar to the previous usermod command, this command will only update the group and nothing else.

‘usermod -d /home/new -m new’ will change the new user’s home folder to /home/new.

‘usermod -c “New Real Name” new’ will change the user’s password file comment field only.

‘id new’ will print out the real and effective user and group ID’s for user ‘new’. This is done so that you can verify that the expected changes have occurred.

Notes

These commands should result in changing the user ‘old’ to a new user ‘new’ as well as creating and assigning a new home folder and ensuring that all groups that ‘old’ belonged to are transferred to ‘new’. After logging into the new account, I promptly changed the user password (with passwd) and will encourage the user of this VM to change it to something unique to them and changed my keyring password (using seahorse).

Lastly, I install a few utilities that rely on a local MTA (postfix in my case) and found I had to modify the postfix configuration in order to ensure continued mail receipt. I also run apt-listchanges which is configured to mail to my account the changelogs and news of any packages that are to be changed/updated (I highly recommend installing this feature if you run a debian machine and use apt). I had to reconfigure apt-listchanges in order to update the mail account name to use when sending these notifications. Finally, I had to dig deep into my Netbeans project folder to locate private.properties and private.xml in order to update the path assignments for project paths and server paths such as for my instance of apache tomcat.

I can’t be sure that this covers all my specific issues however, and in time may discover other configuration files that will need to be changed. However, from the looks of it, these steps will cover about 90%+ of the changes required.

Attribution

Thanks to the post I found at http://www.cyberciti.biz/faq/howto-change-rename-user-name-id/ and the comment from a user who identifies himself as simply ‘ubuntu’ for the expanded set of commands.

Thoughts on RAID for Linux

The following article is for my own personal benefit, however comments are welcome, as the resulting document is limited to my personal experience with soft-RAID on Ubuntu 9.04.

Brief summary of RAID

RAID, an acronym for redundant array of independent disks, is a technology that provides increased storage reliability through redundancy, combining multiple low-cost, less-reliable disk drives components into a logical unit where all drives in the array are interdependent.^[1]

There are a number of RAID levels which are described in detail at http://en.wikipedia.org/wiki/RAID#Standard_levels. For the purposes of this article I will be focusing on RAID 1 with some references to RAID 0.

Types of RAID

It’s important to note that there are essentiall three types of RAID:

1. Hardware
2. Software
3. FakeRAID

In the case of hardware RAID, all the RAID functionality is handled by the hardware and does not require additional software components as the RAID drive(s) will be exposed to the underlying OS as standard devices.

Software RAID is quite different from hardware RAID. Software RAID is handled by the OS which has a number of implications in terms of availability and performance – not to mention management.

FakeRAID is partial hardware RAID without the features and functions that a true hardware RAID controller offers. This type of RAID has be come increasingly available as more and more motherboards come equipt with BIOS-RAID controls which permit the creation of a RAID array without the ability to manager it (beyound it’s creation and deletion).

FakeRAID is generally supported by Windows OS with the use of additional drivers and software RAID running on the OS. FakeRAID is supported on Linux via dmraid which permits dual-boot between Windows OS and Linux OS whilst maintaining a consistant RAID array.

More on Software RAID

There are essentially two types of software RAID for Linux:

1. dmraid (device-mapper)
2. mdadm (multiple disk administrator)

In the Linux kernel, the device-mapper serves as a generic framework to map one block device onto another. It forms the foundation of LVM2 and EVMS, software RAIDs, dm-crypt disk encryption, and offers additional features such as file-system snapshots.

Device-mapper works by processing data passed in from a virtual block device, that it itself provides, and then passing the resultant data on to another block device.^[2]

mdadm is a Linux utility by Neil Brown that is used to manage software RAID devices, previously known as mdctl. Besides managing, it can create, delete, or monitor Linux software RAIDs. Available under version 2 or later of the GNU General Public License, mdadm is free software.

mdadm derives its name from the “md” (multiple disk) device nodes it “adm”inisters or manages.^[3]

Which Soft-RAID to use?

There are a numbre of fundamental differences between dmraid and mdadm that I won’t attempt to get into here. However, the decision for which software RAID to choose comes down to one question: Will this PC be configured for dual-boot between Linux and Windows? If the answer is no, then mdadm is the solution to choose.

I have discovered that dmraid does not offer the same level of functionality – particularly when it comes to managing the RAID in cases where the RAID has become degraded or a drive has to be replaced. Early version of dmraid (including the version installed with Ubuntu 9.04) can not rebuild a degraded array. This means that even after replacing a defective drive, the RAID will remain degraded.

On the other hand, mdadm is a fully-functioning software RAID solution which provides all the management tools required to manage all aspects of the array.

Given just these few differences, it’s clear that mdadm is the better software RAID solution for a dedicate Linux PC. However, what if during the installation of the OS dmraid was selected? Can dmraid be converted to use mdadm and therefore permit leverage of all the management tools mdadm provides? Fortunately, the answer is a qualified yes! The qualification assumes that the existing RAID is 1 (and not 0).

Convertion dmraid to mdadm

Overview

For the sake of this article I will make a few assumption:

1. System was installed with RAID 1.
2. At least one disk in the array is fully functioning.
3. At least one disk is available to create the new RAID 1 array
4. The operator has some knowledge of what they are doing!

Essentially the steps that will be covered as as follows:

1. Break dmraid.
2. Disable FakeRAID in BIOS.
3. Create a “broken” RAID 1 array with mdadm.
4. Replicate data from “broken” dmraid array to newly created “broken” mdadm array.
5. Configure system to boot from newly created “broken” mdadm array.
6. Add “broken” dmraid disk into mdadm array.
7. Rebuild mdadm array.

I have borrowed heavily from http://wiki.archlinux.org/index.php/Convert_a_single_drive_system_to_RAID for this document. Please refer directly to this document with questions concerning consistency of this document or other issues not covered here.

!!! WARNING !!!

At this point I want to be sure I state clearly that if this document is to be used by someone other than me that your understanding of hardware and the Linux operating system is better than novice! I will not be held responsible for loss of data, bricked hardware, or anything else related to the steps I’m laying out here! You have been warned!

Getting Started: Breaking dmraid!

In order to begin the existing dmraid must be broken and the system must be able to boot from one of the two drives without RAID support. This is a two step process involving erasing the dmraid metadata from the drives making up the array and then removing dmraid – in the process rebuilding the linux kernel such that is does not expect a dmraid device.

To be safe, boot the system as usual and set the run level to 1. This should be done from a tty terminal and not from an open terminal window from the GUI. Use <Ctrl><Alt><F1> to open tty1 then log in and set the run level. This should to be done either as root or with root privileages via sudo.

# telinit 1

This should generate the Recovery Menu from which you can select Root – Drop to root shell prompt. After providing the root user password the system will be running in single-user mode (no multiple ttys) and logged in as root.

To break dmraid it will be necessary to erase the metadate stored on the disks that make up the array. Once the metadata has been erased the system will no longer be bootable via RAID. Therefore, it will be necessary to edit a few files in order to ensure the system remains bootable.

First, however, break the dmraid with:
dmraid -E -r /dev/sd[ab]
NOTE: this assumes the array was built with /dev/sda and /dev/sdb. Your system may vary.

Once the metadata has been removed the drives will no longer be recognized by the BIOS RAID controller as apart of the FakeRAID array. It will be necessary to tell GRUB where the root file system is. It will also be necessary to tell mount where to find the various file system partitions.

Edit /etc/fstab and substitute the appropriate devices for the dmraid-mapped devices. Example:
# vim /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
#
proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda5 during installation
#UUID=e9eeafc1-691a-4904-8032-2cc6c75bc175 / ext4 noatime,errors=remount-ro 0 1
/dev/sda2 / ext4 noatime,errors=remount-ro 0 1
# /boot was on /dev/sda1 during installation
#UUID=c4a18ea5-336e-42a0-8da8-26f6f3d98d48 /boot ext3 noatime 0 2
/dev/sda1 /boot ext3 noatime 0 2
# swap was on /dev/sda6 during installation
#UUID=64571446-2b40-4d09-9fe0-82d262ebce14 none swap sw 0 0
/dev/sda3 none swap sw 0 0
#/dev/fd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0
/dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0

NOTE: You can certainly substitute the UUID for the device, but since this is only a temporary change until the mdadm RAID is complete, there is no point in doing this – just make the changes to the devices and push on.

Add a new entry to /boot/grub/menu.lst which will boot using the device map:
# vim /boot/grub/menu.lst
title Ubuntu 9.04, kernel 2.6.28-19-generic (w/o RAID)
root (hd0,0)
kernel /vmlinuz-2.6.28-19-generic root=/dev/sda2 ro
initrd /initrd.img-2.6.28-19-generic

The above code should be added to the section of menu.lst which describes all the other boot options. Note that the root directive should point to (hdx,y) and the kernel directive root option should point to the physical device defined for root.

Lastly, remove dmraid. Doing so will ensure the correct kernel is in place for the next boot.
# aptitude remove --purge dmraid

Disable FakeRAID in BIOS

At this point boot the system. During the boot be sure to modify the BIOS and disable RAID. I chose to configure SATA as AHCI and set the boot priority to boot from HDD:P0. Other BIOS may have other settings.

If all went well the system should now boot without dmraid to /dev/sda.

Create “broken” RAID 1 array with mdadm.

Once it has been established that the system is bootable without dmraid, install mdadm. This step could have been done eariler without harm to the system. Just be sure mdadm has been installed before proceeding with the following actions.

The first thing that will have to be done is to partition the disk not currently in use (/dev/sdb in this case) for use with mdadm as raid-away partitions. Assuming no physical changes will be made to the layout of the partitions, this simply requires changing the type of the partitions and formatting them with the appropriate filesystem.

Begin by changing the partition type for each of the partitions which will be members of the array to Linux raid autodetect which is type fd.
# sudo fdisk /dev/sdb

The number of cylinders for this disk is set to 77825.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): t
Partition number (1-7): 1
Hex code (type L to list codes): fd

Command (m for help):
Repeat these steps for all appropriate devices and write the results. The system will warn you that the new table will not be used until the system has booted. This is expected. Do not boot at this time.

Next, create the single-disk RAID-1 array. Note the “missing” keyword is specified as one of our devices. We are going to fill this missing device later.

# mdadm --create /dev/md0 --level=1 --raid-devices=2 missing /dev/sdb2
mdadm: array /dev/md0 started.


Note: If the above command causes mdadm to say “no such device /dev/sdb2”, then reboot, and run the command again.

If you want to use Grub 0.97 (default in the Ubuntu Linux 9.04) on RAID 1, you need to specify an older version of metadata than the default. Add the option “–metadata=0.90” to the above command. Otherwise Grub will respond with “Filesystem type unknown, partition type 0xfd” and refuse to install. This is supposedly not necessary with Grub 2.

# mdadm --create /dev/md0 --metadata=0.90 --level=1 --raid-devices=2 missing /dev/sdb2
mdadm: array /dev/md0 started.


Make sure the array has been created correctly by checking /proc/mdstat:
# cat /proc/mdstat
Personalities : [linear] [raid0] [raid1] [raid5] [multipath] [raid6] [raid10]
md0 : active raid1 sdb2[1]
40064 blocks [2/1] [_U]

unused devices:

The devices are intact, however in a degraded state. (Because it’s missing half the array!)

References

1. http://en.wikipedia.org/wiki/RAID
2. http://en.wikipedia.org/wiki/Device_mapper
3. http://en.wikipedia.org/wiki/Mdadm

Replacing default desktop manager with qingy on Ubuntu intrepid

I often find that I want to login to a text console as opposed to my GUI. I use Ubuntu 8.10 (intrepid ibex) with gnome which uses gdm desktop manager by default. I’ve found in the past while working with gentoo that I can replace the GUI login provided by kdm, gdm, etc. with qingy which uses framebuffer video support to provide a nice splash screen without the overhead of a full-blown GUI.

With the introduction of upstart as a replacement for inittab in ubuntu there are different steps to making qingy work and the qingy (and other) sites suggest. First, install qingy (this part hasn’t changed!). I installed from repos, but you can download and install from the qingy home page (http://qingy.sourceforge.net/). the repos will place the quingy binary in /usr/sbin. Next, edit /etc/event.d/tty1. Comment out the statement # exec /sbin/getty 38400 tty1 and add a new statement exec /usr/sbin/qingy tty1. This will alter tty1 from loading getty to qingy. NOTE: Many how-to’s suggest replacing getty with qingy for all but one tty. I do not feel this is necessary, as I’m merely using qingy as a replacement for gdm and I only need one instance of this.

Next, disable your desktop manager. I’ve stated that I use gdm so if you are using kde or xdm (or something else entirely) you may have to figure out the best way to do this. The easiest way to disable gdm is by using bum (boot-up manager GUI). This will likely have to be installed using your favorite installation method. I use sudo aptitude install bum from the command line. Once running, locate GNOME Display Manager and un-check it. If you click apply the GUI session will end! You have been warned!

At this point you should be able to boot your machine and find that you have a nifty splash screen with options to start different sessions, among them will be text-console.

Note: you will likely want to change some of the default configuration for qingy. For instance, by default qingy will launch your GUI session in the open tty (tty1 in this case). If, like me, you are used to seeing the GUI on tt7, you have to change /etc/qingy/settings x_server_tty = unused_tty. There are many other settings that can be adjusted in the setting files as well.

Also, you can find a nice selection of themes for qingy on freshmeat (http://themes.freshmeat.net)

*** HEADS UP ***
Now, this is where things got a little frustrating for me. When I logged into a gnome session, I discovered that my audio was not initializing. I could not playback audio or work with audio in any way. I did not get any specific errors: dmesg, /var/log/syslog and /var/log/messages did not reveal any obvious errors. I tested audio from a text-console and found that I could playback mp3 files using mpg321 or ximp3 (both console based mp3 players), but only if I run these apps as sudo.

This gave me the vital clue that helped to solve the problem with gnome. It turns out that my user account was not a member of the audio group that is installed when ubuntu was installed. It’s apparently not necessary when you use gdm as your desktop manager. By adding my user to the audio group I was able to playback audio from text-console without the need of sudo *and* when I logged into my gnome session audio was working!

In addition to audio not working, nm-applet (the panel NetworkManager icon control) is also not working.  This item took a little more effort to resolve, as it’s not a simple matter of adding a user account to a group.  The way I resolved this might not be the correct method, so please do your own research! However, I found that if I modified a number of files in /etc/dbus-1/system.d/ I could make it work.  Specifically I modified the following files:

1. /etc/dbus-1/system.d/ConsoleKit.conf
2. /etc/dbus-1/system.d/NetworkManager.conf
3. /etc/dbus-1/system.d/nm-applet.conf
4. /etc/dbus-1/system.d/nm-avahi-autoipd.conf
5. /etc/dbus-1/system.d/ nm-dhcp-client.conf
6. /etv/dbus-1/system.d/nm-dispatcher.conf
7. /etc/dbus-1/system.d/ nm-system-settings.conf

For each of these files I copied the policy user section “root” and changed the user to my user account.

TO REPEAT: This may *not* be the correct way to do this, but in the end it worked.

Another issue I had was with the use of encfs which I used for directory encryption. I found that until I added my user account to the fuse group I was unable to mount my encrypted directories.

I suspect that there are other issues as well with this approach.

If you have any suggestions or comments regarding this method vs. some other method, please post here or provide a link to the suggestion.

Linux: How to kill and logout users

Task: How to halt/stop a user

# skill -STOP -u <user>

You muse be root to stop other users. For debian/ubuntu you should precede this command with sudo.

Task: How to resume already halted user

# skill -CONT -u <user>

Task: How to kill and logout user

# skill -KILL -u <userid>

Task: Kill and logout all users

The ultimate command to kill and logout all users:
# skill -KILL -v /dev/pts/*