User Management
Overview
User Manager service exposes D-Bus methods for user management operations.
User Manager Interface
User manager interface xyz.openbmc_project.User.Manager provides following methods, properties and signals.
xyz.openbmc_project.User.Manager interface
methods
- CreateUser - To create new user to the system.
- RenameUser - To rename existing user to new name in the system.
properties
- AllGroups - To list all the groups supported in the system.
- AllPrivileges - To list all the privileges supported in the system.
signals
- UserRenamed - Signal sent out when user is renamed in the system.
xyz.openbmc_project.User.AccountPolicy interface
properties
- MaxLoginAttemptBeforeLockout - Permissible attempt before locking out the user for failed login attempts.
- AccountUnlockTimeout - Timeout (in seconds) to unlock the account after a lockout.
- MinPasswordLength - Minimum password length, which can be set.
- RememberOldPasswordTimes – Number of times old password shouldn’t be allowed when updating password for the user.
Users Interface
User manager daemon, will create user objects for every user existing in the system under object path /xyz/openbmc_project/user/<user name>. Each user object can be handled through 'org.freedesktop.DBus.ObjectManager'. User object will expose following properties and methods.
xyz.openbmc_project.User.Attributes interface
properties
- UserPrivilege - Privilege of the user.
- UserGroups - Groups to which the user belongs.
- UserEnabled - User enabled state.
- UserLockedForFailedAttempt - Locked or unlocked state of the user account.
xyz.openbmc_project.Object.Delete
methods
- Delete - To delete the user object in the system.
##Note This interface doesn't provide ways to set / update password. The same must be set / updated through pam_chauthtok() (PAM modules). This is to avoid sending out password through D-Bus.