My linux accounts
I plan a post on installing linux. This is a preliminary posts on the user accounts that I setup as part of the installation.
I use three accounts. The login names for those three accounts are:
The intended use of the first of these, is for system administration tasks. The second of those is my primary account, where I get most of my work done. The third of those is for testing purposes. On my current linux systems, the three accounts have uid (numerical userid) of 1000, 1001, 1002 respectively.
I have been using this assortment of accounts for almost 20 years. And I have found it convenient enough that I continue that practice. I have used this account arrangement on linux systems and on solaris systems.
The support account
As indicated, I use the support account primarily for system administration purposes. I actually use it very little on my current linux systems. When administering a solaris network, I used it more extensively. I normally use only for command line access, though with some exceptions.
The home directory for the support account is always on the local system. If managing a network of computers, where home directories are mounted via NFS, the support account will still have only a local home directory that is not NFS mounted. As a result, the home directory must be copied to each of the networked computers. Since the support account is not intended for GUI access, the home directory is small, so having replicas does not take much disk space.
The reason for support to have a local home directory, is that sometimes NFS breaks. If that happens, the support user should still be able to login to investigate the problem.
Likewise, the support account always exists in the local “/etc/passwd” and “/etc/shadow” file. Even if a network database is used (YP/NIS or LDAP), the support account only depends on local files. This is because sometimes YP and LDAP can break. The support account needs to be independent of that breakage, so that I can login as support user to investigate the problem. The downside is that if I change the password on one of the computers, then I will probably need to make the corresponding change on all of the other computers in the network.
With opensuse, I place the support user in the “root” group. That is so that the support user can read logs in “/var/log/messages”. I’m not sure why opensuse makes access to that log file so restrictive but since it does, I want the support account to still have access.
The $HOME/bin directory for support mainly consists of useful shell scripts.
The rickert account
There’s not much to say about this account. It is what I normally use. I typically access it via a GUI (or desktop environment). I am currently using KDE for the desktop. Document editing, web browsing, remote login to work computers, etc. – these are all done from the rickert account. Most of my computer time is spent logged into this account.
The nwr account
The important thing about the nwr account, is that there is nothing important about it. There are very few files under that account.
If I want to experiment with a different desktop configuration (different KDE options), then I first login to the “nwr” account at the command line level, and delete just about everything in the home directory. I then logout, followed by a GUI login. That allows me to test the GUI (the desktop environment) as it would originally be setup for a new user. I can then proceed to experimentally configure it to try something different. And if I break the desktop, then nothing is lost becasue there was nothing important about that account. I can just delete everything in the home directory of that account, and start over.