CONSFIGURATOR.PROPERTY.USER

API reference

General

Property: USER:HAS-ACCOUNT

(user:has-account username)

Ensure there is an account for USERNAME. Note that this uses getent(1) and so is not strictly POSIX-compatible.

Property: USER:HAS-ACCOUNT-WITH-UID

(user:has-account-with-uid username uid &key gid)

Ensure there is an account for USERNAME with uid UID. Also ensure the group named USERNAME has gid GID, USERNAME’s primary group is that group, and ~USERNAME and its contents are owned by UID:GID.

Property: USER:GROUP-EXISTS

(user:group-exists groupname)

Ensure there is a group GROUPNAME. Note that this uses getent(1) and so is not strictly POSIX-compatible.

Property: USER:HAS-GROUPS

(user:has-groups username &rest groups)

Ensure that USERNAME is a member of secondary groups GROUPS.

Property: USER:HAS-DESKTOP-GROUPS

(user:has-desktop-groups username)

Add user to the secondary groups to which the OS installer normally adds the default account it creates. Skips over groups which do not exist yet, pending the installation of other software.

Property: USER:HAS-LOGIN-SHELL

(user:has-login-shell username shell)

Ensures that USERNAME has login shell SHELL. Note that this uses getent(1) and so is not strictly POSIX-compatible.

Property: USER:HAS-ENABLED-PASSWORD

(user:has-enabled-password username &key initial-password)

Ensures that it is possible to login as USERNAME; if this requires enabling the account’s password, also set it to INITIAL-PASSWORD. The main purpose of this property is to ensure that in a freshly installed system it will be possible to log in. The password should usually be changed to something which is not stored in plain text in your consfig right after, and then this property will do nothing.

Property: USER:HAS-LOCKED-PASSWORD

(user:has-locked-password username)

Ensure that USERNAME cannot login via a password.

Function: USER:PASSWD-FIELD

(user:passwd-field n username-or-uid)

Get the nth entry in the getent(1) output for USERNAME-OR-UID. Note that getent(1) is not specified in POSIX so use of this function makes properties not strictly POSIX-compatible.

Function: USER:USER-INFO

(user:user-info username-or-uid)

Return passwd database entry for USERNAME-OR-UID as an alist.

Falls back to getent(1), which is not specified in POSIX, so use of this function makes properties not strictly POSIX-compatible.