1 <?xml version="1.0" encoding="UTF-8"?>
13 This specification-by-example defines a key tree layout for users, groups and password.
15 Its purpose is similar to the Unix well-known files:
21 It defines 2 trees, system/users and system/groups
22 All keys must be owned by root with RO permissions to others, exept for the
23 password keys which should be readable only to root.
25 In this example we'll define the 'jdoe' user and 'root' keys.
35 <keyset xmlns="http://www.libelektra.org"
36 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
37 xsi:schemaLocation="http://www.libelektra.org elektra.xsd"
43 <key basename="users/jdoe">
44 <!-- The 'jdoe' record -->
47 <key basename="gecos" value="John Doe"/>
49 <!-- User and group IDs -->
50 <key basename="uid" value="500"/>
51 <key basename="gid" value="800"/>
53 <!-- Home directory and shell program -->
54 <key basename="home" value="/root"/>
55 <key basename="shell" value="/bin/bash"/>
57 <!-- Password metainfo as /etc/shadow.
58 Check the 'mode' attribute, meaning they are secure keys -->
59 <key basename="passwdChangeAfter" mode="0600" value="99999"/>
60 <key basename="passwdChangeBefore" mode="0600" value="0"/>
61 <key basename="passwdDisableAfter" mode="0600"/>
62 <key basename="passwdDisabledSince" mode="0600"/>
63 <key basename="passwdReserved" mode="0600"/>
64 <key basename="passwdWarnBefore" mode="0600" value="7"/>
66 <!-- Obsolete key.... from /etc/passwd -->
67 <key basename="password" mode="0644" value="x"/>
69 <!-- Real password goes here in encrypted form -->
70 <key basename="shadowPassword" mode="0600" value="an encrypted passwd should appear here"/>
74 <!-- The group which jdoe is member of -->
75 <key basename="groups/guests">
76 <key basename="gid" value="800"/>
77 <key basename="members" value="jdoe,miriam,ana"/>
88 <!-- The 'root' record -->
90 <key basename="users/root">
91 <key basename="gecos" value="root"/>
92 <key basename="uid" value="0"/>
93 <key basename="gid" value="0"/>
94 <key basename="home" value="/root"/>
95 <key basename="shell" value="/bin/bash"/>
96 <key basename="passwdChangeAfter" mode="0600" value="99999"/>
97 <key basename="passwdChangeBefore" mode="0600" value="0"/>
98 <key basename="passwdDisableAfter" mode="0600"/>
99 <key basename="passwdDisabledSince" mode="0600"/>
100 <key basename="passwdReserved" mode="0600"/>
101 <key basename="passwdWarnBefore" mode="0600" value="7"/>
102 <key basename="password" mode="0644" value="x"/>
103 <key basename="shadowPassword" mode="0600" value="an encrypted passwd should appear here"/>
107 <key basename="groups/root">
108 <key basename="gid" value="0"/>
109 <key basename="members" value="root"/>
114 <!-- Just another group that has root as a member -->
115 <key basename="groups/sys">
116 <key basename="gid" value="3"/>
117 <key basename="members" value="root,bin,adm"/>