Adding a User Account

Mesh Hypervisor nodes don’t handle user accounts gracefully—Linux’s /etc/passwd isn’t atomic. This guide shows a workaround: append user data via a group to add a user (e.g., mal) across nodes consistently. Commands run via SSH to the central orchestration node’s CLI (e.g., ssh root@<central-ip>). For node basics, see Configuring Nodes.

Prerequisites

Ensure:

• A remote node is online (mesh node info—e.g., hostname terrible-tuneup).
• You’ve got a machine folder (e.g., /host0/machines/terrible-tuneup/).

Step 1: Create the User on the Central Node

To avoid errors in mesh system configure, add the user on the central node first—its compile-apkovl script needs the UID/GID to exist.

1. Add User: On the central node:

   adduser mal
   

   • Set password (e.g., mysecret), fill optional fields (e.g., “Linux User” for full name), pick /bin/bash.
   • UID (e.g., 1000) auto-increments—note it from /etc/passwd.
2. Copy Lines: Extract user data:

   grep "^mal:" /etc/passwd > /tmp/passwd-mal
   grep "^mal:" /etc/group > /tmp/group-mal
   grep "^mal:" /etc/shadow > /tmp/shadow-mal
   

   • Saves mal’s lines—e.g., mal:x:1000:1000:Linux User,,,:/home/mal:/bin/bash.

Step 2: Build the User Group

1. Make the Group: Create /host0/groups/useracct-mal/:

   mkdir /host0/groups/useracct-mal
   

2. Add Manifest: Create /host0/groups/useracct-mal/manifest:

   A MODE=root:root:0644 SRC=/host0/groups/useracct-mal/passwd TGT=/etc/passwd
   A MODE=root:root:0644 SRC=/host0/groups/useracct-mal/group TGT=/etc/group
   A MODE=root:root:0640 SRC=/host0/groups/useracct-mal/shadow TGT=/etc/shadow
   D MODE=1000:1000:0755 TGT=/home/mal
   

   • Appends user data, makes /home/mal with UID:GID (not mal, as it might not exist yet on nodes).
3. Add Files: In /host0/groups/useracct-mal/:
   • passwd: Copy from /tmp/passwd-mal (e.g., mal:x:1000:1000:Linux User,,,:/home/mal:/bin/bash).
   • group: Copy from /tmp/group-mal (e.g., mal:x:1000:).
   • shadow: Copy from /tmp/shadow-mal (e.g., mal:$6$...hashed...mysecret...:20021:0:99999:7:::).

   cp /tmp/passwd-mal /host0/groups/useracct-mal/passwd
   cp /tmp/group-mal /host0/groups/useracct-mal/group
   cp /tmp/shadow-mal /host0/groups/useracct-mal/shadow
   

Step 3: Apply to the Node

1. Link Group: In /host0/machines/terrible-tuneup/groups:

   baseline
   useracct-mal
   

   • baseline for essentials, useracct-mal adds the user.
2. Set UUID: In /host0/machines/terrible-tuneup/UUID, use the node’s UUID (e.g., 10eff964) from mesh node info.
3. Apply: Rebuild and reboot:

   mesh system configure
   mesh node ctl -n 10eff964 "reboot"
   

Step 4: Test the User

1. SSH In: Connect to the node:

   mesh node ctl -n 10eff964
   

2. Verify User: Check mal exists:

   grep "^mal:" /etc/passwd
   ls -ld /home/mal
   

   • Should show mal:x:1000:1000... and drwxr-xr-x 1000 1000 /home/mal.
3. Test Login: Switch user:

   su - mal
   

   • Enter mysecret—drops you to /home/mal with /bin/bash.
4. Exit: Back to root, then out:

   exit
   Ctrl+D
   

Notes

This hack appends to /etc/passwd, /group, and /shadow—not atomic, so pick unique UIDs (e.g., 1000) manually across groups to avoid clashes. Create users on the central node first—compile-apkovl fails if UIDs/GIDs don’t exist there. Hashes come from adduser—copy them, don’t guess. Reuse this group (e.g., useracct-mal) on multiple nodes for consistency. For RAID shares needing nobody, see Configuring Samba.

Next, explore Upgrading the System.