Operation status report
Error: the account "..." can't be created because there is already a system account of that name.
What causes this error?You will get this error (rather than an error saying the user, group, or ibay already exists) if:
- You try to create [new user] [new group] or [new ibay] using server-manager
- there is an existing entry in /etc/passwd or /etc/group for [new user] [new group] or [new ibay]
- # db accounts gettype [new user] (or [new group] or [new ibay]) does not return "user" "group" or "ibay"
(be sure to replace [new user] [new group] or [new ibay] with the the actual user, group or ibay account name that you are working on)
What is a "system account"?SME creates many system accounts when installed. These accounts are required for the proper operation of the various packages that constitute "SME Server 7.0 Final" as they are configured by default. These accounts will return "service", "system", or nothing from "db accounts gettype...".
Any account created manually using "useradd" will be a "system account" until you set the account type in the accounts database (see below).
Many non-SME-specific packages use "useradd" and "groupadd" to create user and group accounts - the resulting accounts will be "system accounts" as far as server-manager is concerned.
What "system accounts" exist in SME 7.0 Final by default?The default SME system accounts all have ID numbers below 3000. Here is a list of the accounts on a reasonably virgin SME 7.0 system with ID numbers below 3000:
default system accounts in /etc/group:
=======================================
root bin daemon sys adm tty disk lp mem kmem wheel mail news uucp man floppy games slocate utmp squid mysql gopher rpm ntp dip xfs apache ftp dns lock ldap nut haldaemon vcsa sshd pcap dbus radiusd dovecot nobody users admin www public nofiles qmail clamav dnscache dnslog stunnel qpsmtpd shared imaplog smelog cvmlog spamd smelastsys
default system accounts in /etc/passwd:
=======================================
root bin daemon adm lp mail news uucp operator games gopher ftp squid mysql rpm ntp xfs apache dns ldap nut haldaemon vcsa sshd pcap dbus radiusd dovecot nobody admin www public alias qmaild qmaill qmailp qmailq qmailr qmails clamav dnscache dnslog stunnel qpsmtpd imaplog smelog cvmlog spamd smelastsys
Here is a program that will list
all of the accounts in /etc/passwd and in /etc/group, showing the account type from the accounts db and the User/Group ID:
# awk -F: '{ acct_type= ""; cmd= "db accounts gettype " $1; cmd | getline acct_type ; close (cmd) ; printf "%12s %8s %10s %5s\n", FILENAME ":",acct_type ,$1, $3 } ' /etc/passwd /etc/groupPrint a sorted list of records in /etc/group with IDs below 3000:
# awk -F: ' { if ($3 < 3000) print $1, $3 } ' /etc/group| sort -g -k 2Print a sorted list of records in /etc/passwd with IDs below 3000:
# awk -F: '{ if ($3 < 3000) print $1, $3 } ' /etc/passwd| sort -g -k 2How do I set or change the account type for a "system account"?You can "expose" a system account to server-manager by issuing the following command to change the account "type" in the accounts database:
# db accounts set [account] user(replace [account] with the specific system account name you wish to expose)
How can I get email at "news@..." , "mail@...", etc?See the comment from JonB below - use the pseudonym panel!
What you shouldn't do:First expose the account to server-manager by changing the "account type" (see above).
Once you have done this, you can modify the specified account in server-manager and configure it to forward messages to another account, mailing list, or email address.
Warnings:- The default SME system accounts are highly sensitive; this is why they are not exposed in server-manager by default.
- Creating a password for any system account could significantly reduce the security of your server!
- Avoid changing system accounts if at all possible.
- If you must modify or expose a system account, make as few changes as possible!
9 Replies
8753 Views