Lines Matching refs:this

42    for querying and enumerating records of this type, optionally acquiring them
68 2. Information about default IMAP, SMTP servers to use for this user
70 3. Parental control information to enforce on this user
91 Please note that this specification assumes that JSON numbers may cover the full
93 UINT64_MAX). Please read, write and process user records as defined by this
94 specification only with JSON implementations that provide this number range.
106    the user record). Fields contained in this object are security sensitive,
108    to see, but other users should not. In many ways this matches the data
127    machine ID of the host). Fields included in this section "bind" the object
131    record manager (such as `systemd-homed`). Data in this section is considered
135    calculated on. In `systemd-homed` this section is also removed when the
145    idea is that this section contains information about current runtime
167    `systemd-homed` this section may be included in user records, when creating
204 section — this version is only transferred via IPC and never written to
213 `userName` → The UNIX user name for this record. Takes a string with a valid
224 this). The idea is that the user `lpoetter` in the `redhat.com` realm might be
236 record this field is initialized from GECOS (i.e. the `pw_gecos` field), and
237 vice versa when converting back. That said, unlike GECOS this field is supposed
244 initializes the `$EMAIL` environment variable from this value for all login
254 by geo-location subsystems, but this is not enforced nor required. Example:
259 i.e. the context it is defined in. For regular, "human" users this should be
261 similar) this should be `system`. The `intrinsic` disposition should be used
266 be used for any users outside of these use-cases. Note that this property is
268 disposition of a user automatically from a record even in absence of this
269 field, based on other fields, for example the numeric UID. By setting this
270 field explicitly applications can override this default determination.
285 this user. This corresponds with the `pw_shell` field of `struct passwd`, and
287 terminal log-in this field should not be set.
291 integers are generally written in decimal, hence in this context we denote it
308 will automatically initialize the `$TZ` environment variable from this
315 will automatically initialize the `$LANG` environment variable from this
316 string. The string hence should be in a format compatible with this environment
321 will automatically initialize the login process' nice level to this value with,
336 not log in. If this field is missing it should be assumed to be false,
361 managers are used too. If this is not set, `classic` is the implied default.
365 type this might be implemented differently: for `luks` this is the intended size
366 of the file system and LUKS volume, while for the others this likely translates
387 enforces this by setting the `TasksMax` slice property for the user's slice
413 to associate this user record with. This is generally useful, but particularly
427 storage is used, this refers to the loopback file or block device node to store
428 the LUKS volume on. For `fscrypt`, `directory`, `subvolume` this refers to the
445 `memberOf` → An array of strings, each indicating a UNIX group this user shall
470 storage. If false and `luks` storage is used turns this behavior off. In
471 addition, depending on this setting an `FITRIM` or `fallocate()` operation is
513 rebalancing is turned off for this home area.
515 `service` → A string declaring the service that defines or manages this user
516 record. It is recommended to use reverse domain name notation for this. For
518 used for this.
532 user's password. By default the policy is enforced, but if this field is false
536 auto-login. Systems are supposed to automatically log in a user marked this way
537 during boot, if there's exactly one user on it defined this way.
616 record top-level object, in the `privileged` field. Any data included in this
640 against. Authenticating with a security token against this account shall work
650 in the same order, but this should not be required by applications processing
659 device. During authentication this salt along with the credential ID is sent to
664 hash to test this derived secret key against for authentication. The `up`, `uv`
670 this should not be required by applications processing user records.
700 should be used. Then this array should be iterated in order, and the various
711 The following fields are defined in this section:
715 (i.e. matches `/etc/machine-id`) the fields in this object are honored.
718 the specified hostnames match the system's local hostname, the fields in this
723 These two are the only two fields specific to this section. All other fields
724 that may be used in this section are identical to the equally named ones in the
766 those set via `regular` or `perMachine`, however this might happen if some
797 depending on the selected storage mechanism. For LUKS storage this is the file
799 directory/subvolume/fscrypt storage this is the current disk space used as
808 allotted to the user, in bytes. Depending on the storage mechanism this can mean
810 (or the one in the `perMachine` section), this field reports the current size
829 `service` → A string identifying the service that manages this user record. For
830 example `systemd-homed.service` sets this to `io.systemd.Home` to all user
832 in which `state` lives, see above. Note that this field also exists on the
835 managed by the specified service, and this `status` field if it can
868 attempts in the current rate limiting interval, see above. If this counter
872 `removable` → A boolean value. If true the manager of this user record
890 more cryptographic signatures of the user record. Like all others, this section
914 local login session reality tells us this is not the case. Hence it is
919 encapsulated file system it is essential this trust is established before the
956 be considered a compatibility alias for this field, and merged with `tokenPin`
962 user. If false or unset, authentication this way shall not be attempted.
967 concept behind it. If false or unset authentication this way shall not be
973 "uv" concept behind it. If false or unset authentication this way shall not be
1001 At this time almost all Linux machines employ shadow passwords, thus the
1007 User records following this specifications are supposed to be extendable for
1020   this specification. If they are reasonably universally useful, it would be
1025 The shortest valid user record looks like this:
1033 A reasonable user record for a system user might look like this:
1046 `systemd-homed.service` might look like this:
1106 systems. It would hence look like this: