summaryrefslogtreecommitdiffstats
path: root/xyz/openbmc_project/User/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'xyz/openbmc_project/User/README.md')
-rw-r--r--xyz/openbmc_project/User/README.md52
1 files changed, 52 insertions, 0 deletions
diff --git a/xyz/openbmc_project/User/README.md b/xyz/openbmc_project/User/README.md
new file mode 100644
index 0000000..1ce17e0
--- /dev/null
+++ b/xyz/openbmc_project/User/README.md
@@ -0,0 +1,52 @@
+# User Management
+
+## Overview
+User Manager service exposes D-Bus methods for user management operations.
+
+### User Manager Interface
+User manager interface `xyz.openbmc_project.User.Manager` provides following
+methods, properties and signals.
+
+#### xyz.openbmc_project.User.Manager interface
+##### methods
+* CreateUser - To create new user to the system.
+* RenameUser - To rename existing user to new name in the system.
+
+##### properties
+* AllGroups - To list all the groups supported in the system.
+* AllPrivileges - To list all the privileges supported in the system.
+
+##### signals
+* UserRenamed - Signal sent out when user is renamed in the system.
+
+#### xyz.openbmc_project.User.AccountPolicy interface
+##### properties
+* MaxLoginAttemptBeforeLockout - Permissible attempt before locking out the
+user for failed login attempts.
+* AccountUnlockTimeout - Timeout (in seconds) to unlock the account after a
+lockout.
+* MinPasswordLength - Minimum password length, which can be set.
+* RememberOldPasswordTimes – Number of times old password shouldn’t be allowed
+when updating password for the user.
+
+### Users Interface
+User manager daemon, will create user objects for every user existing
+in the system under object path `/xyz/openbmc_project/user/<user name>`.
+Each user object can be handled through 'org.freedesktop.DBus.ObjectManager'.
+User object will expose following properties and methods.
+
+#### xyz.openbmc_project.User.Attributes interface
+##### properties
+* UserPrivilege - Privilege of the user.
+* UserGroups - Groups to which the user belongs.
+* UserEnabled - User enabled state.
+* UserLockedForFailedAttempt - Locked or unlocked state of the user account.
+
+#### xyz.openbmc_project.Object.Delete
+#### methods
+* Delete - To delete the user object in the system.
+
+##Note
+This interface doesn't provide ways to set / update password. The same must
+be set / updated through pam_chauthtok() (PAM modules). This is to avoid
+sending out password through D-Bus.
OpenPOWER on IntegriCloud