Creating a Running User
- For installation as the root user:
After installation as the root user, you must switch to a non-root user for execution. Therefore, you need to create a running user before the installation.
- If the created user is HwHiAiUser, you can directly install the software packages as the HwHiAiUser user. The default installation user is HwHiAiUser.
- If the created user is not HwHiAiUser, you need to specify the running user (by using the --install-username=user name --install-usergroup=user group parameter) when installing the software package.
- For installation as a non-root user:
In this scenario, the installation and running users must be the same.
- If a non-root user exists, you do not need to create one.
- If you want to use a new non-root user, you need to create the user first.To create a non-root user, run the following commands as the root user:
- Create a non-root user.
groupadd usergroup useradd -g usergroup -d /home/username -m username
- Set the password of the non-root user.
passwd username
- Create a non-root user.
- The running user is specified for the driver. It is not supported to specify the running user for the firmware. The running user of the firmware is the same as that of the driver.
- In the preceding command, replace username with the actual username.
- Permission control may pose security risks. Therefore, you are advised to create a running user that does not belong to the root user group.
After the HwHiAiUser user is created, do not disable the login authentication function of the user.
The password validity period is 90 days. You can change the validity period in the /etc/login.defs file or run the chage command to set the validity period. For details, see Setting User Account Validity Period.
Setting User Account Validity Period
Run the chage command to set the validity period of a user account for security purposes.
Command:
chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user
Table 1-5 describes the parameters.
Parameter |
Description |
|---|---|
-m |
Minimum validity period (days) of passwords. The value 0 indicates that the password can be changed at any time. |
-M |
Maximum validity period (days) of passwords. If this parameter is set to -1, this check item is ignored and the user password will not expire. This poses security risks. Therefore, exercise caution when setting this to -1. |
-d |
Date when the password was changed the last time. |
-I |
Maximum idle period (in days) after which the user account will be disabled. After the specified time period has expired, the password will be invalid. |
-E |
Date when the user account expires. The user account is unavailable when the account validity period has expired. |
-W |
Number of days in advance users are notified that their passwords are about to expire. |
-l |
Lists the user name and password validity information. This information helps non-privileged users to determine when to change their passwords. |
- Table 1-5 lists only common parameters. You can run the chage --help command to display detailed parameter description.
- The date is in the format of YYYY-MM-DD. For example, chage -E 2019-12-01 test indicates that user test will expire on December 1, 2019.
- If User is not specified, the default user root will be used.
For example, to change the validity period of the user account test to December 31, 2019, run the following command:
chage -E 2019-12-31 test
