unwanted user at login


On version 10.1, at login, you see actually all the users you've set up as an administrator, including yourself. Two problems:
1. What if I want to log in as a user not created by me but by the system such as root?
2. What if I don't want to show one of the users I set up. For example, I set up mysql database on my computer. I had to create a mysql user for that setup. The user is not meant to correspond to a human being so I don't want a certain "mysql" to log in. Well, mysql exists as one of the users at log in and so how do I make it so that mysql doesn't exist? I already set mysql to have /dev/null as the shell script and /usr/local as the login dir. Anything else I need to change?

If you are refering to what I think you refering to just alter the Mac OS 10.1 login window back to what it was for X. In the Login Preference in System Preferences under log in window tab this can be accomplished. This was one of the first things I changed because I needed the ability to log in as root.
I love 10.1.
Thanks. That worked.

But do you know how to deal with the second question? The user mysql is created by me but I want it not be shown as part of the list of users that can log in, just as "root" and "nobody" are valid users on the unix system but they don't appear on the list of users that can log in at the login screen (though I could log in as root if I want to, but the point is I don't want mysql shown as a loggable user since it's not a human being).

I have the same problem with PostGres which is running as a service and shows as a user. I cannot log in with this account, as I don't what the password is and there is no user directory for it either.
Another one for 10.1.x hopefully soon.
There is no need to "hack" things. If you want to log in as "root" just select "other" in the login pane of System prefs. You can also choose to not show any user names and just have the text field.

As for creating users for system resources like Mysql, DONT USE the user pane in Sytem Prefs. Use Netinfo Manager.

Users created throught the "User" pane have home directories (you dont want/need) and have UID's starting at 500. Users with IDs in the 500s show up in the login pane. It is that simple.

Create a user using Netinfo Manager (But be carfull!!) I used www as a template (select duplicate from the edit menu) and change the user id and name etc.

System resources should have UIDs under 100.

you can also use the netinfo Comand Line Utilities...

% niutil -read . /users/www
name: www
passwd: *
uid: 70
gid: 70
change: 0
expire: 0
realname: World Wide Web Server
home: /Library/WebServer
shell: /dev/null
_writers_passwd: www

so MySql Should look like this

% niutil -read . /users/mysql
name: mysql
passwd: *
uid: 71
gid: 71
change: 0
expire: 0
realname: MySQL Server
home: /dev/null
shell: /dev/null
_writers_passwd: mysql

NetInfo is VERY cool.

Good luck!
Hmm, good to know. But what happens to my mysql user now? I haven't checked, but I am sure that if you are right, its uid is above 500. Can I use NetInfo to just change that uid? Or is it too late because the system has files that register mysql as user of the current uid?

That depends. Im not sure how well OS X handles this, but in Linux (which I am at now since I am at work) if the system assigned a files's owner or group to be the numeric version of the uid or gid then you will have to change them, if on the other hand it did it the smart way and assigned it the textual representation then you should beable to just change the uid and not have to worry about it.

Try doing this:
$ ls -l your_file

If you get output like this:
-rw-r--r-- 1 mysql mysql size date your_file

Then you should be cool, but if instead of saying mysql there it says something like 502, you will need to use root to change the user:group to mysql.

Thanks for the excellent info on creating an account in NetInfo.

However, I have a related problem. I've disabled showing the users so there is now ID and password entry fields, but 10.1 now insists in pre-filling the ID field with one of the userd IDs.

To me this is another security problem and would prefer that the field be initially blank.

How might this be achieved?

Thanks for your time and help in this matter.