As much as I would like to figure out the problem, at this point too much time has been invested in deleting a stupid key when I already had a solution (the command line creation) that works. I'm going to delete the user and run the commands that I need. It would still be wonderful to have an answer, but I don't think that is going to happen.
I have a network of slaves attached to buildbot, each with a buildbot user account. I'd like their accounts to not have passwords (read: not an empty password). I did this successfully on one of the boxes as a great consequence of remotely creating the user and not setting the password in the procedure.
Two other OSX machines that I set up through the GUI do have passwords, and I'm wondering if there is a way to remove the password without leaving it empty. I looked through a bit of the documentation for
passwd, but they don't have the options I'm looking for. I could set them to be some random string of numbers. Would that be just as effective? Is my description equivalent to having an empty password and locking the account (as in this disscussion for linux)? If so, how do I lock an OSX account?
The second part of my question is in regard to the way that I originally created the users. Below are the commands and they seem to work fine but I wonder if I'm missing some important setting –the buildslave did start and execute jobs though.
sudo dscl . -create /Users/buildbot sudo dscl . -create /Users/buildbot UserShell /bin/bash sudo dscl . -create /Users/buildbot RealName "BuildBot" sudo dscl . -create /Users/buildbot UniqueID <ID> sudo dscl . -create /Users/buildbot PrimaryGroupID 61 sudo dscl . -create /Users/buildbot NFSHomeDirectory /Users/buildbot sudo mkdir /Users/buildbot sudo chown buildbot /Users/buildbot
EDIT: For the machines that already had accounts w/ passwords created through the System Preferences, the commands suggested by Dan Black do not actually delete the Password key,
sudo dscl . -delete /Users/buildbot Password sudo dscl . -read /Users/buildbot Password
The output to the second command is,
Continuing as if the password was deleted, I run
sudo dscl . -create /Users/buildbot Password '*' su buildbot
And the previous password accesses the account. This is on OSX 10.5.8 and 10.6.8.
sudo dscl . -change /Users/buildbot Password 'OLDPASS' '*' su buildbot
This also does not change the password, and OLDPASS can switch users when asked for the password.
Here is the complete key-value pair output for the user i'm having trouble with –created through sys-preferences. To clarify an inconsistency, this machine uses user 'developer' not 'buildbot', but the previous commands were all done the same just with the obvious replacement
Amoy:~ lyn$ sudo dscl . -read /Users/developer dsAttrTypeNative:_writers_hint: developer dsAttrTypeNative:_writers_jpegphoto: developer dsAttrTypeNative:_writers_LinkedIdentity: developer dsAttrTypeNative:_writers_passwd: developer dsAttrTypeNative:_writers_picture: developer dsAttrTypeNative:_writers_realname: developer dsAttrTypeNative:_writers_UserCertificate: developer AppleMetaNodeLocation: /Local/Default AuthenticationAuthority: ;ShadowHash; ;Kerberosv5;;developer@LKDC:SHA1.08FF6FDC52096FD6C53DEDEE75A2F9315F964B22;LKDC:SHA1.08FF6FDC52096FD6C53DEDEE75A2F9315F964B22; AuthenticationHint: developer for auto testing GeneratedUID: BF95A834-A7F1-4DDD-8DFB-6B80B8120CA7 NFSHomeDirectory: /Users/developer Password: ******** Picture: /Library/User Pictures/Fun/Flippers.tif PrimaryGroupID: 20 RealName: Developer RecordName: developer RecordType: dsRecTypeStandard:Users UniqueID: 512 UserShell: /bin/bash