5.2. User Administration

5.2.1. Creating the Default User

When you first run checksetup.pl after installing Bugzilla, it will prompt you for the administrative username (email address) and password for this "super user". If for some reason you delete the "super user" account, re-running checksetup.pl will again prompt you for this username and password.


If you wish to add more administrative users, you must use the MySQL interface. Run "mysql" from the command line, and use these commands:

mysql> use bugs;
mysql> update profiles set groupset=0x7ffffffffffffff where login_name = "(user's login name)";

Yes, that is fourteen "f" 's. A whole lot of f-ing going on if you want to create a new administator.

5.2.2. Managing Other Users Creating new users

Your users can create their own user accounts by clicking the "New Account" link at the bottom of each page (assuming they aren't logged in as someone else already.) However, should you desire to create user accounts ahead of time, here is how you do it.

  1. After logging in, click the "Users" link at the footer of the query page, and then click "Add a new user".

  2. Fill out the form presented. This page is self-explanatory. When done, click "Submit".


    Adding a user this way will not send an email informing them of their username and password. While useful for creating dummy accounts (watchers which shuttle mail to another system, for instance, or email addresses which are a mailing list), in general it is preferable to log out and use the "New Account" button to create users, as it will pre-populate all the required fields and also notify the user of her account name and password. Modifying Users

To see a specific user, search for their login name in the box provided on the "Edit Users" page. To see all users, leave the box blank.

You can search in different ways the listbox to the right of the text entry box. You can match by case-insensitive substring (the default), regular expression, or a reverse regular expression match, which finds every user name which does NOT match the regular expression. (Please see the man regexp manual page for details on regular expression syntax.)

Once you have found your user, you can change the following fields:

  • Login Name: This is generally the user's full email address. However, if you have are using the emailsuffix Param, this may just be the user's login name. Note that users can now change their login names themselves (to any valid email address.)

  • Real Name: The user's real name. Note that Bugzilla does not require this to create an account.

  • Password: You can change the user's password here. Users can automatically request a new password, so you shouldn't need to do this often. If you want to disable an account, see Disable Text below.

  • Disable Text: If you type anything in this box, including just a space, the user is prevented from logging in, or making any changes to bugs via the web interface. The HTML you type in this box is presented to the user when they attempt to perform these actions, and should explain why the account was disabled.


    Don't disable the administrator account!


    The user can still submit bugs via the e-mail gateway, if you set it up, even if the disabled text field is filled in. The e-mail gateway should not be enabled for secure installations of Bugzilla.

  • <groupname>: If you have created some groups, e.g. "securitysensitive", then checkboxes will appear here to allow you to add users to, or remove them from, these groups.

  • canconfirm: This field is only used if you have enabled the "unconfirmed" status. If you enable this for a user, that user can then move bugs from "Unconfirmed" to a "Confirmed" status (e.g.: "New" status).

  • creategroups: This option will allow a user to create and destroy groups in Bugzilla.

  • editbugs: Unless a user has this bit set, they can only edit those bugs for which they are the assignee or the reporter. Even if this option is unchecked, users can still add comments to bugs.

  • editcomponents: This flag allows a user to create new products and components, as well as modify and destroy those that have no bugs associated with them. If a product or component has bugs associated with it, those bugs must be moved to a different product or component before Bugzilla will allow them to be destroyed.

  • editkeywords: If you use Bugzilla's keyword functionality, enabling this feature allows a user to create and destroy keywords. As always, the keywords for existing bugs containing the keyword the user wishes to destroy must be changed before Bugzilla will allow it to die.

  • editusers: This flag allows a user to do what you're doing right now: edit other users. This will allow those with the right to do so to remove administrator privileges from other users or grant them to themselves. Enable with care.

  • tweakparams: This flag allows a user to change Bugzilla's Params (using editparams.cgi.)

  • <productname>: This allows an administrator to specify the products in which a user can see bugs. The user must still have the "editbugs" privilege to edit bugs in these products.