emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

[svn-upgrade] Integrating new upstream version, shadow (19990709)

Browse Source
This commit is contained in:
nekral-guest
2007-10-07 11:44:02 +00:00
parent 9c72ed9062
commit 45c6603cc8
350 changed files with 89554 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
man/Makefile.am Normal file
View File

@@ -0,0 +1,32 @@
AUTOMAKE_OPTIONS = 1.0 foreign
man_MANS = chage.1 chfn.1 chsh.1 gpasswd.1 \
login.1 newgrp.1 passwd.1 su.1 \
shadow.3 \
faillog.5 limits.5 login.access.5 login.defs.5 \
passwd.5 porttime.5 shadow.5 suauth.5 \
chpasswd.8 dpasswd.8 faillog.8 \
groupadd.8 groupdel.8 groupmod.8 \
grpck.8 lastlog.8 logoutd.8 mkpasswd.8 newusers.8 \
pwck.8 pwconv.8 shadowconfig.8 \
useradd.8 userdel.8 usermod.8 vipw.8
# XXX - for some reason "make dist" no longer distributes man_MANS
# automatically after upgrade to automake-1.2 (it worked with 1.0).
# So they are now all listed in EXTRA_DIST. --marekm
#
#EXTRA_DIST = groups.1 id.1 pw_auth.3 pwauth.8 sulogin.8
EXTRA_DIST = groups.1 id.1 pw_auth.3 pwauth.8 sulogin.8 \
chage.1 chfn.1 chsh.1 gpasswd.1 \
login.1 newgrp.1 passwd.1 su.1 \
shadow.3 \
faillog.5 limits.5 login.access.5 login.defs.5 \
passwd.5 porttime.5 shadow.5 suauth.5 \
chpasswd.8 dpasswd.8 faillog.8 \
groupadd.8 groupdel.8 groupmod.8 \
grpck.8 lastlog.8 logoutd.8 mkpasswd.8 newusers.8 \
pwck.8 pwconv.8 shadowconfig.8 \
useradd.8 userdel.8 usermod.8 vipw.8

370
man/Makefile.in Normal file
View File

@@ -0,0 +1,370 @@
# Makefile.in generated automatically by automake 1.3 from Makefile.am
# Copyright (C) 1994, 1995, 1996, 1997, 1998 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
SHELL = /bin/sh
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = @bindir@
sbindir = @sbindir@
libexecdir = @libexecdir@
datadir = @datadir@
sysconfdir = @sysconfdir@
sharedstatedir = @sharedstatedir@
localstatedir = @localstatedir@
libdir = @libdir@
infodir = @infodir@
mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
DISTDIR =
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
top_builddir = ..
ACLOCAL = @ACLOCAL@
AUTOCONF = @AUTOCONF@
AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
transform = @program_transform_name@
NORMAL_INSTALL = :
PRE_INSTALL = :
POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
host_alias = @host_alias@
host_triplet = @host@
CATALOGS = @CATALOGS@
CATOBJEXT = @CATOBJEXT@
CC = @CC@
CPP = @CPP@
DATADIRNAME = @DATADIRNAME@
GENCAT = @GENCAT@
GMOFILES = @GMOFILES@
GMSGFMT = @GMSGFMT@
GT_NO = @GT_NO@
GT_YES = @GT_YES@
INCLUDE_LOCALE_H = @INCLUDE_LOCALE_H@
INSTOBJEXT = @INSTOBJEXT@
INTLDEPS = @INTLDEPS@
INTLLIBS = @INTLLIBS@
INTLOBJS = @INTLOBJS@
LD = @LD@
LIBCRACK = @LIBCRACK@
LIBCRYPT = @LIBCRYPT@
LIBPAM = @LIBPAM@
LIBSKEY = @LIBSKEY@
LIBTCFS = @LIBTCFS@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKINSTALLDIRS = @MKINSTALLDIRS@
MSGFMT = @MSGFMT@
NM = @NM@
PACKAGE = @PACKAGE@
POFILES = @POFILES@
POSUB = @POSUB@
RANLIB = @RANLIB@
U = @U@
USE_INCLUDED_LIBINTL = @USE_INCLUDED_LIBINTL@
USE_NLS = @USE_NLS@
VERSION = @VERSION@
YACC = @YACC@
l = @l@
AUTOMAKE_OPTIONS = 1.0 foreign
man_MANS = chage.1 chfn.1 chsh.1 gpasswd.1 \
login.1 newgrp.1 passwd.1 su.1 \
shadow.3 \
faillog.5 limits.5 login.access.5 login.defs.5 \
passwd.5 porttime.5 shadow.5 suauth.5 \
chpasswd.8 dpasswd.8 faillog.8 \
groupadd.8 groupdel.8 groupmod.8 \
grpck.8 lastlog.8 logoutd.8 mkpasswd.8 newusers.8 \
pwck.8 pwconv.8 shadowconfig.8 \
useradd.8 userdel.8 usermod.8 vipw.8
# XXX - for some reason "make dist" no longer distributes man_MANS
# automatically after upgrade to automake-1.2 (it worked with 1.0).
# So they are now all listed in EXTRA_DIST. --marekm
#
#EXTRA_DIST = groups.1 id.1 pw_auth.3 pwauth.8 sulogin.8
EXTRA_DIST = groups.1 id.1 pw_auth.3 pwauth.8 sulogin.8 \
chage.1 chfn.1 chsh.1 gpasswd.1 \
login.1 newgrp.1 passwd.1 su.1 \
shadow.3 \
faillog.5 limits.5 login.access.5 login.defs.5 \
passwd.5 porttime.5 shadow.5 suauth.5 \
chpasswd.8 dpasswd.8 faillog.8 \
groupadd.8 groupdel.8 groupmod.8 \
grpck.8 lastlog.8 logoutd.8 mkpasswd.8 newusers.8 \
pwck.8 pwconv.8 shadowconfig.8 \
useradd.8 userdel.8 usermod.8 vipw.8
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../config.h
CONFIG_CLEAN_FILES =
man1dir = $(mandir)/man1
man3dir = $(mandir)/man3
man5dir = $(mandir)/man5
man8dir = $(mandir)/man8
MANS = $(man_MANS)
NROFF = nroff
DIST_COMMON = Makefile.am Makefile.in
DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
TAR = tar
GZIP = --best
all: Makefile $(MANS)
.SUFFIXES:
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4)
cd $(top_srcdir) && $(AUTOMAKE) --foreign --include-deps man/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
cd $(top_builddir) \
&& CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
install-man1:
$(mkinstalldirs) $(DESTDIR)$(man1dir)
@list='$(man1_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.1*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst; \
done
uninstall-man1:
@list='$(man1_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.1*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man1dir)/$$inst"; \
rm -f $(DESTDIR)$(man1dir)/$$inst; \
done
install-man3:
$(mkinstalldirs) $(DESTDIR)$(man3dir)
@list='$(man3_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.3*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \
done
uninstall-man3:
@list='$(man3_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.3*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \
rm -f $(DESTDIR)$(man3dir)/$$inst; \
done
install-man5:
$(mkinstalldirs) $(DESTDIR)$(man5dir)
@list='$(man5_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.5*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst; \
done
uninstall-man5:
@list='$(man5_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.5*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man5dir)/$$inst"; \
rm -f $(DESTDIR)$(man5dir)/$$inst; \
done
install-man8:
$(mkinstalldirs) $(DESTDIR)$(man8dir)
@list='$(man8_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \
done
uninstall-man8:
@list='$(man8_MANS)'; \
l2='$(man_MANS)'; for i in $$l2; do \
case "$$i" in \
*.8*) list="$$list $$i" ;; \
esac; \
done; \
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \
rm -f $(DESTDIR)$(man8dir)/$$inst; \
done
install-man: $(MANS)
@$(NORMAL_INSTALL)
$(MAKE) install-man1 install-man3 install-man5 install-man8
uninstall-man:
@$(NORMAL_UNINSTALL)
$(MAKE) uninstall-man1 uninstall-man3 uninstall-man5 uninstall-man8
tags: TAGS
TAGS:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
subdir = man
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
test -f $(distdir)/$$file \
|| ln $$d/$$file $(distdir)/$$file 2> /dev/null \
|| cp -p $$d/$$file $(distdir)/$$file; \
done
info:
dvi:
check: all
$(MAKE)
installcheck:
install-exec:
@$(NORMAL_INSTALL)
install-data: install-man
@$(NORMAL_INSTALL)
install: install-exec install-data all
@:
uninstall: uninstall-man
install-strip:
$(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' INSTALL_SCRIPT='$(INSTALL_PROGRAM)' install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(mandir)/man3 \
$(DESTDIR)$(mandir)/man5 $(DESTDIR)$(mandir)/man8
mostlyclean-generic:
-test -z "$(MOSTLYCLEANFILES)" || rm -f $(MOSTLYCLEANFILES)
clean-generic:
-test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
distclean-generic:
-rm -f Makefile $(DISTCLEANFILES)
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
maintainer-clean-generic:
-test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
mostlyclean: mostlyclean-generic
clean: clean-generic mostlyclean
distclean: distclean-generic clean
-rm -f config.status
-rm -f libtool
maintainer-clean: maintainer-clean-generic distclean
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
.PHONY: install-man1 uninstall-man1 install-man3 uninstall-man3 \
install-man5 uninstall-man5 install-man8 uninstall-man8 install-man \
uninstall-man tags distdir info dvi installcheck install-exec \
install-data install uninstall all installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

109
man/chage.1 Normal file
View File

@@ -0,0 +1,109 @@
.\" Copyright 1990 - 1994 Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: chage.1,v 1.5 1999/03/07 19:14:45 marekm Exp $
.\"
.TH CHAGE 1
.SH NAME
chage \- change user password expiry information
.SH SYNOPSIS
.TP 6
\fBchage\fR
[\fB-m \fImindays\fR] [\fB-M \fImaxdays\fR]
[\fB-d \fIlastday\fR] [\fB-I \fIinactive\fR]
.br
[\fB-E \fIexpiredate\fR] [\fB-W \fIwarndays\fR] \fIuser\fR
.TP 6
\fBchage\fR
\fB-l\fR \fIuser\fR
.SH DESCRIPTION
\fBchage\fR changes the number of days between password changes and the
date of the last password change.
This information is used by the system to determine when a user must
change her password.
The \fBchage\fR command is restricted to the root user, except for the
\fB-l\fR option, which may be used by an unprivileged user to determine
when her password or account is due to expire.
.PP
With the \fB-m\fR option, the value of \fImindays\fR is the minimum number
of days between password changes.
A value of zero for this field indicates that the user may change
her password at any time.
.PP
With the \fB-M\fR option, the value of \fImaxdays\fR is the maximum number
of days during which a password is valid.
When \fImaxdays\fR plus \fIlastday\fR is less than the current day,
the user will be required to change her password before being
able to use her account.
This occurance can be planned for in advance by use of the \fB-W\fR option,
which provides the user with advance warning.
.PP
With the \fB-d\fR option, the value of \fIlastday\fR is the number of days
since January 1st, 1970 when the password was last changed.
The date may also be expressed in the format YYYY-MM-DD (or the format more
commonly used in your area).
.PP
The \fB-E\fR option is used to set a date on which the user's account will
no longer be accessible.
The \fIexpiredate\fR option is the number of days since January 1, 1970 on
which the accounted is locked.
The date may also be expressed in the format YYYY-MM-DD (or the format more
commonly used in your area).
A user whose account is locked must contact the system administrator before
being able to use the system again.
.PP
The \fB-I\fR option is used to set the number of days of inactivity after
a password has expired before the account is locked.
A user whose account is locked must contact the system administrator before
being able to use the system again.
The \fIinactive\fR option is the number of days of inactivity. A value of
0 disables this feature.
.PP
The \fB-W\fR option is used to set the number of days of warning before a
password change is required.
The \fIwarndays\fR option is the number of days prior to the password
expiring that a user will be warned her password is about to expire.
.PP
All of the above values are stored exactly as days when the shadow
password file is used, but are converted to and from weeks when the
standard password file is used.
Because of this conversion, rounding errors may result.
.PP
If none of the options are selected, \fBchage\fR operates in an interactive
fashion, prompting the user with the current values for all of the fields.
Enter the new value to change the field, or leave the line blank to use
the current value.
The current value is displayed between a pair of \fB[ ]\fR marks.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- shadow user account information
.SH SEE ALSO
.BR passwd (5),
.BR shadow (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

66
man/chfn.1 Normal file
View File

@@ -0,0 +1,66 @@
.\" Copyright 1990 - 1994 Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: chfn.1,v 1.4 1998/12/28 20:34:58 marekm Exp $
.\"
.TH CHFN 1
.SH NAME
chfn \- change user name and information
.SH SYNOPSIS
.TP 5
\fBchfn\fR
[\fB-f \fIfull_name\fR] [\fB-r \fIroom_no\fR]
.br
[\fB-w \fIwork_ph\fR] [\fB-h \fIhome_ph\fR] [\fB-o \fIother\fR]
[\fIuser\fR]
.SH DESCRIPTION
\fBchfn\fR changes user fullname, office number, office extension, and home
phone number information for a user's account.
This information is typically printed by \fBfinger\fR(1) and similiar
programs.
A normal user may only change the fields for their own account,
the super user may change the fields for any account.
Also, only the super user may use the \fB-o\fR option to change the
undefined portions of the GCOS field.
.PP
The only restrictions placed on the contents of the fields is that no
control characters may be present, nor any of comma, colon, or equal sign.
The \fIother\fR field does not have this restriction, and is used to
store accounting information used by other applications.
.PP
If none of the options are selected, \fBchfn\fR operates in an interactive
fashion, prompting the user with the current values for all of the fields.
Enter the new value to change the field, or leave the line blank to use
the current value.
The current value is displayed between a pair of \fB[ ]\fR marks.
Without options, chfn prompts for the current user account.
.SH FILES
/etc/passwd \- user account information
.SH SEE ALSO
.BR passwd (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

62
man/chpasswd.8 Normal file
View File

@@ -0,0 +1,62 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: chpasswd.8,v 1.5 1998/12/28 20:34:59 marekm Exp $
.\"
.TH CHPASSWD 8
.SH NAME
\fBchpasswd\fR - update password file in batch
.SH SYNOPSIS
\fBchpasswd [-e]\fR
.SH DESCRIPTION
\fBchpasswd\fR reads a file of user name and password pairs
from standard input and uses this information
to update a group of existing users. Without the -e switch, the
passwords are expected to be cleartext. With the -e switch, the
passwords are expected to be in encrypted form.
Each line is of the format
.sp 1
\fIuser_name\fR:\fIpassword\fR
.sp 1
The named user must exist.
The supplied password will be encrypted as necessary, and the password age
updated, if present.
.PP
This command is intended to be used in a large system environment where
many accounts are created at a single time.
.SH CAVEATS
.\" The \fBmkpasswd\fR command must be executed afterwards to update the
.\" DBM password files.
The input file must be protected if it contains unencrypted passwords.
.\" This command may be discarded in favor of the newusers(8) command.
.SH SEE ALSO
.\" mkpasswd(8), passwd(1), useradd(1)
.BR passwd (1),
.BR useradd (8),
.BR newusers (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

66
man/chsh.1 Normal file
View File

@@ -0,0 +1,66 @@
.\" Copyright 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: chsh.1,v 1.4 1998/12/28 20:35:01 marekm Exp $
.\"
.TH CHSH 1
.SH NAME
chsh \- change login shell
.SH SYNOPSIS
.TP 5
\fBchsh\fR
[\fB-s \fIlogin_shell\fR] [\fIuser\fR]
.SH DESCRIPTION
\fBchsh\fR changes the user login shell.
This determines the name of the user's initial login command.
A normal user may only change the login shell for their own account,
the super user may change the login shell for any account.
.PP
The only restrictions placed on the login shell is that the
command name must be listed in \fI/etc/shells\fR, unless the
invoker is the super-user, and then any value may be added.
An account with a restricted login shell may not change
their login shell.
For this reason, placing \fB/bin/rsh\fR in \fI/etc/shells\fR
is discouraged since accidentally changing to a restricted
shell would prevent the user from every changing their login
shell back to its original value.
.PP
If the \fB-s\fR option is not selected, \fBchsh\fR operates in an interactive
fashion, prompting the user with the current login shell.
Enter the new value to change the field, or leave the line blank to use
the current value.
The current value is displayed between a pair of \fB[ ]\fR marks.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shells \- list of valid login shells
.SH SEE ALSO
.BR chfn (1),
.BR passwd (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

55
man/dpasswd.8 Normal file
View File

@@ -0,0 +1,55 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: dpasswd.8,v 1.4 1998/12/28 20:35:02 marekm Exp $
.\"
.TH DPASSWD 8
.SH NAME
\fBdpasswd\fR - change dialup password
.SH SYNOPSIS
\fBdpasswd\fR
.RB [ - ( a | d )]
\fIshell\fR
.SH DESCRIPTION
\fBdpasswd\fR adds, deletes, and updates dialup passwords for user
login shells.
The dialup password is prompted for after a user's password has been
authenticated whenever the user logs in over a dialup line.
\fBdpasswd\fR will prompt for the new password twice to insure it
has been entered correctly.
.PP
The \fIshell\fR argument must be the complete pathname of the login
program.
.SH FILES
.br
/etc/d_passwd
.br
/etc/dialups
.SH SEE ALSO
.BR login (1)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

59
man/faillog.5 Normal file
View File

@@ -0,0 +1,59 @@
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: faillog.5,v 1.4 1998/12/28 20:35:03 marekm Exp $
.\"
.TH FAILLOG 5
.SH NAME
faillog \- Login failure logging file
.SH DESCRIPTION
.I faillog
maintains a count of login failures and the limits for each account.
The file is fixed length record, indexed by numerical UID.
Each record contains the count of login failures since the last
successful login;
the maximum number of failures before the account is disabled;
the line the last login failure occured on;
and the date the last login failure occured.
.PP
The structure of the file is
.DS
struct faillog {
short fail_cnt;
short fail_max;
char fail_line[12];
time_t fail_time;
};
.DE
.SH FILES
/var/log/faillog \- login failure log
.SH SEE ALSO
.BR faillog (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

100
man/faillog.8 Normal file
View File

@@ -0,0 +1,100 @@
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: faillog.8,v 1.6 1999/07/09 18:02:43 marekm Exp $
.\"
.TH FAILLOG 8
.SH NAME
faillog \- examine faillog and set login failure limits
.SH SYNOPSIS
.TP 8
.B faillog
.RB [ -u
.IR login-name ]
.RB [ -a ]
.RB [ -t
.IR days ]
.RB [ -m
.IR max ]
.RB [ -pr ]
.SH DESCRIPTION
\fBfaillog\fR formats the contents of the failure log,
\fI/var/log/faillog\fR, and maintains failure counts and
limits.
The order of the arguments to \fBfaillog\fR is significant.
Each argument is processed immediately in the order given.
.PP
The \fB-p\fR flag causes failure entries to be printed in UID
order.
Entering \fB-u \fIlogin-name\fR flag will
cause the failure record for \fIlogin-name\fR only to be printed.
Entering \fB-t \fIdays\fR will cause only the
failures more recent than \fIdays\fR to be printed.
The \fB-t\fR flag overrides the use of \fB-u\fR.
The \fB-a\fR flag causes all users to be selected.
When used with the \fB-p\fR flag, this option selects all users
who have ever had a login failure.
It is meaningless with the \fB-r\fR flag.
.PP
The \fB-r\fR flag is used to reset the count of login failures.
Write access to \fI/var/log/faillog\fR is required for
this option.
Entering \fB-u \fIlogin-name\fR will cause only the failure count
for \fIlogin-name\fR to be reset.
.PP
The \fB-m\fR flag is used to set the maximum number of login
failures before the account is disabled.
Write access to \fI/var/log/faillog\fR is required for this
option.
Entering \fB-m \fImax\fR will cause all accounts to be disabled
after \fImax\fR failed logins occur.
This may be modified with \fB-u \fIlogin-name\fR to limit this
function to \fIlogin-name\fR only.
Selecting a \fImax\fR value of 0 has the effect of not placing
a limit on the number of failed logins.
The maximum failure count
should always be 0 for \fBroot\fR to prevent
a denial of services attack against the system.
.PP
Options may be combined in virtually any fashion.
Each \fB-p\fR, \fB-r\fR, and \fB-m\fR option will cause
immediate execution using any \fB-u\fR or \fB-t\fR modifier.
.SH CAVEATS
\fBfaillog\fR only prints out users with no successful login since
the last failure.
To print out a user who has had a successful login since their last
failure, you must explicitly request the user with the \fB-u\fR flag,
or print out all users with the \fB-a\fR flag.
.PP
Some systems may replace /var/log with /var/adm or /usr/adm.
.SH FILES
/var/log/faillog \- failure logging file
.SH SEE ALSO
.BR login (1),
.BR faillog (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

73
man/gpasswd.1 Normal file
View File

@@ -0,0 +1,73 @@
.\" Copyright 1996, Rafal Maszkowski, rzm@pdi.net
.\" All rights reserved. You can redistribute this man page and/or
.\" modify it under the terms of the GNU General Public License as
.\" published by the Free Software Foundation; either version 2 of the
.\" License, or (at your option) any later version.
.\"
.\" $Id: gpasswd.1,v 1.2 1996/09/10 02:45:18 marekm Exp $
.\"
.TH GPASSWD 1
.SH NAME
gpasswd \- administer the /etc/group file
.br
.SH SYNOPSIS
.B gpasswd \fIgroup\fR
.br
.B gpasswd
.B -a
\fIuser\fR \fIgroup\fR
.br
.B gpasswd
.B -d
\fIuser\fR \fIgroup\fR
.br
.B gpasswd
.B -R
\fIgroup\fR
.br
.B gpasswd
.B -r
\fIgroup\fR
.br
.B gpasswd
.RB [ -A
\fIuser\fR,...]
.RB [ -M
\fIuser\fR,...]
\fIgroup\fR
.br
.SH DESCRIPTION
.B gpasswd
is used to administer the /etc/group file (and /etc/gshadow
file if compiled with SHADOWGRP defined). Every group can
have administrators, members and a password. System
administrator can use \fB-A\fR option to define group
administrator(s) and \fB-M\fR option to define members and
has all rights of group administrators and members.
.PP
Group administrator can add and delete users using \fB-a\fR
and \fB-d\fR options respectively. Administrators can use
\fB-r\fR option to remove group password. When no password
is set only group members can use
.BR newgrp (1)
to join the group. Option \fB-R\fR disables
access to the group through
.BR newgrp (1)
command.
.PP
.B gpasswd
called by a group administrator with group name only prompts
for the group password. If password is set the members can still
.BR newgrp (1)
without a password, non-members must supply the password.
.SH FILES
/etc/group \- group information
.br
/etc/gshadow \- shadow group information
.SH SEE ALSO
.BR newgrp (1),
.BR groupadd (8),
.BR groupdel (8),
.BR groupmod (8),
.BR grpck (8)

64
man/groupadd.8 Normal file
View File

@@ -0,0 +1,64 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: groupadd.8,v 1.4 1998/12/28 20:35:05 marekm Exp $
.\"
.TH GROUPADD 8
.SH NAME
groupadd \- Create a new group
.SH SYNOPSIS
.B groupadd
[\fB-g\fI gid \fR[\fB-o\fR]]
.I group
.SH DESCRIPTION
The \fBgroupadd\fR command
creates a new group account using the values specified on the
command line and the default values from the system.
The new group will be entered into the system files as needed.
The options which apply to the \fBgroupadd\fR command are
.IP "\fB-g \fIgid\fR"
The numerical value of the group's ID.
This value must be unique, unless the \fB-o\fR option is used.
The value must be non-negative.
The default is to use the smallest ID value greater than 99 and
greater than every other group.
Values between 0 and 99 are typically reserved for system accounts.
.SH FILES
/etc/group \- group account information
.br
/etc/gshadow \- secure group account information
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR useradd (8),
.BR userdel (8),
.BR usermod (8),
.BR passwd (1),
.BR groupdel (8),
.BR groupmod (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

60
man/groupdel.8 Normal file
View File

@@ -0,0 +1,60 @@
.\" Copyright 1991 - 1993, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: groupdel.8,v 1.4 1998/12/28 20:35:06 marekm Exp $
.\"
.TH GROUPDEL 8
.SH NAME
groupdel \- Delete a group
.SH SYNOPSIS
.B groupdel
.I group
.SH DESCRIPTION
The \fBgroupdel\fR command modifies the system account files, deleting
all entries that refer to \fIgroup\fR.
The named group must exist.
.PP
You must manually check all filesystems to insure that no files remain
with the named group as the file group ID.
.SH CAVEATS
You may not remove the primary group of any existing user.
You must remove the user before you remove the group.
.SH FILES
/etc/group \- group information
.br
/etc/gshadow \- secure group information
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR useradd (8),
.BR userdel (8),
.BR usermod (8),
.BR passwd (1),
.BR groupadd (8),
.BR groupmod (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

66
man/groupmod.8 Normal file
View File

@@ -0,0 +1,66 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: groupmod.8,v 1.4 1998/12/28 20:35:07 marekm Exp $
.\"
.TH GROUPMOD 8
.SH NAME
groupmod \- Modify a group
.SH SYNOPSIS
.B groupmod
[\fB-g\fI gid \fR[\fB-o\fR]]
[\fB-n\fI group_name \fR]
.I group
.SH DESCRIPTION
The \fBgroupmod\fR command modifies the system account files to reflect
the changes that are specified on the command line.
The options which apply to the \fIgroupmod\fR command are
.IP "\fB-g \fIgid\fR"
The numerical value of the group's ID.
This value must be unique, unless the \fB-o\fR option is used.
The value must be non-negative.
Values between 0 and 99 are typically reserved for system groups.
Any files which the old group ID is the file group ID
must have the file group ID changed manually.
.IP "\fB-n \fIgroup_name\fR"
The name of the group will be changed from \fIgroup\fR to
\fIgroup_name\fR.
.SH FILES
/etc/group \- group information
.br
/etc/gshadow \- secure group information
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR useradd (8),
.BR userdel (8),
.BR usermod (8),
.BR passwd (1),
.BR groupadd (8),
.BR groupdel (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

57
man/groups.1 Normal file
View File

@@ -0,0 +1,57 @@
.\" Copyright 1991 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: groups.1,v 1.4 1998/12/28 20:35:08 marekm Exp $
.\"
.TH GROUPS 1
.SH NAME
groups \- Display current group ID names
.SH SYNOPSIS
.B groups
.RI [ user ]
.SH DESCRIPTION
.B groups
displays the current group ID names
or values.
If the value does not have a corresponding entry in
\fI/etc/group\fR, the value will be displayed as the numerical group value.
The optional \fIuser\fR parameter will display the groups for the named
\fIuser\fR.
.SH NOTE
Systems which do not support concurrent group sets will have the information
from \fI/etc/group\fR reported.
The user must use \fBnewgrp\fR or \fBsg\fR to change their current real and
effective group ID.
.SH FILES
/etc/group \- group information
.SH SEE ALSO
.BR newgrp (1),
.BR getuid (2),
.BR getgid (2),
.BR getgroups (2)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

101
man/grpck.8 Normal file
View File

@@ -0,0 +1,101 @@
.\" Copyright 1992 - 1993, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: grpck.8,v 1.4 1998/12/28 20:35:09 marekm Exp $
.\"
.TH GRPCK 1
.SH NAME
grpck \- verify integrity of group files
.SH SYNOPSIS
\fBgrpck\fR [\fB-r\fR] [\fIgroup\fR \fIshadow\fR]
.SH DESCRIPTION
\fBgrpck\fR verifies the integrity of the system authentication information.
All entries in the \fI/etc/group\fR and \fI/etc/gshadow\fR are checked to
see that the entry has the proper format and valid data in each field.
The user is prompted to delete entries that are improperly formatted or
which have other incorrectable errors.
.P
Checks are made to verify that each entry has
.sp
.in +.5i
- the correct number of fields
.br
- a unique group name
.br
- a valid list of members and administrators
.in -.5i
.sp
.P
The checks for correct number of fields and unique group name are fatal.
If the entry has the wrong number of fields, the user will be prompted to
delete the entire line.
If the user does not answer affirmatively, all further checks are bypassed.
An entry with a duplicated group name is prompted for deletion, but the
remaining checks will still be made.
All other errors are warnings and the user is encouraged to run the
\fBgroupmod\fR command to correct the error.
.P
The commands which operate on the \fI/etc/group\fR file are not able to
alter corrupted or duplicated entries.
\fBgrpck\fR should be used in those circumstances to remove the offending
entry.
.SH OPTIONS
By default, \fBgrpck\fR operates on the files \fI/etc/group\fR and
\fI/etc/gshadow\fR.
The user may select alternate files with the \fIgroup\fR and \fIshadow\fR
parameters.
Additionally, the user may execute the command in read-only mode by
specifying the \fB-r\fR flag.
This causes all questions regarding changes to be answered \fBno\fR
without user intervention.
.SH FILES
/etc/group \- group account information
.br
/etc/gshadow \- encrypted passwords and group administrator information
.br
/etc/passwd \- user information
.SH SEE ALSO
.BR groupmod (8),
.BR group (5),
.BR passwd (5),
.BR shadow (5)
.SH DIAGNOSTICS
The \fBgrpck\fR command exits with the following values:
.IP 0 5
Success
.IP 1 5
Syntax Error
.IP 2 5
One or more bad group entries
.IP 3 5
Cannot open group files
.IP 4 5
Cannot lock group files
.IP 5 5
Cannot update group files
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

54
man/id.1 Normal file
View File

@@ -0,0 +1,54 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: id.1,v 1.4 1998/12/28 20:35:10 marekm Exp $
.\"
.TH ID 1
.SH NAME
id \- Display current user and group ID names
.SH SYNOPSIS
.B id
.RB [ -a ]
.SH DESCRIPTION
.B id
displays the current real and effective user and group ID names
or values.
If the value does not have a corresponding entry in \fI/etc/passwd\fR
or \fI/etc/group\fR, the value will be displayed without the corresponding
name.
The optional \fB-a\fR flag will display the group set on systems which
support multiple concurrent group membership.
.SH FILES
/etc/passwd \- user account information
.br
/etc/group \- group information
.SH SEE ALSO
.BR getuid (2),
.BR getgid (2),
.BR getgroups (2)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

63
man/lastlog.8 Normal file
View File

@@ -0,0 +1,63 @@
.\" Copyright 1992, Phillip Street and Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)lastlog.8 3.3 08:24:58 29 Sep 1993 (National Guard Release)
.\" $Id: lastlog.8,v 1.5 1998/12/28 20:35:11 marekm Exp $
.\"
.TH LASTLOG 8
.SH NAME
lastlog \- examine lastlog file
.SH SYNOPSIS
.B lastlog
.RB [ -u
.IR uid ]
.RB [ -t
.IR days ]
.SH DESCRIPTION
\fBlastlog\fR formats and prints the contents of the last login log,
\fI/var/log/lastlog\fR. The \fBlogin-name\fR, \fBport\fR, and \fBlast login
time\fR will be printed.
The default (no flags) causes lastlog entries to be printed in UID
order.
Entering \fB-u \fIlogin-name\fR flag will
cause the lastlog record for \fIlogin-name\fR only to be printed.
Entering \fB-t \fIdays\fR will cause only the
lastlogins more recent than \fIdays\fR to be printed.
The \fB-t\fR flag overrides the use of \fB-u\fR.
.PP
If the user has never logged in the message \fB"**Never logged in**"\fR will
be displayed instead of the port and time.
.SH FILES
/var/log/lastlog \- lastlog logging file
.SH CAVEATS
Large gaps in uid numbers will cause the lastlog program to run longer with
no output to the screen (i.e. if mmdf=800 and last uid=170, program will
appear to hang as it processes uid 171-799).
.SH AUTHORS
Julianne Frances Haugh (jfh@bga.com)
.br
Phillip Street

74
man/limits.5 Normal file
View File

@@ -0,0 +1,74 @@
.TH LIMITS 5
.SH NAME
limits \- Resource limits definition
.SH DESCRIPTION
The
.I limits
file (/etc/limits by default or LIMITS_FILE defined config.h)
describes the resource limits you wish to impose.
It should be owned by root and readable by root account only.
.PP
By default no quotas are imposed on 'root'. In fact, there is no way to impose
limits via this procedure to root-equiv accounts (accounts with UID 0).
.PP
Each line describes a limit for a user in the form:
.sp
.I user LIMITS_STRING
.PP
The \fBLIMITS_STRING\fP is a string of a concatenated list of resource limits.
Each limit consists of a letter identifier followed by a numerical limit.
.PP
The valid identifiers are:
.sp
A: max address space (KB)
.br
C: max core file size (KB)
.br
D: max data size (KB)
.br
F: maximum filesize (KB)
.br
M: max locked-in-memory address space (KB)
.br
N: max number of open files
.br
R: max resident set size (KB)
.br
S: max stack size (KB)
.br
T: max CPU time (MIN)
.br
U: max number of processes
.br
L: max number of logins for this user
.br
P: process priority, set by \fBsetpriority\fR(2).
.PP
For example, \fIL2D2048N5\fP is a valid \fBLIMITS_STRING\fP. For reading convenience,
the following entries are equivalent:
.sp
username L2D2048N5
.br
username L2 D2048 N5
.PP
Be aware that after \fIusername\fP the rest of the line is considered a limit
string, thus comments are not allowed. A invalid limits string will be
rejected (not considered) by the login program.
.PP
The default entry is denoted by username "\fB*\fP". If you have multiple \fIdefault\fP
entries in your \fBLIMITS_FILE\fP, then the last one will be used as the default
entry.
.PP
To completely disable limits for a user, a single dash "\fB-\fP" will do.
.PP
Also, please note that all limit settings are set PER LOGIN. They are
not global, nor are they permanent. Perhaps global limits will come, but
for now this will have to do ;)
.SH FILES
/etc/limits
.SH SEE ALSO
.BR login (1),
.BR setpriority (2),
.BR setrlimit (2)
.SH AUTHOR
Cristian Gafton (gafton@sorosis.ro)

134
man/login.1 Normal file
View File

@@ -0,0 +1,134 @@
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: login.1,v 1.6 1999/06/07 16:40:44 marekm Exp $
.\"
.TH LOGIN 1
.SH NAME
login \- Begin session on the system
.SH SYNOPSIS
.B login
.RI [ username " [" environmental-variables ]]
.\" XXX - document -f -h -p -r options
.SH DESCRIPTION
.B login
is used to establish a new session with the system.
It is normally invoked automatically by responding to the
.I login:
prompt on the user\'s terminal.
.B login
may be special to the shell and may not be invoked as a sub-process.
Typically,
.B login
is treated by the shell as \fBexec login\fR which causes the user
to exit from the current shell.
Attempting to execute \fBlogin\fR from any shell but the login shell
will produce an error message.
.PP
When invoked from the \fIlogin:\fR prompt, the user may enter
environmental variables after the username.
These variables are entered in the form \fBNAME=VALUE\fR.
Not all variables may be set in the fashion, notably \fBPATH\fR,
\fBHOME\fR and \fBSHELL\fR.
Additionally, \fBIFS\fR may be inhibited if the user\'s login
shell is \fB/bin/sh\fR.
.PP
The user is then prompted for a password, where appropriate.
Echoing is disabled to prevent revealing the password.
Only a small number of password failures are permitted before
\fBlogin\fR exits and the communications link is severed.
.PP
If password aging has been enabled for your account, you may be
prompted for a new password before proceeding.
You will be forced to provide your old password and the new
password before continuing.
Please refer to \fBpasswd \fR(1) for more information.
.PP
After a successful login,
you will be informed of any system messages and the presence
of mail.
You may turn off the printing of the system message file,
\fI/etc/motd\fR, by creating a zero-length file \fI.hushlogin\fR
in your login directory.
The mail message will be one of "\fBYou have new mail.\fR",
"\fBYou have mail.\fR", or "\fBNo Mail.\fR" according to
the condition of your mailbox.
.PP
Your user and group ID will be set according to their values in
the \fI/etc/passwd\fR file.
The value for \fB$HOME\fR, \fB$SHELL\fR, \fB$PATH\fR, \fB$LOGNAME\fR,
and \fB$MAIL\fR are set according to the appropriate fields in the
password entry.
Ulimit, umask and nice values may also be set according to
entries in the GECOS field.
.PP
On some installations, the environmental variable \fB$TERM\fR will be
initialize to the terminal type on your tty line, as specified in
\fI/etc/ttytype\fR.
.PP
An initialization script for your command interpreter may also be
executed.
Please see the appropriate manual section for more information on
this function.
.SH CAVEATS
.PP
This version of \fBlogin\fR has many compilation options, only some of which
may be in use at any particular site.
.PP
The location of files is subject to differences in system configuration.
.SH FILES
/etc/utmp \- list of current login sessions
.br
/etc/wtmp \- list of previous login sessions
.br
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted passwords and age information
.br
/etc/motd \- system message file
.br
/etc/nologin \- prevent non-root users from logging in
.br
/etc/ttytype \- list of terminal types
.br
$HOME/.profile \- initialization script for default shell
.br
$HOME/.hushlogin \- suppress printing of system messages
.br
.SH SEE ALSO
.PP
.BR getty (8),
.BR mail (1),
.BR passwd (1),
.BR sh (1),
.BR su (1),
.BR login.defs (5),
.\" .BR d_passwd (5),
.BR passwd (5),
.BR nologin (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

52
man/login.access.5 Normal file
View File

@@ -0,0 +1,52 @@
.\" this is comment
.TH LOGIN.ACCESS 5
.\" .Dt SKEY.ACCESS 5
.\" .Os FreeBSD 1.2
.SH NAME
login.access \- Login access control table
.SH DESCRIPTION
The
.I login.access
file specifies (user, host) combinations and/or (user, tty)
combinations for which a login will be either accepted or refused.
.PP
When someone logs in, the
.I login.access
is scanned for the first entry that
matches the (user, host) combination, or, in case of non-networked
logins, the first entry that matches the (user, tty) combination. The
permissions field of that table entry determines whether the login will
be accepted or refused.
.PP
Each line of the login access control table has three fields separated by a
":" character:
.sp 1
.IR permission : users : origins
.sp 1
The first field should be a "\fB+\fR" (access granted) or "\fB-\fR"
(access denied) character. The second field should be a list of one or
more login names, group names, or
.B ALL
(always matches). The third field should be a list
of one or more tty names (for non-networked logins), host names, domain
names (begin with "\fB.\fR"), host addresses, internet network numbers
(end with "\fB.\fR"),
.B ALL
(always matches) or
.B LOCAL
(matches any string that does not contain a "\fB.\fR" character).
If you run NIS you can use @netgroupname in host or user patterns.
.PP
The
.B EXCEPT
operator makes it possible to write very compact rules.
.PP
The group file is searched only when a name does not match that of the
logged-in user. Only groups are matched in which users are explicitly
listed: the program does not look at a user's primary group id value.
.SH FILES
/etc/login.access
.SH SEE ALSO
.BR login (1)
.SH AUTHOR
Guido van Rooij

563
man/login.defs.5 Normal file
View File

@@ -0,0 +1,563 @@
.\" Copyright 1991 - 1993, Julianne Frances Haugh and Chip Rosenthal
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: login.defs.5,v 1.6 1998/12/28 20:35:13 marekm Exp $
.\"
.TH LOGIN 5
.SH NAME
/etc/login.defs \- Login configuration
.SH DESCRIPTION
The
.I /etc/login.defs
file defines the site-specific configuration for the shadow login
suite. This file is required. Absence of this file will not prevent
system operation, but will probably result in undesirable operation.
.PP
This file is a readable text file, each line of the file describing
one configuration parameter. The lines consist of a configuration
name and value, seperated by whitespace. Blank lines and comment
lines are ignored. Comments are introduced with a `#' pound sign and
the pound sign must be the first non-white character of the line.
.PP
Parameter values may be of four types: strings, booleans, numbers,
and long numbers. A string is comprised of any printable characters.
A boolean should be either the value ``yes'' or ``no''. An undefined
boolean parameter or one with a value other than these will be given
a ``no'' value. Numbers (both regular and long) may be either decimal
values, octal values (precede the value with ``0'') or hexadecimal
values (precede the value with ``0x''). The maximum value of the
regular and long numeric parameters is machine-dependant.
.PP
The following configuration items are provided:
.\"
.IP "CHFN_AUTH (boolean)"
If
.IR yes ,
the
.B chfn
and
.B chsh
programs will ask for password before making any changes, unless
run by the superuser.
.\"
.IP "CHFN_RESTRICT (string)"
This parameter specifies which values in the
.I gecos
field of the
.I passwd
file may be changed by regular users using the
.B chfn
program. It can be any combination of letters
.IR f ,
.IR r ,
.IR w ,
.IR h ,
for Full name, Room number, Work phone, and Home phone, respectively.
If not specified, only the superuser can make any changes.
.\"
.IP "CONSOLE (string)"
If specified, this definition provides for a restricted set of lines
on which root logins will be allowed. An attempted root login which
does not meet the criteria established here will be rejected. The
value of this field may be one of two forms, either a fully-rooted
pathname such as
.sp
.ft I
CONSOLE /etc/consoles
.ft R
.sp
or a colon-delimited list of terminal lines such as:
.sp
.ft I
CONSOLE console:tty01:tty02:tty03:tty04
.ft R
.sp
If a pathname is given, each line of the file should specify one
terminal line. If this parameter is not defined or the specified file
does not exist, then root logins will be allowed from any terminal
line. Because the removal of this file, or its truncation, could
result in unauthorized root logins, this file must be protected.
Where security is critical, the colon-separated form should be used
to prevent this potential method of attack.
.\"
.IP "CONSOLE_GROUPS (string)"
XXX needs to be documented.
.\"
.IP "CRACKLIB_DICTPATH (string)"
XXX needs to be documented.
.\"
.IP "DEFAULT_HOME (boolean)"
XXX needs to be documented.
.\"
.IP "DIALUPS_CHECK_ENAB (boolean)"
If
.I yes
and an
.I /etc/dialups
file exists, then secondary passwords are enabled upon the dialup
lines specified in this file. This file should contain a list of
dialups, one per line, for example:
.nf
.sp
.ft I
ttyfm01
ttyfm02
\0\0.
\0\0.
\0\0.
.ft R
.sp
.fi
.\"
.IP "ENVIRON_FILE (string)"
XXX needs to be documented.
.\"
.IP "ENV_HZ (string)"
This parameter specifies a value for an HZ environment parameter.
Example usage is:
.sp
\fIENV_HZ HZ=50\fR
.sp
If this parameter is not defined then no HZ value will be established.
.\"
.IP "ENV_PATH (string)"
This parameter must be defined as the search path for regular users.
When a login with UID other than zero occurs, the PATH environment
parameter is initialized to this value. This parameter is required;
if undefined a possibly incorrect default value will be provided.
.\"
.IP "ENV_SUPATH (string)"
This parameter must be defined as the search path for the superuser.
When a login with UID zero occurs, the PATH environment parameter is
initialized to this value. This parameter is required; if undefined
a possibly incorrect default value will be provided.
.\"
.IP "ENV_TZ (string)"
This parameter specifies information for generating a TZ environment
parameter. The value must either be the desired contents of TZ, or
the full pathname of a file which contains this information. Example
usage is:
.sp
\fIENV_TZ\0\0\0\0TZ=CST6CDT\fP
.sp
or
.sp
\fIENV_TZ\0\0\0\0/etc/tzname\fP
.sp
If a nonexistent file is named, then TZ will be initialized to some
default value. If this parameter is not defined then no TZ value will
be established.
.\"
.IP "ERASECHAR (number)"
The terminal
.I erase
character is initialized to this value. This is supported only on
systems with the
.I termio
interface, e.g. System V. If not specified, the erase character will
be initialized to a backspace. See KILLCHAR for related information.
.\"
.IP "FAILLOG_ENAB (boolean)"
If
.I yes
then login failures will be accumulated in
.I /var/log/faillog
in a
.BR faillog (8)
format.
.\"
.IP "FAIL_DELAY (number)"
Delay time in seconds after each failed login attempt.
.\"
.IP "FAKE_SHELL (string)"
Instead of the real user shell, the program specified by this
parameter will be launched, although its visible name (argv[0]) will
be the shell's. The program may do whatever it wants (logging,
additional authentification, banner, ...) before running the actual
shell.
.\"
.IP "FTMP_FILE (string)"
This parameter specifies the full pathname to a file to which login
failures are recorded. When a login failure occurs, a
.I utmp
format record will be appended to this file. Note that this differs
from the
.I /var/log/faillog
failure logging in that this facility logs every failure whereas the
``faillog'' facility accumulates failure information per user. If
this parameter is not specified then logging will be inhibited. See
FAILLOG_ENAB and LOG_UNKFAIL_ENAB for related information.
.\"
.IP "GID_MAX (number)"
.IP "GID_MIN (number)"
Range of group IDs to choose from for the
.B groupadd
program.
.\"
.IP "HUSHLOGIN_FILE (string)"
This parameter is used to establish ``hushlogin'' conditions. There
are two possible ways to establish these conditions. First, if the
value of this parameter is a filename and that file exists in the
user's home directory then ``hushlogin'' conditions will be in effect.
The contents of this file are ignored; its mere presence triggers
``hushlogin'' conditions. Second, if the value of this parameter is
a full pathname and either the user's login name or the user's shell
is found in this file, then ``hushlogin'' conditions will be in effect.
In this case, the file should be in a format similar to:
.nf
.sp
.ft I
demo
/usr/lib/uucp/uucico
\0\0.
\0\0.
\0\0.
.ft R
.sp
.fi
If this parameter is not defined, then ``hushlogin'' conditions will
never occur. When ``hushlogin'' conditions are established, the
message of the day, last successful and unsuccessful login display,
mail status display, and password aging checks are suppressed. Note
that allowing hushlogin files in user home directories allows the user
to disable password aging checks. See MOTD_FILE, FAILLOG_ENAB,
LASTLOG_ENAB, and MAIL_CHECK_ENAB for related information.
.\"
.IP "ISSUE_FILE (string)"
Full pathname of the file to display before each login prompt.
.\"
.IP "KILLCHAR (number)"
The terminal
.I kill
character is initialized to this value. This is supported only on
systems with the
.I termio
interface, e.g. System V. If not specified, the kill character will
be initialized to a \s-2CTRL/U\s0.
See ERASECHAR for related information.
.\"
.IP "LASTLOG_ENAB (boolean)"
If
.IR yes ,
and if the
.I /var/log/lastlog
file exists, then a successful user login will be recorded to this
file. Furthermore, if this option is enabled then the times of the
most recent successful and unsuccessful logins will be displayed to
the user upon login. The unsuccessful login display will be suppressed
if FAILLOG_ENAB is not enabled. If ``hushlogin'' conditions are in
effect, then both the successful and unsuccessful login information
will be suppressed.
.\"
.IP "LOGIN_RETRIES (number)"
Number of login attempts allowed before the
.B login
program exits.
.\"
.IP "LOGIN_STRING (string)"
XXX needs to be documented.
.IP "LOGIN_TIMEOUT (number)"
XXX needs to be documented.
.IP "LOG_OK_LOGINS (boolean)"
XXX needs to be documented.
.IP "LOG_UNKFAIL_ENAB (boolean)"
If
.I yes
then unknown usernames will be included when a login failure is
recorded. Note that this is a potential security risk; a common login
failure mode is transposition of the user name and password, thus this
mode will often cause passwords to accumulate in the failure logs.
If this option is disabled then unknown usernames will be suppressed
in login failure messages.
.\"
.IP "MAIL_CHECK_ENAB (boolean)"
If
.IR yes ,
the user will be notified of his or her mailbox status upon login.
See MAIL_DIR for related information.
.\"
.IP "MAIL_DIR (string)"
This parameter specifies the full pathname to the directory which
contains the user mailbox files. The user's login name is appended
to this path to form the MAIL environment parameter \- the path to
the user's mailbox. Either this parameter or MAIL_FILE must be defined;
if undefined some possibly incorrect default value will be assumed.
See MAIL_CHECK_ENAB for related information.
.\"
.IP "MAIL_FILE (string)"
This parameter specifies the name of the user's mailbox file. This
name is appended to the name of the user's home directory to form the
MAIL environment parameter \- the path to the user's mailbox. Either
this parameter or MAIL_DIR must be defined; if undefined some possibly
incorrect default value will be assumed. See MAIL_CHECK_ENAB for
related information.
.\"
.IP "MD5_CRYPT_ENAB (boolean)"
If
.IR yes ,
the
.B passwd
program will encrypt newly changed passwords using a new MD5-based
.BR crypt (3)
password hashing algorithm, which originally appeared in FreeBSD, and
is also supported by libc-5.4.38 and glibc-2.0 (or higher) on Linux.
This algorithm allows passwords longer than 8 characters (limited by
.BR getpass (3)
to 127 characters), but is incompatible with traditional
.BR crypt (3)
implementations.
.\"
.IP "MOTD_FILE (string)"
This parameter specifies a colon-delimited list of pathnames to ``message
of the day'' files.
If a specified file exists, then its contents are displayed to the user
upon login.
If this parameter is not defined or ``hushlogin'' login conditions are
in effect, this information will be suppressed.
.\"
.IP "NOLOGINS_FILE (string)"
This parameter specifies the full pathname to a file which inhibits
non-root logins. If this file exists and a user other than root
attempts to log in, the contents of the file will be displayed and
the user will be disconnected. If this parameter is not specified
then this feature will be inhibited.
.\"
.IP "NOLOGIN_STR (string)"
XXX needs to be documented.
.\"
.IP "OBSCURE_CHECKS_ENAB (boolean)"
If
.IR yes ,
the
.B passwd
program will perform additional checks before accepting a password change.
The checks performed are fairly simple, and their use is recommended.
These obscurity checks are bypassed if
.B passwd
is run by
.IR root .
See PASS_MIN_LEN for related information.
.\"
.IP "PASS_ALWAYS_WARN (boolean)"
XXX needs to be documented.
.\"
.IP "PASS_CHANGE_TRIES (number)"
XXX needs to be documented.
.\"
.IP "PASS_MIN_DAYS (number)"
The minimum number of days allowed between password changes. Any password
changes attempted sooner than this will be rejected. If not specified, a
zero value will be assumed.
.\"
.IP "PASS_MIN_LEN (number)"
The minimum number of characters in an acceptable password. An attempt to
assign a password with fewer characters will be rejected. A zero value
suppresses this check. If not specified, a zero value will be assumed.
.\"
.IP "PASS_MAX_DAYS (number)"
The maximum number of days a password may be used. If the password is
older than this, then the account will be locked. If not specified,
a large value will be assumed.
.\"
.IP "PASS_MAX_LEN (number)"
XXX needs to be documented.
.\"
.IP "PASS_WARN_AGE (number)"
The number of days warning given before a password expires. A zero means
warning is given only upon the day of expiration, a negative value means
no warning is given. If not specified, no warning will be provided.
.\"
.IP "PORTTIME_CHECKS_ENAB (boolean)"
If
.I yes
and an
.I /etc/porttime
file exists, that file will be consulted to ensure the user may login
at this time on the given line.
c.f.
.BR porttime (5)
.\"
.IP "QMAIL_DIR (string)"
For Qmail users, this parameter specifies a directory where a Maildir
hierarchy is stored.
See MAIL_CHECK_ENAB for related information.
.\"
.IP "QUOTAS_ENAB (boolean)"
If
.I yes ,
then the user's ``ulimit,'' ``umask,'' and ``niceness'' will be
initialized to the values if specified in the
.I gecos
field of the
.I passwd
file.
c.f.
.BR passwd (5).
.\"
.IP "SU_NAME (string)"
This parameter assigns a command name when ``su -'' is run. For
example, if the parameter is defined as ``su'', then a
.BR ps (1)
listing would show the command running as ``-su''. If this parameter
is undefined, then a
.BR ps (1)
listing would show the name of the actual shell being run, e.g.
something like ``-sh''.
.\"
.IP "SULOG_FILE (string)"
This parameter specifies a full pathname of a file in which
.B su
activity is logged.
If this parameter is not specified, the logging is suppressed.
Because the
.B su
command may be used when attempting to authenticate a password,
either this option, or
.I syslog
should be used to note
.B su
activity. See the SYSLOG_SU_ENAB option for related information.
.\"
.IP "SU_WHEEL_ONLY (boolean)"
XXX needs to be documented.
.\"
.IP "SYSLOG_SG_ENAB (boolean)"
XXX needs to be documented.
.\"
.IP "SYSLOG_SU_ENAB (boolean)"
If
.I yes
and
.B login
was compiled with
.I syslog
support, then all
.B su
activity will be noted through the
.I syslog
facility.
See SULOG_FILE for related information.
.\"
.IP "TTYGROUP (string or number)"
The group ownership of the terminal is initialized to this group
name or number. One well-known security attack involves forcing terminal
control sequences upon another user's terminal line. This problem
can be averted by disabling permissions which allow other users to
access the terminal line, but this unfortunately prevents programs
such as
.B write
from operating. Another solution is to use a version of the
.B write
program which filters out potentially dangerous character sequences,
make this program ``setgid'' to a special group, assign group ownership
of the terminal line to this special group, and assign permissions of
\fI0620\fR to the terminal line. The TTYGROUP definition has been
provided for just this situation. If this item is not defined, then
the group ownership of the terminal is initialized to the user's group
number. See TTYPERMS for related information.
.\"
.IP "TTYPERM (number)"
The login terminal permissions are initialized to this value. Typical
values will be \fI0622\fR to permit others write access to the line
or \fI0600\fR to secure the line from other users. If not specified,
the terminal permissions will be initialized to \fI0622\fR. See
TTYGROUP for related information.
.\"
.IP "TTYTYPE_FILE (string)"
This parameter specifies the full pathname to a file which maps terminal
lines to terminal types. Each line of the file contains a terminal
type and a terminal line, seperated by whitespace, for example:
.nf
.sp
.ft I
vt100\0 tty01
wyse60 tty02
\0\0.\0\0\0 \0\0.
\0\0.\0\0\0 \0\0.
\0\0.\0\0\0 \0\0.
.ft R
.sp
.fi
This information is used to initialize the TERM environment parameter.
A line starting with a ``#'' pound sign will be treated as a comment.
If this paramter is not specified, the file does not exist, or the terminal
line is not found in the file, then the TERM environment parameter will not
be set.
.\"
.IP "UID_MAX (number)"
XXX needs to be documented.
.IP "UID_MIN (number)"
XXX needs to be documented.
.\"
.IP "ULIMIT (long number)"
The file size limit is initialized to this value. This is supported
only on systems with a
.IR ulimit ,
e.g. System V. If not specified, the file size limit will be initialized
to some large value.
.\"
.IP "UMASK (number)"
The permission mask is initialized to this value. If not specified,
the permission mask will be initialized to zero.
.\"
.IP "USERDEL_CMD (string)"
XXX needs to be documented.
.\"
.SH CROSS REFERENCE
The following cross reference shows which programs in the shadow login
suite use which parameters.
.na
.IP login 12
CONSOLE DIALUPS_CHECK_ENAB ENV_HZ ENV_SUPATH ENV_TZ ERASECHAR FAILLOG_ENAB
FTMP_FILE HUSHLOGIN_FILE KILLCHAR LASTLOG_ENAB LOG_UNKFAIL_ENAB
MAIL_CHECK_ENAB MAIL_DIR MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
QUOTAS_ENAB TTYPERM TTYTYPE_FILE ULIMIT UMASK
.IP newusers 12
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK
.IP passwd 12
OBSCURE_CHECKS_ENAB PASS_MIN_LEN
.IP pwconv 12
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
.IP su 12
ENV_HZ ENV_SUPATH ENV_TZ HUSHLOGIN_FILE MAIL_CHECK_ENAB MAIL_DIR
MOTD_FILE NOLOGIN_STR QUOTAS_ENAB SULOG_FILE SYSLOG_SU_ENAB
.IP sulogin 12
ENV_HZ ENV_SUPATH ENV_TZ MAIL_DIR QUOTAS_ENAB TTYPERM
.ad
.SH BUGS
Some of the supported configuration parameters are not documented in this
manual page.
.SH SEE ALSO
.BR login (1),
.BR passwd (5),
.BR faillog (5),
.BR porttime (5),
.BR faillog (8)
.SH AUTHORS
Julianne Frances Haugh (jfh@bga.com)
.br
Chip Rosenthal (chip@unicom.com)

51
man/logoutd.8 Normal file
View File

@@ -0,0 +1,51 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: logoutd.8,v 1.4 1998/12/28 20:35:14 marekm Exp $
.\"
.TH LOGOUTD 8
.SH NAME
logoutd \- Enforce login time restrictions
.SH SYNOPSIS
.B logoutd
.SH DESCRIPTION
.B logoutd
enforces the login time and port restrictions specified in
.IR /etc/porttime .
.B logoutd
should be started from \fI/etc/rc\fR.
The \fI/etc/utmp\fR file is scanned periodically and each user name
is checked to see if the named user is permitted on the named port
at the current time.
Any login session which is violating the restrictions in \fI/etc/porttime\fR
is terminated.
.SH FILES
/etc/porttime \- login and port permissions
.br
/etc/utmp \- current login sessions
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

81
man/mkpasswd.8 Normal file
View File

@@ -0,0 +1,81 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: mkpasswd.8,v 1.4 1998/12/28 20:35:15 marekm Exp $
.\"
.TH MKPASSWD 1
.SH NAME
mkpasswd \- Update passwd and group database files
.SH SYNOPSIS
\fBmkpasswd\fR [\fB-fvgps\fR] \fIfile\fR
.SH DESCRIPTION
.B mkpasswd
reads the file in the format given by the flags and converts it to the
corresponding database file format.
These database files are used to improve access performance on systems
with large numbers of users.
The output files will be named \fIfile\fR.dir and \fIfile\fR.pag.
.PP
The \fB-f\fR option causes \fBmkpasswd\fR to ignore any existing output
files and overwrite them.
Normally \fBmkpasswd\fR complains about existing output files and quits.
.PP
The \fB-v\fR option causes \fBmkpasswd\fR to output information about
each record as it is converted, with a final message at the very end.
.PP
The \fB-g\fR option treats the input file as though it were in
\fI/etc/group\fR file format.
When combined with the \fB-s\fR option, the \fI/etc/gshadow\fR file
format is used instead.
.PP
The \fB-p\fR option treats the input file as though it were in
\fI/etc/passwd\fR file format.
This is the default.
When combined with the \fB-s\fR option, the \fI/etc/shadow\fR file
format is used instead.
.SH CAVEATS
The use of more than one database file is limited to systems which
include the NDBM database library and therefore may not be available
on every system.
.SH NOTE
Since most commands are capable of updating the database files as
changes are made, this command need only be used when re-creating a
deleted or corrupted database file.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- shadow user information
.br
/etc/group \- group information
.br
/etc/gshadow \- shadow group information
.SH SEE ALSO
.BR passwd (5),
.BR group (5),
.BR shadow (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

80
man/newgrp.1 Normal file
View File

@@ -0,0 +1,80 @@
.\" Copyright 1991, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: newgrp.1,v 1.4 1998/12/28 20:35:16 marekm Exp $
.\"
.TH NEWGRP 1
.SH NAME
newgrp \- Change group ID
.br
sg \- Execute command as different group ID
.SH SYNOPSIS
.BR newgrp " [" - ]
[\fIgroup\fR]
.br
.BR sg " [" - ]
[\fIgroup\fR [\fB-c\fR \fIcommand\fR]]
.SH DESCRIPTION
.B newgrp
is used to change the current group ID during a login session.
If the optional \fB\-\fR flag is given, the user's environment
will be reinitialized as though the user had logged in, otherwise
the current environment, including current working directory,
remains unchanged.
.PP
.B newgrp
changes the current real group ID to the named group, or to
the default group listed in \fI/etc/passwd\fR if no group name
is given.
The user will be prompted for a password if they do not have a
password and the group does, or if the user is not listed as a
member and the group has a password.
The user will be denied access if the group password is empty
and the user is not listed as a member.
.PP
The
.B sg
command works similiar to \fBnewgrp\fR but does not replace the
user's shell, so upon exit from a \fBsg\fR command, you are
returned to your previous group ID.
.B sg
also accepts a command.
The command will be executed with the Bourne shell and must be
enclosed in quotes.
.SH CAVEATS
This version of \fBnewgrp\fR has many compilation options,
only some of which may be in use at any particular site.
.SH FILES
/etc/passwd \- user account information
.br
/etc/group \- group information
.SH SEE ALSO
.BR login (1),
.BR id (1),
.BR su (1)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

68
man/newusers.8 Normal file
View File

@@ -0,0 +1,68 @@
.\" Copyright 1991 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: newusers.8,v 1.4 1998/12/28 20:35:17 marekm Exp $
.\"
.TH NEWUSERS 8
.SH NAME
\fBnewusers\fR - update and create new users in batch
.SH SYNOPSIS
\fBnewusers\fR [\fI new_users \fR]
.SH DESCRIPTION
\fBnewusers\fR reads a file of user name and cleartext password pairs
and uses this information to update a group of existing users or to
create new users.
Each line is in the same format as the standard password file (see
\fBpasswd\fR(5)) with the following exceptions.
.IP "\fIpw_passwd\fR" 10
This field will be encrypted and used as the new value
of the encrpted password.
.IP "\fIpw_age\fR"
This field will be ignored for shadow passwords if the user already
exists.
.IP "\fIpw_gid\fR"
This field may be the name of an existing group, in which case the
named user will be added as a member. If a non-existent numerical
group is given, a new group will be created having this number.
.IP "\fIpw_dir\fR"
This field will be checked for existence as a directory and a new
directory with the same name will be created if it does not already exist.
The ownership of the directory will be set to be that of the user
being created or updated.
.PP
This command is intended to be used in a large system environment where
many accounts are updated at a single time.
.SH CAVEATS
.\" The \fImkpasswd\fR command must be executed afterwards to update the
.\" DBM password files.
The input file must be protected since it contains unencrypted passwords.
.SH SEE ALSO
.\" mkpasswd(8), passwd(1), useradd(1)
.BR passwd (1),
.BR useradd (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

190
man/passwd.1 Normal file
View File

@@ -0,0 +1,190 @@
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: passwd.1,v 1.4 1998/12/28 20:35:18 marekm Exp $
.\"
.TH PASSWD 1
.SH NAME
passwd \- change user password
.SH SYNOPSIS
\fBpasswd\fR [\fB-f\fR|\fB-s\fR] [\fIname\fR]
.br
\fBpasswd\fR [\fB-g\fR] [\fB-r\fR|\fBR\fR] \fIgroup\fR
.br
\fBpasswd\fR [\fB-x\fR \fImax\fR] [\fB-n\fR \fImin\fR]
[\fB-w\fR \fIwarn\fR] [\fB-i\fR \fIinact\fR] \fIname\fR
.br
\fBpasswd\fR {\fB-l\fR|\fB-u\fR|\fB-d\fR|\fB-S\fR} \fIname\fR
.SH DESCRIPTION
\fBpasswd\fR changes passwords for user and group accounts.
A normal user may only change the password for their own account,
the super user may change the password for any account.
The administrator of a group may change the password for the group.
\fBpasswd\fR also changes account information, such as the full name
of the user, their login shell, or password expiry dates and intervals.
.SS Password Changes
The user is first prompted for their old password,
if one is present.
This password is then encrypted and compared against the
stored password.
The user has only one chance to enter the correct password.
The super user is permitted to bypass this step so that forgotten
passwords may be changed.
.PP
After the password has been entered, password aging information
is checked to see if the user is permitted to change their password
at this time.
If not, \fBpasswd\fR refuses to change the password and exits.
.PP
The user is then prompted for a replacement password.
This password is tested for complexity.
As a general guideline,
passwords should consist of 6 to 8 characters including
one or more from each of following sets:
.IP "" .5i
Lower case alphabetics
.IP "" .5i
Upper case alphabetics
.IP "" .5i
Digits 0 thru 9
.IP "" .5i
Punctuation marks
.PP
Care must be taken not to include the system default erase
or kill characters.
\fBpasswd\fR will reject any password which is not suitably
complex.
.PP
If the password is accepted,
\fBpasswd\fR will prompt again and compare the second entry
against the first.
Both entries are require to match in order for the password
to be changed.
.SS Group passwords
When the \fB-g\fR option is used, the password for the named
group is changed.
The user must either be the super user, or a group administrator
for the named group.
The current group password is not prompted for.
The \fB-r\fR option is used with the \fB-g\fR option to remove
the current password from the named group.
This allows group access to all members.
The \fB-R\fR option is used with the \fB-g\fR option to restrict
the named group for all users.
.SS Password expiry information
The password aging information may be changed by the super
user with the \fB-x\fR, \fB-n\fR, \fB-w\fR, and \fB-i\fR options.
The \fB-x\fR option is used to set the maximum number of days
a password remains valid.
After \fImax\fR days, the password is required to be changed.
The \fB-n\fR option is used to set the minimum number of days
before a password may be changed.
The user will not be permitted to change the password until
\fImin\fR days have elapsed.
The \fB-w\fR option is used to set the number of days of warning
the user will receive before their password will expire.
The warning occurs \fIwarn\fR days before the expiration, telling
the user how many days until the password is set to expire.
The \fB-i\fR option is used to disable an account after the
password has been expired for a number of days.
After a user account has had an expired password for \fIinact\fR
days, the user may no longer sign on to the account.
.SS Account maintenance
User accounts may be locked and unlocked with the \fB-l\fR and
\fB-u\fR flags.
The \fB-l\fR option disables an account by changing the password to a
value which matches no possible encrypted value.
The \fB-u\fR option re-enables an account by changing the password
back to its previous value.
.PP
The account status may be given with the \fB-S\fR option.
The status information consists of 6 parts.
The first part indicates if the user account is locked (L), has no
password (NP), or has a usable password (P).
The second part gives the date of the last password change.
The next four parts are the minimum age, maximum age, warning period,
and inactivity period for the password.
.SS Hints for user passwords
The security of a password depends upon the strength of the
encryption algorithm and the size of the key space.
The \fB\s-2UNIX\s+2\fR System encryption method is based on
the NBS DES algorithm and is very secure.
The size of the key space depends upon the randomness of the
password which is selected.
.PP
Compromises in password security normally result from careless
password selection or handling.
For this reason, you should select a password which does not
appear in a dictionary or which must be written down.
The password should also not be a proper name, your license
number, birth date, or street address.
Any of these may be used as guesses to violate system security.
.PP
Your password must easily remembered so that you will not
be forced to write it on a piece of paper.
This can be accomplished by appending two small words together
and separating each with a special character or digit.
For example, Pass%word.
.PP
Other methods of construction involve selecting an easily
remembered phrase from literature and selecting the first
or last letter from each.
An example of this is
.IP "" .5i
Ask not for whom the bell tolls.
.PP
which produces
.IP "" .5i
An4wtbt.
.PP
You may be reasonably sure few crackers will have
included this in their dictionary.
You should, however, select your own methods for constructing
passwords and not rely exclusively on the methods given here.
.SS Notes about group passwords
Group passwords are an inherent security problem since more
than one person is permitted to know the password.
However, groups are a useful tool for permitting co-operation
between different users.
.SH CAVEATS
Not all options may be supported.
Password complexity checking may vary from site to site.
The user is urged to select as complex a password as they
feel comfortable with.
User's may not be able to change their password on a system if NIS
is enabled and they are not logged into the NIS server.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted user passwords
.SH SEE ALSO
.BR passwd (3),
.BR shadow (3),
.BR group (5),
.BR passwd (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

111
man/passwd.5 Normal file
View File

@@ -0,0 +1,111 @@
.\" Copyright 1989 - 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: passwd.5,v 1.4 1998/12/28 20:35:19 marekm Exp $
.\"
.TH PASSWD 5
.SH NAME
passwd \- The password file
.SH DESCRIPTION
.I passwd
contains various pieces of information for each user account.
Included is
.IP "" .5i
Login name
.IP "" .5i
Optional encrypted password
.IP "" .5i
Numerical user ID
.IP "" .5i
Numerical group ID
.IP "" .5i
User name or comment field
.IP "" .5i
User home directory
.IP "" .5i
User command interpreter
.PP
The password field may not be filled if shadow passwords
have been enabled.
If shadow passwords are being used, the encrypted password will
be found in \fI/etc/shadow\fR.
The encryped password consists of 13 characters from the
64 character alphabet
a thru z, A thru Z, 0 thru 9, \. and /.
Refer to \fBcrypt\fR(3) for details on how this string is
interpreted.
.PP
An optional password age string may follow the encrypted
password, separated by a comma, from the same alphabet
as the password itself.
The first character gives the number of weeks during which the
password is valid.
The second character gives the number of weeks which must pass
before the user is permitted to change the password.
The last two characters give the week since Jan 1970 when the
password was last changed.
When the number of weeks during which the password is valid
have passed, the user will be required to provide a new
password.
.PP
The comment field is used by various system utilities, such as
\fBfinger\fR(1).
Three additional values may be present in the comment field.
They are
.IP "" .5i
pri= \- set initial value of nice
.IP "" .5i
umask= \- set initial value of umask
.IP "" .5i
ulimit= \- set initial value of ulimit
.PP
These fields are separated from each other and from any other
comment field by a comma.
.PP
The home directory field provides the name of the initial
working directory.
\fBLogin\fR uses this information to set the value of
the \fBHOME\fR environmental variable.
.PP
The command interpreter field provides the name of the user's
command language interpreter, or the name of the initial program
to execute.
\fBLogin\fR uses this information to set the value of the
\fBSHELL\fR environmental variable.
If this field is empty, it defaults to the value \fB/bin/sh\fR.
.SH FILES
/etc/passwd \- user account information
.SH SEE ALSO
.BR login (1),
.BR passwd (1),
.BR su (1),
.BR sulogin (8),
.BR shadow (5),
.BR pwconv (8),
.BR pwunconv (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

84
man/porttime.5 Normal file
View File

@@ -0,0 +1,84 @@
.\" Copyright 1989 - 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: porttime.5,v 1.4 1998/12/28 20:35:20 marekm Exp $
.\"
.TH PORTTIME 5
.SH NAME
porttime \- port access time file
.SH DESCRIPTION
.I porttime
contains a list of tty devices, user names, and permitted login times.
.PP
Each entry consists of three colon separated fields.
The first field is a comma separated list of tty devices,
or an asterisk to indicate that all tty devices are matched by this entry.
The second field is a comma separated list of user names, or an
asterisk to indicated that all user names are matched by this entry.
The third field is a comma separated list of permitted access times.
.PP
Each access time entry consists of zero or more days of the week,
abbreviated \fBSu\fR, \fBMo\fR, \fBTu\fR, \fBWe\fR, \fBTh\fR,
\fBFr\fR, and \fBSa\fR, followed by a pair of times separated by
a hyphen.
The abbreviation \fBWk\fR may be used to represent Monday thru Friday,
and \fBAl\fR may be used to indicate every day.
If no days are given, \fBAl\fR is assumed.
.SH EXAMPLES
The following entry allows access to user \fBjfh\fR on every port
during weekdays from 9am to 5pm.
.br
.sp 1
*:jfh:Wk0900-1700
.br
.sp 1
The following entries allow access only to the users \fBroot\fR and
\fBoper\fR on /dev/console at any time.
This illustrates how the
\fI/etc/porttime\fR file is an ordered list of access times.
Any other user would match the second entry which does not permit
access at any time.
.br
.sp 1
console:root,oper:Al0000-2400
.br
console:*:
.br
.sp 1
The following entry allows access for the user \fBgames\fR on any
port during non-working hours.
.br
.sp 1
*:games:Wk1700-0900,SaSu0000-2400
.br
.sp 1
.SH FILES
/etc/porttime \- file containing port access times
.SH SEE ALSO
.BR login (1)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

159
man/pw_auth.3 Normal file
View File

@@ -0,0 +1,159 @@
.\" Copyright 1992 - 1993, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: pw_auth.3,v 1.4 1998/12/28 20:35:21 marekm Exp $
.\"
.TH PWAUTH 3
.SH NAME
pwauth \- administrator defined password authentication routines
.SH SYNTAX
.B #include <pwauth.h>
.PP
.B int pw_auth (char
.I *command,
.B char
.I *user,
.B int
.I reason,
.B char
.IB *input) ;
.SH DESCRIPTION
.B pw_auth
invokes the administrator defined functions for a given user.
.PP
\fIcommand\fR is the name of the authentication program.
It is retrieved from the user's password file information.
The string contains one or more executable file names, delimited by
semi-colons.
Each program will be executed in the order given.
The command line arguments are given for each of the reasons listed
below.
.PP
\fIuser\fR is the name of the user to be authenticated, as given
in the \fI/etc/passwd\fR file.
User entries are indexed by username.
This allows non-unique user IDs to be present and for each different
username associated with that user ID to have a different
authentication program and information.
.PP
Each of the permissible authentication reasons is handled in a
potentially differenent manner.
Unless otherwise mentioned, the standard file descriptors 0, 1, and
2 are available for communicating with the user.
The real user ID may be used to determine the identity of the user
making the authentication request.
\fIreason\fR is one of
.IP \fBPW_SU\fR 1i
Perform authentication for the current real user ID attempting to
switch real user ID to the named user.
The authentication program will be invoked with a \fB-s\fR option, followed
by the username.
.IP \fBPW_LOGIN\fR 1i
Perform authentication for the named user creating a new login session.
The authentication program will be invoked with a \fB-l\fR option, followed
by the username.
.IP \fBPW_ADD\fR 1i
Create a new entry for the named user.
This allows an authentication program to initialize storage for a new
user.
The authentication program will be invoked with a \fB-a\fR option, followed
by the username.
.IP \fBPW_CHANGE\fR 1i
Alter an existing entry for the named user.
This allows an authentication program to alter the authentication
information for an existing user.
The authentication program will be invoked with a \fB-c\fR option, followed
by the username.
.IP \fBPW_DELETE\fR 1i
Delete authentication information for the named user.
This allows an authentication program to reclaim storage for a user which
is no longer authenticated using the authentication program.
The authentication program will be invoked with a \fB-d\fR option, followed
by the username.
.IP \fBPW_TELNET\fR 1i
Authenticate a user who is connecting to the system using the
fBtelnet\fR command.
The authentication program will be invoked with a \fB-t\fR option, followed
by the username.
.IP \fBPW_RLOGIN\fR 1i
Authenticate a user who is connecting to the system using the \fBrlogin\fR
command.
The authentication program will be invoked with a \fB-r\fR option, followed
by the username.
.IP \fBPW_FTP\fR 1i
Authenticate a user who is connecting to the system using the \fBftp\fR
command.
The authentication program will be invoked with a \fR-f\fR option, followed
by the username.
The standard file descriptors are not available for communicating with the
user.
The standard input file descriptor will be connected to the parent process,
while the other two output file descriptors will be connected to
\fI/dev/null\fR.
The \fBpw_auth\fR function will pipe a single line of data to the
authentication program using file descriptor 0.
.IP \fBPW_REXEC\fR 1i
Authenticate a user who is connecting to the system using the \fIrexec\fR
command.
The authentication program will be invoked with a \fB-x\fR option, followed
by the username.
The standard file descriptors are not available for communicating with the
remote user.
The standard input file descriptor will be connected to the parent process,
while the other two output file descriptors will be connected to
\fI/dev/null\fR.
The \fBpw_auth\fR function will pipe a single line of data to the
authentication program using file descriptor 0.
.PP
The last argument is the authentication data which is used by the
.B PW_FTP
and
.B PW_REXEC
reasons.
It is treated as a single line of text which is piped to the authentication
program.
When the reason is
.BR PW_CHANGE,
the value of \fIinput\fR is the value of
previous user name if the user name is being changed.
.SH CAVEATS
This function does not create the actual session.
It only indicates if the user should be allowed to create the session.
.PP
The network options are untested at this time.
.SH DIAGNOSTICS
The \fBpw_auth\fR function returns 0 if the authentication program exited
with a 0 exit code, and a non-zero value otherwise.
.SH SEE ALSO
.BR login (1),
.BR passwd (1),
.BR su (1),
.BR useradd (8),
.BR userdel (8),
usermod(8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

67
man/pwauth.8 Normal file
View File

@@ -0,0 +1,67 @@
.\" Copyright 1992, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: pwauth.8,v 1.4 1998/12/28 20:35:22 marekm Exp $
.\"
.TH PWAUTH 8
.SH NAME
pwauth \- administrator defined password authentication
.SH DESCRIPTION
The system administrator is able to define a list of programs which
are used to validate a user's identity.
These programs are given in place of the encrypted password
information which is present in either the \fI/etc/passwd\fR or
\fI/etc/shadow\fR files.
The utilities which administer user accounts examine the encrypted
password field and determine if the user has an administrator defined
authentication program.
The \fBpw_auth\fR function will be invoked whenever one of these
administration programs determines that a user which is being altered
has authentication programs defined.
.PP
The initial entry is created with the \fBuseradd\fR command.
Alterations, such as changing authentication information or deleting
the user account, will cause the \fBpw_auth\fR function to be invoked.
This keeps the authentication information up to date for each user
account.
.PP
The authentication programs do not create the actual login or network
sessions.
The exit code from the authentication program is taken as an
indication that the action is to be permitted.
The calling process must have the appropriate priviledges to create
the login or network session itself.
.SH SEE ALSO
.BR login (1),
.BR passwd (1),
.BR su (1),
.BR useradd (8),
.BR userdel (8),
.BR usermod (8),
.BR pw_auth (3)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

107
man/pwck.8 Normal file
View File

@@ -0,0 +1,107 @@
.\" Copyright 1992, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: pwck.8,v 1.4 1998/12/28 20:35:23 marekm Exp $
.\"
.TH PWCK 1
.SH NAME
pwck \- verify integrity of password files
.SH SYNOPSIS
\fBpwck\fR [\fB-r\fR] [\fIpasswd\fR \fIshadow\fR]
.SH DESCRIPTION
\fBpwck\fR verifies the integrity of the system authentication information.
All entries in the \fI/etc/passwd\fR and \fI/etc/shadow\fR are checked to
see that the entry has the proper format and valid data in each field.
The user is prompted to delete entries that are improperly formatted or
which have other incorrectable errors.
.P
Checks are made to verify that each entry has
.sp
.in +.5i
- the correct number of fields
.br
- a unique user name
.br
- a valid user and group identifier
.br
- a valid primary group
.br
- a valid home directory
.br
- a valid login shell
.in -.5i
.sp
.P
The checks for correct number of fields and unique user name are fatal.
If the entry has the wrong number of fields, the user will be prompted to
delete the entire line.
If the user does not answer affirmatively, all further checks are bypassed.
An entry with a duplicated user name is prompted for deletion, but the
remaining checks will still be made.
All other errors are warning and the user is encouraged to run the
\fBusermod\fR command to correct the error.
.P
The commands which operate on the \fI/etc/passwd\fR file are not able to
alter corrupted or duplicated entries.
\fBpwck\fR should be used in those circumstances to remove the offending
entry.
.SH OPTIONS
By default, \fBpwck\fR operates on the files \fI/etc/passwd\fR and
\fI/etc/shadow\fR.
The user may select alternate files with the \fIpasswd\fR and \fIshadow\fR
parameters.
Additionally, the user may execute the command in read-only mode by
specifying the \fB-r\fR flag.
This causes all questions regarding changes to be answered \fBno\fR
without user intervention.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted password information
.br
/etc/group \- group information
.SH SEE ALSO
.BR usermod (8),
.BR group (5),
.BR passwd (5),
.BR shadow (5)
.SH DIAGNOSTICS
The \fBpwck\fR command exits with the following values:
.IP 0 5
Success
.IP 1 5
Syntax Error
.IP 2 5
One or more bad password entries
.IP 3 5
Cannot open password files
.IP 4 5
Cannot lock password files
.IP 5 5
Cannot update password files
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

63
man/pwconv.8 Normal file
View File

@@ -0,0 +1,63 @@
.\" $Id: pwconv.8,v 1.8 1998/06/25 22:10:43 marekm Exp $
.TH PWCONV 8 "26 Sep 1997"
.SH NAME
pwconv, pwunconv, grpconv, grpunconv \- convert to and from shadow passwords and groups.
.SH SYNOPSIS
.B pwconv
.br
.B pwunconv
.br
.B grpconv
.br
.B grpunconv
.SH DESCRIPTION
These four programs all operate on the normal and shadow password and
group files:
.IR /etc/passwd ", " /etc/group ", " /etc/shadow ", and " /etc/gshadow .
.B pwconv
.RI "creates " shadow " from " passwd " and an optionally existing " shadow .
.B pwunconv
.RI "creates " passwd " from " passwd " and " shadow " and then removes " shadow .
.B grpconv
.RI "creates " gshadow " from " group " and an optionally existing " gshadow .
.B grpunconv
.RI "creates " group " from " group " and " gshadow " and then removes " gshadow .
Each program acquires the necessary locks before conversion.
.BR pwconv " and " grpconv
are similiar. First, entries in the shadowed file which don't exist
in the main file are removed. Then, shadowed entries which don't have
`x' as the password in the main file are updated. Any missing
shadowed entries are added. Finally, passwords in the main file are
replaced with `x'. These programs can be used for initial conversion
as well to update the shadowed file if the main file is edited by
hand.
.B pwconv
will use the values of
.BR PASS_MIN_DAYS ", " PASS_MAX_DAYS ", and " PASS_WARN_AGE
from
.I /etc/login.defs
when adding new entries to
.IR /etc/shadow .
.RB "Likewise, " pwunconv " and " grpunconv
are similiar. Passwords in the main file are updated from the
shadowed file. Entries which exist in the main file but not in the
shadowed file are left alone. Finally, the shadowed file is removed.
Some password aging information is lost by
.BR pwunconv .
It will convert what it can.
.SH "BUGS"
Errors in the password or group files (such as invalid or duplicate
entries) may cause these programs to loop forever or fail in other
strange ways. Please run \fBpwck\fR and \fBgrpck\fR to correct any
such errors before converting to or from shadow passwords or groups.
.SH "SEE ALSO"
.BR login.defs (5),
.BR pwck (8),
.BR grpck (8),
.BR shadowconfig (8)

148
man/shadow.3 Normal file
View File

@@ -0,0 +1,148 @@
.\" Copyright 1989 - 1993, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: shadow.3,v 1.4 1998/12/28 20:35:24 marekm Exp $
.\"
.TH SHADOW 3
.SH NAME
shadow \- encrypted password file routines
.SH SYNTAX
.B #include <shadow.h>
.PP
.B struct spwd *getspent();
.PP
.B struct spwd *getspnam(char
.IB *name );
.PP
.B void setspent();
.PP
.B void endspent();
.PP
.B struct spwd *fgetspent(FILE
.IB *fp );
.PP
.B struct spwd *sgetspent(char
.IB *cp );
.PP
.B int putspent(struct spwd
.I *p,
.B FILE
.IB *fp );
.PP
.B int lckpwdf();
.PP
.B int ulckpwdf();
.SH DESCRIPTION
.I shadow
manipulates the contents of the shadow password file,
\fI/etc/shadow\fR.
The structure in the \fI#include\fR file is
.sp
struct spwd {
.in +.5i
.br
char *sp_namp; /* user login name */
.br
char *sp_pwdp; /* encrypted password */
.br
long sp_lstchg; /* last password change */
.br
int sp_min; /* days until change allowed. */
.br
int sp_max; /* days before change required */
.br
int sp_warn; /* days warning for expiration */
.br
int sp_inact; /* days before account inactive */
.br
int sp_expire; /* date when account expires */
.br
int sp_flag; /* reserved for future use */
.br
.in -.5i
}
.PP
The meanings of each field are
.sp
sp_namp \- pointer to null-terminated user name.
.br
sp_pwdp \- pointer to null-terminated password.
.br
sp_lstchg \- days since Jan 1, 1970 password was last changed.
.br
sp_min \- days before which password may not be changed.
.br
sp_max \- days after which password must be changed.
.br
sp_warn \- days before password is to expire that user is warned
of pending password expiration.
.br
sp_inact \- days after password expires that account is considered
inactive and disabled.
.br
sp_expire \- days since Jan 1, 1970 when account will be disabled.
.br
sp_flag \- reserved for future use.
.SH DESCRIPTION
\fBgetspent\fR, \fBgetspname\fR, \fBfgetspent\fR, and \fBsgetspent\fR
each return a pointer to a \fBstruct spwd\fR.
\fBgetspent\fR returns the
next entry from the file, and \fBfgetspent\fR returns the next
entry from the given stream, which is assumed to be a file of
the proper format.
\fBsgetspent\fR returns a pointer to a \fBstruct spwd\fR using the
provided string as input.
\fBgetspnam\fR searches from the current position in the file for
an entry matching \fBname\fR.
.PP
\fBsetspent\fR and \fBendspent\fR may be used to begin and end,
respectively, access to the shadow password file.
.PP
The \fBlckpwdf\fR and \fBulckpwdf\fR routines should be used to
insure exclusive access to the \fI/etc/shadow\fR file.
\fBlckpwdf\fR attempts to acquire a lock using \fBpw_lock\fR for
up to 15 seconds.
It continues by attempting to acquire a second lock using \fBspw_lock\fR
for the remainder of the initial 15 seconds.
Should either attempt fail after a total of 15 seconds, \fBlckpwdf\fR
returns -1.
When both locks are acquired 0 is returned.
.SH DIAGNOSTICS
Routines return NULL if no more entries are available or if an
error occurs during processing.
Routines which have \fBint\fR as the return value return 0 for
success and -1 for failure.
.SH CAVEATS
These routines may only be used by the super user as access to
the shadow password file is restricted.
.SH FILES
/etc/shadow \- encrypted user passwords
.SH SEE ALSO
.BR getpwent (3),
.BR shadow (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

99
man/shadow.5 Normal file
View File

@@ -0,0 +1,99 @@
.\" Copyright 1989 - 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: shadow.5,v 1.4 1998/12/28 20:35:25 marekm Exp $
.\"
.TH SHADOW 5
.SH NAME
shadow \- encrypted password file
.SH DESCRIPTION
.I shadow
contains the encrypted password information for user's accounts
and optional the password aging information.
Included is
.IP "" .5i
Login name
.IP "" .5i
Encrypted password
.IP "" .5i
Days since Jan 1, 1970 that password was last changed
.IP "" .5i
Days before password may be changed
.IP "" .5i
Days after which password must be changed
.IP "" .5i
Days before password is to expire that user is warned
.IP "" .5i
Days after password expires that account is disabled
.IP "" .5i
Days since Jan 1, 1970 that account is disabled
.IP "" .5i
A reserved field
.PP
The password field must be filled.
The encryped password consists of 13 to 24 characters from the
64 character alphabet
a thru z, A thru Z, 0 thru 9, \. and /.
Refer to \fBcrypt\fR(3) for details on how this string is
interpreted.
.PP
The date of the last password change is given as the number
of days since Jan 1, 1970.
The password may not be changed again until the proper number
of days have passed, and must be changed after the maximum
number of days.
If the minimum number of days required is greater than the
maximum number of day allowed, this password may not be
changed by the user.
.PP
An account is considered to be inactive and is disabled if
the password is not changed within the specified number of
days after the password expires.
An account will also be disabled on the specified day
regardless of other password expiration information.
.PP
This information supercedes any password or password age
information present in \fI/etc/passwd\fR.
.PP
This file must not be readable by regular users if password
security is to be maintained.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted user passwords
.SH SEE ALSO
.BR chage (1),
.BR login (1),
.BR passwd (1),
.BR su (1),
.BR sulogin (8),
.BR shadow (3),
.BR passwd (5),
.BR pwconv (8),
.BR pwunconv (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

24
man/shadowconfig.8 Normal file
View File

@@ -0,0 +1,24 @@
.\" $Id: shadowconfig.8,v 1.2 1997/12/14 20:07:22 marekm Exp $
.TH SHADOWCONFIG 8 "19 Apr 1997" "Debian GNU/Linux"
.SH NAME
shadowconfig \- toggle shadow passwords on and off
.SH SYNOPSIS
.B "shadowconfig"
.IR on " | " off
.SH DESCRIPTION
.PP
.B shadowconfig on
will turn shadow passwords on;
.B shadowconfig off
will turn shadow passwords off.
.B shadowconfig
will print an error message and exit with a nonzero code if it finds
anything awry. If that happens, you should correct the error and run
it again.
Turning shadow passwords on when they are already on, or off when they
are already off, is harmless.
Read
.I /usr/doc/passwd/README.debian.gz
for a brief introduction to shadow passwords and related features.

83
man/su.1 Normal file
View File

@@ -0,0 +1,83 @@
.\" Copyright 1989 - 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: su.1,v 1.5 1998/12/28 20:35:26 marekm Exp $
.\"
.TH SU 1
.SH NAME
su \- Change user ID or become super-user
.SH SYNOPSIS
.BR su " [" - ]
.RI [ username " [" args ]]
.SH DESCRIPTION
.B su
is used to become another user during a login session.
Invoked without a username, \fBsu\fR defaults to becoming
the super user.
The optional argument \fB\-\fR may be used to provide an
environment similiar to what the user would expect had
the user logged in directly.
.PP
Additional arguments may be provided after the username,
in which case they are supplied to the user\'s login shell.
In particular, an argument of \fB-c\fR will cause the
next argument to be treated as a command by most command
interpreters.
.\" The command will be executed under the shell specified by
.\" \fB$SHELL\fR, or if undefined, by the one specified in
.\" \fI/etc/passwd\fR.
.\" XXX - the above was not quite correct. --marekm
The command will be executed by the shell specified in
\fI/etc/passwd\fR for the target user.
.PP
The user will be prompted for a password, if appropriate.
Invalid passwords will produce an error message.
All attempts, both valid and invalid, are logged to detect
abuses of the system.
.PP
The current environment is passed to the new shell. The value of
\fB$PATH\fR is reset to \fB/bin:/usr/bin\fR for normal users, or
\fB/sbin:/bin:/usr/sbin:/usr/bin\fR for the super user. This may be
changed with the \fBENV_PATH\fR and \fBENV_SUPATH\fR definitions in
\fI/etc/login.defs\fR.
.SH CAVEATS
.PP
This version of \fBsu\fR has many compilation options, only some of which
may be in use at any particular site.
.SH Files
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted passwords and age information
.br
$HOME/.profile \- initialization script for default shell
.SH SEE ALSO
.BR login (1),
.BR sh (1),
.BR suauth (5),
.BR login.defs (5)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

112
man/suauth.5 Normal file
View File

@@ -0,0 +1,112 @@
.TH SUAUTH 5 "Feb 14, 1996"
.UC 5
.SH NAME
suauth \- Detailed su control file
.SH SYNOPSIS
.B /etc/suauth
.SH DESCRIPTION
The file
.I /etc/suauth
is referenced whenever the su command is called. It can change the
behaviour of the su command, based upon
.PP
.RS
.nf
1) the user su is targetting
.fi
2) the user executing the su command (or any groups he might be
a member of)
.RE
.PP
The file is formatted like this, with lines starting with a #
being treated as comment lines and ignored;
.PP
.RS
to-id:from-id:ACTION
.RE
.PP
Where to-id is either the word
.BR ALL ,
a list of usernames
delimited by "," or the words
.B ALL EXCEPT
followed by a list
of usernames delimted by ","
.PP
from-id is formatted the same as to-id except the extra word
.B GROUP
is recognised.
.B ALL EXCEPT GROUP
is perfectly valid too.
Following
.B GROUP
appears one or more group names, delimited by
",". It is not sufficient to have primary group id of the
relevant group, an entry in
.BR /etc/group (5)
is neccessary.
.PP
Action can be one only of the following currently supported
options.
.TP 20
.B DENY
The attempt to su is stopped before a password is even asked for.
.TP 20
.B NOPASS
The attempt to su is automatically successful; no password is
asked for.
.TP 20
.B OWNPASS
For the su command to be successful, the user must enter
his or her own password. They are told this.
.PP
Note there are three separate fields delimted by a colon. No
whitespace must surround this colon. Also note that the file
is examined sequentially line by line, and the first applicable
rule is used without examining the file further. This makes it
possible for a system administrator to exercise as fine control
as he or she wishes.
.SH EXAMPLE
.PP
.nf
# sample /etc/suauth file
#
# A couple of privileged usernames may
# su to root with their own password.
#
root:chris,birddog:OWNPASS
#
# Anyone else may not su to root unless in
# group wheel. This is how BSD does things.
#
root:ALL EXCEPT GROUP wheel:DENY
#
# Perhaps terry and birddog are accounts
# owned by the same person.
# Access can be arranged between them
# with no password.
#
terry:birddog:NOPASS
birddog:terry:NOPASS
#
.fi
.SH FILES
/etc/suauth
.SH BUGS
There could be plenty lurking. The file parser is particularly
unforgiving about syntax errors, expecting no spurious whitespace
(apart from beginning and end of lines), and a specific token
delimiting different things.
.SH DIAGNOSTICS
An error parsing the file is reported using
.BR syslogd (8)
as level ERR on
facility AUTH.
.SH SEE ALSO
.BR su (1)
.SH AUTHOR
.nf
Chris Evans (lady0110@sable.ox.ac.uk)
Lady Margaret Hall
Oxford University
England

88
man/sulogin.8 Normal file
View File

@@ -0,0 +1,88 @@
.\" Copyright 1989 - 1992, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: sulogin.8,v 1.4 1998/12/28 20:35:27 marekm Exp $
.\"
.TH SULOGIN 8
.SH NAME
sulogin \- Single-user login
.SH SYNTAX
\fBsulogin\fR [\fItty-device\fR]
.SH DESCRIPTION
.B sulogin
is invoked by \fBinit\fR prior to allowing the user
access to the system when in single user mode.
This feature may only be available on certain systems where
\fBinit\fR has been modified accordingly, or where the
\fB/etc/inittab\fR has an entry for a single user login.
.PP
The user is prompted
.IP "" .5i
Type control-d to proceed with normal startup,
.br
(or give root password for system maintenance):
.PP
Input and output will be performed with the standard file
descriptors unless the optional device name argument is provided.
.PP
If the user enters the correct root password, a login session
is initiated.
When \fBEOF\fR is pressed instead, the system enters multi-user
mode.
.PP
After the user exits the single-user shell, or presses \fBEOF\fR,
the system begins the initialization process required to enter
multi-user mode.
.SH CAVEATS
.PP
This command can only be used if \fBinit\fR has been modified to call
\fBsulogin\fR instead of \fB/bin/sh\fR,
or if the user has set the \fIinittab\fR to support a single user
login.
For example, the line
.br
.sp 1
co:s:respawn:/etc/sulogin /dev/console
.br
.sp 1
should execute the sulogin command in single user mode.
.PP
As complete an environment as possible is created.
However, various devices may be unmounted or uninitialized and many
of the user commands may be unavailable or nonfunctional as a result.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- encrypted passwords and age information
.br
/.profile \- initialization script for single user shell
.SH SEE ALSO
.BR login (1),
.BR init (8),
.BR sh (1)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

197
man/useradd.8 Normal file
View File

@@ -0,0 +1,197 @@
.\" Copyright 1991 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: useradd.8,v 1.6 1999/03/07 19:14:47 marekm Exp $
.\"
.TH USERADD 8
.SH NAME
useradd \- Create a new user or update default new user information
.SH SYNOPSIS
.TP 8
.B useradd
.\" .RB [ -A
.\" .RI { method | \fBDEFAULT\fR "},... ]"
.RB [ -c
.IR comment ]
.RB [ -d
.IR home_dir ]
.br
.RB [ -e
.IR expire_date ]
.RB [ -f
.IR inactive_time ]
.br
.RB [ -g
.IR initial_group ]
.RB [ -G
.IR group [,...]]
.br
.RB [ -m " [" -k
.IR skeleton_dir ]]
.RB [ -p
.IR passwd ]
.br
.RB [ -s
.IR shell ]
.RB [ -u
.IR uid " ["
.BR -o ]]
.I login
.TP 8
.B useradd
\fB-D\fR
[\fB-g\fI default_group\fR]
[\fB-b\fI default_home\fR]
.br
[\fB-f\fI default_inactive\fR]
[\fB-e\fI default_expire_date\fR]
.br
[\fB-s\fI default_shell\fR]
.SH DESCRIPTION
.SS Creating New Users
When invoked without the \fB-D\fR option, the \fBuseradd\fR command
creates a new user account using the values specified on the
command line and the default values from the system.
The new user account will be entered into the system files as needed,
the home directory will be created, and initial files copied, depending
on the command line options.
The options which apply to the \fBuseradd\fR command are
.\" .IP "\fB-A {\fImethod\fR|\fBDEFAULT\fR},..."
.\" The value of the user's authentication method.
.\" The authentication method is the name of a program which is responsible
.\" for validating the user's identity.
.\" The string \fBDEFAULT\fR may be used to change the user's authentication
.\" method to the standard system password method.
.\" This is a comma-separated list of program names.
.\" It may include \fBDEFAULT\fR exactly once.
.IP "\fB-c \fIcomment\fR"
The new user's password file comment field.
.IP "\fB-d \fIhome_dir\fR"
The new user will be created using \fIhome_dir\fR as the value for
the user's login directory.
The default is to append the \fIlogin\fR name to \fIdefault_home\fR
and use that as the login directory name.
.IP "\fB-e \fIexpire_date\fR"
The date on which the user account will be disabled.
The date is specified in the format \fIYYYY-MM-DD\fR.
.IP "\fB-f \fIinactive_days\fR"
The number of days after a password expires until the account
is permanently disabled.
A value of 0 disables the account as soon as the password has
expired, and a value of -1 disables the feature.
The default value is -1.
.IP "\fB-g \fIinitial_group\fR"
The group name or number of the user's initial login group.
The group name must exist. A group number must refer to an
already existing group.
The default group number is 1.
.IP "\fB-G \fIgroup,[...]\fR"
A list of supplementary groups which the user is also a member
of.
Each group is separated from the next by a comma, with no
intervening whitespace.
The groups are subject to the same restrictions as the group
given with the \fB-g\fR option.
The default is for the user to belong only to the initial group.
.IP \fB-m\fR
The user's home directory will be created if it does not exist.
The files contained in \fIskeleton_dir\fR will be copied to the
home directory if the \fB-k\fR option is used, otherwise the
files contained in \fI/etc/skel\fR will be used instead.
Any directories contained in \fIskeleton_dir\fR or \fI/etc/skel\fR
will be created in the user's home directory as well.
The \fB-k\fR option is only valid in conjunction with the \fB-m\fR
option.
The default is to not create the directory and to not copy any
files.
.IP "\fB-p \fIpasswd\fR"
The encrypted password, as returned by \fBcrypt\fR(3).
The default is to disable the account.
.IP "\fB-s \fIshell\fR"
The name of the user's login shell.
The default is to leave this field blank, which causes the system
to select the default login shell.
.IP "\fB-u \fIuid\fR"
The numerical value of the user's ID.
This value must be unique, unless the \fI-o\fR option is used.
The value must be non-negative.
The default is to use the smallest ID value greater than 99 and
greater than every other user.
Values between 0 and 99 are typically reserved for system accounts.
.SS Changing the default values
When invoked with the \fB-D\fR option, \fBuseradd\fR will either
display the current default values, or update the default values
from the command line.
The valid options are
.IP "\fB-b \fIdefault_home\fR"
The initial path prefix for a new user's home directory.
The user's name will be affixed to the end of \fIdefault_home\fR
to create the new directory name if the \fB-d\fI option is not
used when creating a new account.
.IP "\fB-e \fIdefault_expire_date\fR"
The date on which the user account is disabled.
.IP "\fB-f \fIdefault_inactive\fR"
The number of days after a password has expired before the
account will be disabled.
.IP "\fB-g \fIdefault_group\fR"
The group name or ID for a new user's initial group.
The named group must exist, and a numerical group ID must have
an existing entry .
.IP "\fB-s \fIdefault_shell\fR"
The name of the new user's login shell.
The named program will be used for all future new user accounts.
.PP
If no options are specified, \fBuseradd\fR displays the current
default values.
.SH NOTES
The system administrator is responsible for placing the default
user files in the \fI/etc/skel\fR directory.
.SH CAVEATS
You may not add a user to an NIS group.
This must be performed on the NIS server.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- secure user account information
.br
/etc/group \- group information
.br
/etc/default/useradd \- default information
.br
/etc/skel \- directory containing default files
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR crypt (3),
.BR groupadd (8),
.BR groupdel (8),
.BR groupmod (8),
.BR passwd (1),
.BR userdel (8),
.BR usermod (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

69
man/userdel.8 Normal file
View File

@@ -0,0 +1,69 @@
.\" Copyright 1991 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: userdel.8,v 1.4 1998/12/28 20:35:29 marekm Exp $
.\"
.TH USERDEL 8
.SH NAME
userdel \- Delete a user account and related files
.SH SYNOPSIS
.B userdel
[\fB-r\fR]
.I login
.SH DESCRIPTION
The \fBuserdel\fR command modifies the system account files, deleting
all entries that refer to \fIlogin\fR.
The named user must exist.
.IP \fB-r\fR
Files in the user's home directory will be removed along with the
home directory itself.
Files located in other file system will have to be searched for
and deleted manually.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- secure user account information
.br
/etc/group \- group information
.SH CAVEATS
\fBuserdel\fR will not allow you to remove an account if the user
is currently logged in.
You must kill any running processes which belong to an account that
you are deleting.
You may not remove any NIS attributes on an NIS client.
This must be performed on the NIS server.
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR groupadd (8),
.BR groupdel (8),
.BR groupmod (8),
.BR passwd (1),
.BR useradd (8),
.BR usermod (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

153
man/usermod.8 Normal file
View File

@@ -0,0 +1,153 @@
.\" Copyright 1991 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of Julianne F. Haugh nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $Id: usermod.8,v 1.6 1999/03/07 19:14:48 marekm Exp $
.\"
.TH USERMOD 8
.SH NAME
usermod \- Modify a user account
.SH SYNOPSIS
.TP 8
.B usermod
.\" .RB [ -A
.\" .RI { method | \fBDEFAULT\fR "},... ]"
.RB [ -c
.IR comment ]
.RB [ -d
.IR home_dir " ["
.BR -m ]]
.br
.RB [ -e
.IR expire_date ]
.RB [ -f
.IR inactive_time ]
.br
.RB [ -g
.IR initial_group ]
.RB [ -G
.IR group [,...]]
.br
.RB [ -l
.IR login_name ]
.RB [ -p
.IR passwd ]
.br
.RB [ -s
.IR shell ]
.RB [ -u
.IR uid " ["
.BR -o ]]
.I login
.SH DESCRIPTION
The \fBusermod\fR command modifies the system account files to reflect
the changes that are specified on the command line.
The options which apply to the \fBusermod\fR command are
.\" .IP "\fB-A \fImethod\fR|\fBDEFAULT\fR"
.\" The new value of the user's authentication method.
.\" The authentication method is the name of a program which is responsible
.\" for validating the user's identity.
.\" The string \fBDEFAULT\fR may be used to change the user's authentication
.\" method to the standard system password method.
.IP "\fB-c \fIcomment\fR"
The new value of the user's password file comment field.
It is normally modified using the \fBchfn\fR(1) utility.
.IP "\fB-d \fIhome_dir\fR"
The user's new login directory.
If the \fB-m\fR option is given the contents of the current home directory
will be moved to the new home directory, which is created if it does not
already exist.
.IP "\fB-e \fIexpire_date\fR"
The date on which the user account will be disabled.
The date is specified in the format \fIYYYY-MM-DD\fR.
.IP "\fB-f \fIinactive_days\fR"
The number of days after a password expires until the account
is permanently disabled.
A value of 0 disables the account as soon as the password has
expired, and a value of -1 disables the feature.
The default value is -1.
.IP "\fB-g \fIinitial_group\fR"
The group name or number of the user's new initial login group.
The group name must exist. A group number must refer to an
already existing group.
The default group number is 1.
.IP "\fB-G \fIgroup,[...]\fR"
A list of supplementary groups which the user is also a member
of.
Each group is separated from the next by a comma, with no
intervening whitespace.
The groups are subject to the same restrictions as the group
given with the \fB-g\fR option.
If the user is currently a member of a group which is not listed,
the user will be removed from the group
.IP "\fB-l \fIlogin_name\fR"
The name of the user will be changed from \fIlogin\fR to
\fIlogin_name\fR.
Nothing else is changed.
In particular, the user's home directory name should probably
be changed to reflect the new login name.
.IP "\fB-p \fIpasswd\fR"
The encrypted password, as returned by \fBcrypt\fR(3).
.IP "\fB-s \fIshell\fR"
The name of the user's new login shell.
Setting this field to blank causes the system
to select the default login shell.
.IP "\fB-u \fIuid\fR"
The numerical value of the user's ID.
This value must be unique, unless the \fI-o\fR option is used.
The value must be non-negative.
Values between 0 and 99 are typically reserved for system accounts.
Any files which the user owns and which are located in the directory
tree rooted at the user's home directory will have the file user ID
changed automatically.
Files outside of the user's home directory must be altered manually.
.SH CAVEATS
\fBusermod\fR will not allow you to change the name of a user who is
logged in.
You must make certain that the named user is not executing any processes
when this command is being executed if the user's numerical user ID is
being changed.
You must change the owner of any crontab files manually.
You must change the owner of any at jobs manually.
You must make any changes involving NIS on the NIS server.
.SH FILES
/etc/passwd \- user account information
.br
/etc/shadow \- secure user account information
.br
/etc/group \- group information
.SH SEE ALSO
.BR chfn (1),
.BR chsh (1),
.BR crypt (3),
.BR groupadd (8),
.BR groupdel (8),
.BR groupmod (8),
.BR passwd (1),
.BR useradd (8),
.BR userdel (8)
.SH AUTHOR
Julianne Frances Haugh (jfh@bga.com)

29
man/vipw.8 Normal file
View File

@@ -0,0 +1,29 @@
.\" $Id: vipw.8,v 1.2 1997/12/14 20:07:22 marekm Exp $
.TH VIPW 8 "26 Sep 1997"
.SH NAME
vipw, vigr \- edit the password, group, shadow-password, or shadow-group file.
.SH SYNOPSIS
.BR vipw " [-s]"
.br
.BR vigr " [-s]"
.SH DESCRIPTION
.BR vipw " and " vigr
will edit the files
.IR /etc/passwd " and " /etc/group ", respectively."
With the
.B -s
flag, they will edit the shadow versions of those files,
.IR /etc/shadow " and " /etc/gshadow ", respectively.
The programs will set the appropriate locks to prevent file corruption.
When looking for an editor, the programs will first try the
environment variable
.BR VISUAL ,
then the environment variable
.BR EDITOR ,
and finally the default editor,
.BR vi .
.SH "SEE ALSO"
.BR passwd (5),
.BR group (5),
.BR shadow (5)