emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

[svn-upgrade] Integrating new upstream version, shadow (4.0.9)

Browse Source
This commit is contained in:
nekral-guest
2007-10-07 11:46:16 +00:00
parent 8e167d28af
commit 7c47e0fde3
159 changed files with 13029 additions and 3956 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
man/Makefile.am
View File

@@ -2,6 +2,44 @@
# subdirectories for translated manual pages
SUBDIRS = cs de es fr hu id it ja ko pl pt_BR ru zh_CN zh_TW
man_XMANS = \
chage.1.xml \
chfn.1.xml \
chpasswd.8.xml \
chsh.1.xml \
expiry.1.xml \
faillog.5.xml \
faillog.8.xml \
gpasswd.1.xml \
groupadd.8.xml \
groupdel.8.xml \
groupmems.8.xml \
groupmod.8.xml \
groups.1.xml \
grpck.8.xml \
gshadow.5.xml \
lastlog.8.xml \
limits.5.xml \
login.1.xml \
login.access.5.xml \
login.defs.5.xml \
logoutd.8.xml \
mkpasswd.8.xml \
newusers.8.xml \
passwd.1.xml \
passwd.5.xml \
porttime.5.xml \
pwck.8.xml \
pwconv.8.xml \
shadow.3.xml \
shadow.5.xml \
su.1.xml \
suauth.5.xml \
useradd.8.xml \
userdel.8.xml \
usermod.8.xml \
vipw.8.xml
man_MANS = \
chage.1 \
chfn.1 \
@@ -47,7 +85,18 @@ man_MANS = \
vipw.8
EXTRA_DIST = $(man_MANS) \
$(man_XMANS) \
id.1.xml \
pw_auth.3.xml \
shadowconfig.8.xml \
sulogin.8.xml \
id.1 \
pw_auth.3 \
shadowconfig.8 \
sulogin.8
all:
shadow-man-pages.pot:
xml2po -o $@ $(man_XMANS)

54
man/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
@@ -185,6 +189,44 @@ target_alias = @target_alias@
# subdirectories for translated manual pages
SUBDIRS = cs de es fr hu id it ja ko pl pt_BR ru zh_CN zh_TW
man_XMANS = \
chage.1.xml \
chfn.1.xml \
chpasswd.8.xml \
chsh.1.xml \
expiry.1.xml \
faillog.5.xml \
faillog.8.xml \
gpasswd.1.xml \
groupadd.8.xml \
groupdel.8.xml \
groupmems.8.xml \
groupmod.8.xml \
groups.1.xml \
grpck.8.xml \
gshadow.5.xml \
lastlog.8.xml \
limits.5.xml \
login.1.xml \
login.access.5.xml \
login.defs.5.xml \
logoutd.8.xml \
mkpasswd.8.xml \
newusers.8.xml \
passwd.1.xml \
passwd.5.xml \
porttime.5.xml \
pwck.8.xml \
pwconv.8.xml \
shadow.3.xml \
shadow.5.xml \
su.1.xml \
suauth.5.xml \
useradd.8.xml \
userdel.8.xml \
usermod.8.xml \
vipw.8.xml
man_MANS = \
chage.1 \
chfn.1 \
@@ -230,6 +272,11 @@ man_MANS = \
vipw.8
EXTRA_DIST = $(man_MANS) \
$(man_XMANS) \
id.1.xml \
pw_auth.3.xml \
shadowconfig.8.xml \
sulogin.8.xml \
id.1 \
pw_auth.3 \
shadowconfig.8 \
@@ -731,6 +778,11 @@ uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \
uninstall uninstall-am uninstall-info-am uninstall-man \
uninstall-man1 uninstall-man3 uninstall-man5 uninstall-man8
all:
shadow-man-pages.pot:
xml2po -o $@ $(man_XMANS)
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:

4
man/chage.1
View File

@@ -1,4 +1,4 @@
.\"$Id: chage.1,v 1.24 2005/04/25 15:15:17 kloczek Exp $
.\"$Id: chage.1,v 1.25 2005/04/26 12:22:08 kloczek Exp $
.\" Copyright 1990 - 1994 Julianne Frances Haugh
.\" All rights reserved.
.\"
@@ -67,7 +67,7 @@ Set the minimum number of days between password changes. A value of zero for
this field indicates that the user may change her password at any time.
.IP "\fB\-M\fR \fImaxdays\fR"
Set maximum number of days during which a password is valid. When
\fImaxdays\fR plus fIlastday\fR is less than the current day, the user will
\fImaxdays\fR plus \fIlastday\fR is less than the current day, the user will
be required to change her password before being able to use her account.
This occurrence can be planned for in advance by use of the \fB\-W\fR option,
which provides the user with advance warning.

193
man/chage.1.xml Normal file
View File

@@ -0,0 +1,193 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='chage.1'>
<!-- $Id: chage.1.xml,v 1.7 2005/04/26 12:31:14 kloczek Exp $ -->
<refmeta>
<refentrytitle>chage</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>chage</refname>
<refpurpose>change user password expiry information</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>chage</command>
<arg choice='opt'>-m <replaceable>mindays</replaceable></arg>
<arg choice='opt'>-M <replaceable>maxdays</replaceable></arg>
<arg choice='opt'>-d <replaceable>lastday</replaceable></arg>
<arg choice='opt'>-I <replaceable>inactive</replaceable></arg>
<sbr/>
<arg choice='opt'>-E <replaceable>expiredate</replaceable></arg>
<arg choice='opt'>-W <replaceable>warndays</replaceable></arg>
<arg choice='plain'><replaceable>user</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>chage</command>
<arg choice='plain'>-l <replaceable>user</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para><command>chage</command> command changes the number of days
between passwordchanges and the date of the last password change.
This information is used by the system to determine when a user must
change her password.
</para>
<para>The <command>chage</command> command is restricted to the root
user, except for the <option>-l</option> option, which may be used by
an unprivileged user to determine when her password or account is due
to expire.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>chage</command> command are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-d</option> <replaceable>lastday</replaceable>
</term>
<listitem>
<para>
Set the number of days since January 1st, 1970 when the password
was last changed. The date may also be expressed in the format
YYYY-MM-DD (or the format more commonly used in your area).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-E</option> <replaceable>expiredate</replaceable>
</term>
<listitem>
<para>Set the date on which the user's account will no longer be
accessible. The <emphasis remap='I'>expiredate</emphasis> option
is the number of days since January 1, 1970 on which the
accounted is locked. The date may also be expressed in the
format YYYY-MM-DD (or the format more commonly used in your
area). A user whose account is locked must contact the system
administrator before being able to use the system again. Passing
the number <emphasis remap='I'>-1</emphasis> as the <emphasis
remap='I'>expiredate</emphasis> will remove an accounts
expiration date.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-I</option> <replaceable>inactive</replaceable>
</term>
<listitem>
<para>
Set the number of days of inactivity after a password has
expired before the account is locked. The <emphasis
remap='I'>inactive</emphasis> option is the number of days of
inactivity. A value of 0 disables this feature. A user whose
account is locked must contact the system administrator before
being able to use the system again.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-m</option> <replaceable>mindays</replaceable>
</term>
<listitem>
<para>
Set the minimum number of days between password changes. A value
of zero for this field indicates that the user may change her
password at any time.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-M</option> <replaceable>maxdays</replaceable>
</term>
<listitem>
<para>
Set maximum number of days during which a password is valid.
When <emphasis remap='I'>maxdays</emphasis> plus <emphasis
remap='I'>lastday</emphasis> is less than the current day, the
user will be required to change her password before being able
to use her account. This occurrence can be planned for in
advance by use of the <option>-W</option> option, which provides
the user with advance warning.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-W</option> <replaceable>warndays</replaceable>
</term>
<listitem>
<para>
Set the number of days of warning before a password change is
required. The <emphasis remap='I'>warndays</emphasis> option is
the number of days prior to the password expiring that a user
will be warned her password is about to expire.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>
If none of the options are selected, <command>chage</command> operates
in an interactive fashion, prompting the user with the current values
for all of the fields. Enter the new value to change the field, or
leave the line blank to use the current value. The current value is
displayed between a pair of <emphasis remap='B'>[ ]</emphasis> marks.
</para>
</refsect1>
<refsect1 id='note'>
<title>NOTE</title>
<para>
The <command>chage</command> program requires shadow password file to
be available. Its functionality is not available when passwords are
stored in the passwd file.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term>
<filename>/etc/passwd</filename>
</term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term>
<filename>/etc/shadow</filename>
</term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>.
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

81
man/chfn.1.xml Normal file
View File

@@ -0,0 +1,81 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='chfn.1'>
<!-- $Id: chfn.1.xml,v 1.8 2005/04/27 16:19:48 kloczek Exp $ -->
<refmeta>
<refentrytitle>chfn</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>chfn</refname>
<refpurpose>change real user name and information</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>chfn</command>
<arg choice='opt'>-f <replaceable>full_name</replaceable></arg>
<arg choice='opt'>-r <replaceable>room_no</replaceable></arg>
<arg choice='opt'>-w <replaceable>work_ph</replaceable></arg>
<arg choice='opt'>-h <replaceable>home_ph</replaceable></arg>
<arg choice='opt'>-o <replaceable>other</replaceable></arg>
<arg choice='opt'><replaceable>user</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para><command>chfn</command> changes user fullname, office number,
office extension, and home phone number information for a user's
account. This information is typically printed by <citerefentry>
<refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum>
</citerefentry> and similar programs. A normal user may only change
the fields for her own account, the super user may change the fields
for any account. Also, only the super user may use the
<option>-o</option> option to change the undefined portions of the
GECOS field.
</para>
<para>The only restriction placed on the contents of the fields is that
no control characters may be present, nor any of comma, colon, or
equal sign. The <emphasis remap='I'>other</emphasis> field does not
have this restriction, and is used to store accounting information
used by other applications.
</para>
<para> If none of the options are selected, <command>chfn</command>
operates in an interactive fashion, prompting the user with the
current values for all of the fields. Enter the new value to change
the field, or leave the line blank to use the current value. The
current value is displayed between a pair of <emphasis remap='B'>[
]</emphasis> marks. Without options, chfn prompts for the current
user account.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

101
man/chpasswd.8.xml Normal file
View File

@@ -0,0 +1,101 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='chpasswd.8'>
<!-- $Id: chpasswd.8.xml,v 1.6 2005/04/27 16:22:25 kloczek Exp $ -->
<refmeta>
<refentrytitle>chpasswd</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>chpasswd</refname>
<refpurpose>update passwords in batch mode</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>chpasswd</command>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>chpasswd</command> reads a list of user name and password
pairs from standard input and uses this information to update a group
of existing users. Each line is of the format:
</para>
<para>
<emphasis remap='I'>user_name</emphasis>:<emphasis
remap='I'>password</emphasis>
</para>
<para>By default the supplied password must be in clear-text. Default
encription algoritm is DES. Also the password age will be updated, if
present.
</para>
<para>This command is intended to be used in a large system environment
where many accounts are created at a single time.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>chpasswd</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term><option>-e</option>, <option>--encrypted</option></term>
<listitem>
<para>Supplied passwords are in encrypted form.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-m</option>, <option>--md5</option></term>
<listitem>
<para>Use MD5 encryption instead DES when the supplied passwords
are not encrypted.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>Remember keep protected for reading by others fille passed to
standard input <command>chpasswd</command> command if it contains
unencrypted passwords.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

86
man/chsh.1.xml Normal file
View File

@@ -0,0 +1,86 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='chsh1'>
<!-- $Id: chsh.1.xml,v 1.6 2005/04/27 16:24:09 kloczek Exp $ -->
<refmeta>
<refentrytitle>chsh</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>chsh</refname>
<refpurpose>change login shell</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>chsh</command>
<arg choice='opt'>-s <replaceable>login_shell</replaceable></arg>
<arg choice='opt'><replaceable>user</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>chsh</command> changes the user login shell. This determines
the name of the user's initial login command. A normal user may only
change the login shell for her own account, the super user may change
the login shell for any account.
</para>
<para>The only restrictions placed on the login shell is that the
command name must be listed in <filename>/etc/shells</filename>,
unless the invoker is the super-user, and then any value may be added.
An account with a restricted login shell may not change her login
shell. For this reason, placing <filename>/bin/rsh</filename> in
<filename>/etc/shells</filename> is discouraged since accidentally
changing to a restricted shell would prevent the user from every
changing her login shell back to its original value.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>If the <option>-s</option> option is not selected,
<command>chsh</command> operates in an interactive fashion, prompting
the user with the current login shell. Enter the new value to change
the shell, or leave the line blank to use the current one. The current
shell is displayed between a pair of <emphasis remap='B'>[ ]</emphasis>
marks.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shells</filename></term>
<listitem>list of valid login shells</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

6
man/cs/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/cs
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/de/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/de
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/es/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/es
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

63
man/expiry.1.xml Normal file
View File

@@ -0,0 +1,63 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='expiry.1'>
<!-- $Id: expiry.1.xml,v 1.6 2005/04/27 16:25:27 kloczek Exp $ -->
<refmeta>
<refentrytitle>expiry</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>expiry</refname>
<refpurpose>check and enforce password expiration policy</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>expiry</command>
<arg choice='opt'>-c </arg>
<arg choice='opt'>-f </arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>expiry</command> checks (<option>-c</option>) the current
password expiration and forces (<option>-f</option>) changes when
required. It is callable as a normal user command.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Ben Collins &lt;bcollins@debian.org&gt;</para>
</refsect1>
</refentry>

61
man/faillog.5.xml Normal file
View File

@@ -0,0 +1,61 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='faillog.5'>
<!-- $Id: faillog.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>faillog</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>faillog</refname>
<refpurpose>Login failure logging file</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<filename>/var/log/faillog</filename> maintains a count of login
failures and the limits for each account. The file is fixed length
record, indexed by numerical UID. Each record contains the count of
login failures since the last successful login; the maximum number of
failures before the account is disabled; the line the last login
failure occured on; and the date the last login failure occured.
</para>
<para>The structure of the file is</para>
<literallayout remap='DS'>
struct faillog {
short fail_cnt;
short fail_max;
char fail_line[12];
time_t fail_time;
};
</literallayout>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/var/log/faillog</filename></term>
<listitem>login failure log</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>faillog</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

157
man/faillog.8.xml Normal file
View File

@@ -0,0 +1,157 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='faillog.8'>
<!-- $Id: faillog.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>faillog</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>faillog</refname>
<refpurpose>display faillog records or set login failure limits</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>faillog</command>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>faillog</command> formats the contents of the failure log
from <filename>/var/log/faillog</filename> database. It also can be
used for maintains failure counters and limits. Run
<command>faillog</command> without arguments display only list of user
faillog records who have ever had a login failure.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>faillog</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term><option>-a</option>, <option>--all</option></term>
<listitem>
<para>Display faillog records for all users.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-l</option>, <option>--lock-time</option>
<replaceable>SEC</replaceable>
</term>
<listitem>
<para>
Lock accout to <emphasis remap='I'>SEC</emphasis>
seconds after failed login.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-m</option>, <option>--maximum</option>
<replaceable>MAX</replaceable>
</term>
<listitem>
<para>Set maiximum number of login failures after the account is
disabled to <emphasis remap='I'>MAX</emphasis>. Selecting
<emphasis remap='I'>MAX</emphasis> value of 0 has the effect of
not placing a limit on the number of failed logins. The maximum
failure count should always be 0 for <emphasis
remap='B'>root</emphasis> to prevent a denial of services attack
against the system.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-r</option>, <option>--reset</option></term>
<listitem>
<para>Reset the counters of login failures or one recor if used
with -u <emphasis remap='I'>LOGIN</emphasis> option. Write
access to <filename>/var/log/faillog</filename> is required for
this option.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-t</option>, <option>--time</option>
<replaceable>DAYS</replaceable>
</term>
<listitem>
<para>
Display faillog records more recent than <emphasis
remap='I'>DAYS</emphasis>. The <option>-t</option> flag overrides
the use of <option>-u</option>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-u</option>, <option>--user</option>
<replaceable>LOGIN</replaceable>
</term>
<listitem>
<para>Display faillog record or maintains failure counters and
limits (if used with <option>-l</option>, <option>-m</option> or
<option>-r</option> options) only for user with <emphasis
remap='I'>LOGIN</emphasis>.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
<command>faillog</command> only prints out users with no successful
login since the last failure. To print out a user who has had a
successful login since their last failure, you must explicitly request
the user with the <option>-u</option> flag, or print out all users
with the <option>-a</option> flag.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/var/log/faillog</filename></term>
<listitem>failure logging file</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>faillog</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

6
man/fr/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/fr
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

127
man/gpasswd.1.xml Normal file
View File

@@ -0,0 +1,127 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='gpasswd1'>
<!-- $Id: gpasswd.1.xml,v 1.7 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>gpasswd</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>gpasswd</refname>
<refpurpose>administer the /etc/group file</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='plain'>
<replaceable>group</replaceable>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='plain'>-a <replaceable>user</replaceable></arg>
<arg choice='plain'><replaceable>group</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='plain'>-d <replaceable>user</replaceable></arg>
<arg choice='plain'><replaceable>group</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='plain'>-R <replaceable>group</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='plain'>-r <replaceable>group</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>gpasswd</command>
<arg choice='opt' rep='repeat'>-A <replaceable>user,</replaceable></arg>
<arg choice='opt' rep='repeat'>-M <replaceable>user,</replaceable></arg>
<arg choice='plain'><replaceable>group</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>gpasswd</command> is used to administer the
<filename>/etc/group</filename> file (and
<filename>/etc/gshadow</filename> file if compiled with SHADOWGRP
defined). Every group can have administrators, members and a password.
System administrator can use <option>-A</option> option to define
group administrator(s) and <option>-M</option> option to define
members and has all rights of group administrators and members.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
Group administrator can add and delete users using <option>-a</option>
and <option>-d</option> options respectively. Administrators can use
<option>-r</option> option to remove group password. When no password
is set only group members can use <command>newgrp</command> to join
the group. Option <option>-R</option> disables access via a password
to the group through <command>newgrp</coamand> command (however
members will still be able to switch to this group).
</para>
<para><command>gpasswd</command> called by a group administrator with
group name only prompts for the group password. If password is set the
members can still <citerefentry>
<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
</citerefentry> without a password, non-members must supply the password.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Rafal Maszkowski &lt;rzm@pdi.net&gt;</para>
</refsect1>
</refentry>

150
man/groupadd.8.xml Normal file
View File

@@ -0,0 +1,150 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='groupadd.8'>
<!-- $Id: groupadd.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>groupadd</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>groupadd</refname>
<refpurpose>Create a new group</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>groupadd</command>
<arg choice='opt'>
<arg choice='plain'>-g <replaceable>gid</replaceable></arg>
<arg choice='opt'>-o </arg>
</arg>
<arg choice='opt'>-f </arg>
<arg choice='plain'>
<replaceable>group</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>The <command>groupadd</command> command creates a new group
account using the values specified on the command line and the default
values from the system. The new group will be entered into the system
files as needed.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>groupadd</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-f</option>
</term>
<listitem>
<para>This option causes to just exit with success status if the
specified group already exists. With <option>-g</option>, if
specified gid already exists, other (unique) gid is chosen (i.e.
<option>-g</option> is turned off).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option> <replaceable>gid</replaceable>
</term>
<listitem>
<para>The numerical value of the group's ID. This value must be
unique, unless the <option>-o</option> option is used. The value
must be non-negative. The default is to use the smallest ID
value greater than 999 and greater than every other group.
Values between 0 and 999 are typically reserved for system
accounts.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>groupadd</command> command exits with the
following values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>2</literal> - invalid command syntax
<!-- .br -->
<literal>3</literal> - invalid argument to option
<!-- .br -->
<literal>4</literal> - gid not unique (when -o not
used) <!-- .br -->
<literal>9</literal> - group name not unique
<!-- .br -->
<literal>10</literal> - can't update group file
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

117
man/groupdel.8.xml Normal file
View File

@@ -0,0 +1,117 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='groupdel.8'>
<!-- $Id: groupdel.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>groupdel</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>groupdel</refname>
<refpurpose>Delete a group</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>groupdel</command>
<arg choice='plain'>
<replaceable>group</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para> The <command>groupdel</command> command modifies the system
account files, deleting all entries that refer to <emphasis
remap='I'>group</emphasis>. The named group must exist.
</para>
<para>You must manually check all filesystems to insure that no files
remain with the named group as the file group ID.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>You may not remove the primary group of any existing user. You
must remove the user before you remove the group.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>groupdel</command> command exits with the
following values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>2</literal> - invalid command syntax
<!-- .br -->
<literal>6</literal> - specified group doesn't exist
<!-- .br -->
<literal>8</literal> - can't remove user's primary
group <!-- .br -->
<literal>10</literal> - can't update group file
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

153
man/groupmems.8.xml Normal file
View File

@@ -0,0 +1,153 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='groupmems.8'>
<!-- $Id: groupmems.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>groupmems</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>groupmems</refname>
<refpurpose>Administer members of a user's primary group</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>groupmems</command>
<group choice='plain'>
<arg choice='plain'>-a <replaceable>user_name</replaceable></arg>
<arg choice='plain'>-d <replaceable>user_name</replaceable></arg>
<arg choice='plain'>-l </arg><arg choice='plain'>-D </arg>
<arg choice='opt'>-g <replaceable>group_name</replaceable></arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <command>groupmems</command> utility allows a user to administer
his/her own group membership list without the requirement of super
user privileges. The <command>groupmems</command> utility is for
systems that configure its users to be in their own name sake primary
group (i.e., guest / guest).
</para>
<para>Only the super user, as administrator, can use
<command>groupmems</command> to alter the memberships of other groups.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>groupmems</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term><option>-a</option> <replaceable>user_name</replaceable></term>
<listitem>
<para>Add a new user to the group membership list.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-d</option> <replaceable>user_name</replaceable></term>
<listitem>
<para>Delete a user from the group membership list.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-D</option></term>
<listitem>
<para>Delete all users from the group membership list.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-g</option> <replaceable>group_name</replaceable></term>
<listitem>
<para>The super user can specify which group membership
list to modify.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-l</option></term>
<listitem>
<para>List the group membership list.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='setup'>
<title>SETUP</title>
<para>
The <command>groupmems</command> executable should be in mode
<literal>2770</literal> as user <emphasis remap='B'>root</emphasis>
and in group <emphasis remap='B'>groups</emphasis>. The system
administrator can add users to group groups to allow or disallow them
using the <command>groupmems</command> utility to manage their own
group membership list.
</para>
<para> $ groupadd -r groups
<!-- .br -->
$ chmod 2770 groupmems
<!-- .br -->
$ chown root.groups groupmems
<!-- .br -->
$ groupmems -g groups -a gk4
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>George Kraft IV (gk4@us.ibm.com)</para>
</refsect1>
</refentry>

145
man/groupmod.8.xml Normal file
View File

@@ -0,0 +1,145 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='groupmod.8'>
<!-- $Id: groupmod.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>groupmod</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>groupmod</refname>
<refpurpose>modify a group</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>groupmod</command>
<arg choice='opt'>
<arg choice='plain'>-g <replaceable>gid</replaceable></arg>
<arg choice='opt'>-o </arg>
</arg>
<arg choice='opt'>-n <replaceable>new_group_name</replaceable></arg>
<arg choice='plain'><replaceable>group</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <command>groupmod</command> command modifies the system account
files to reflect the changes that are specified on the command line.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>groupmod</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-g</option> <replaceable>gid</replaceable>
</term>
<listitem>
<para>The numerical value of the group's ID. This value must be
unique, unless the <option>-o</option> option is used. The value
must be non-negative. Values between 0 and 999 are typically
reserved for system groups. Any files which the old group ID is
the file group ID must have the file group ID changed manually.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-n</option> <replaceable>new_group_name</replaceable></term>
<listitem>
<para> The name of the group will be changed from <emphasis
remap='I'>group</emphasis> to <emphasis
remap='I'>new_group_name</emphasis>.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>groupmod</command> command exits with the
following values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>2</literal> - bad command syntax
<!-- .br -->
<literal>3</literal> - invalid argument to option
<!-- .br -->
<literal>4</literal> - gid already in use (and no -o)
<!-- .br -->
<literal>6</literal> - specified group doesn't exist
<!-- .br -->
<literal>9</literal> - group name already in use
<!-- .br -->
<literal>10</literal> - can't update group file
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

78
man/groups.1.xml Normal file
View File

@@ -0,0 +1,78 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='groups.1'>
<!-- $Id: groups.1.xml,v 1.7 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>groups</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>groups</refname>
<refpurpose>display current group names</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>groups</command>
<arg choice='opt'>
<replaceable>user</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>groups</command> displays the current group names or ID
values. If the value does not have a corresponding entry in
<filename>/etc/group</filename>, the value will be displayed as the
numerical group value. The optional <emphasis
remap='I'>user</emphasis> parameter will display the groups for the
named <emphasis remap='I'>user</emphasis>.
</para>
</refsect1>
<refsect1 id='note'>
<title>NOTE</title>
<para>Systems which do not support concurrent group sets will have the
information from <filename>/etc/group</filename> reported. The user
must use <command>newgrp</coamand> or <command>sg</coamand> to change
their current real and effective group ID.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

150
man/grpck.8.xml Normal file
View File

@@ -0,0 +1,150 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='grpck.8'>
<!-- $Id: grpck.8.xml,v 1.6 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>grpck</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>grpck</refname>
<refpurpose>verify integrity of group files</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>grpck</command> <arg choice='opt'>-r </arg>
<arg choice='opt'>
<arg choice='plain'><replaceable>group</replaceable></arg>
<arg choice='plain'><replaceable>shadow</replaceable></arg>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>grpck</command> verifies the integrity of the system
authentication information. All entries in the
<filename>/etc/group</filename> and <filename>/etc/gshadow</filename>
are checked to see that the entry has the proper format and valid data
in each field. The user is prompted to delete entries that are
improperly formatted or which have other incorrectable errors.
</para>
<para>Checks are made to verify that each entry has:</para>
<!-- .in +.5i -->
<para>- the correct number of fields
<!-- .br -->
- a unique group name
<!-- .br -->
- a valid list of members and administrators
</para>
<!-- .in \-.5i -->
<para>The checks for correct number of fields and unique group name are
fatal. If the entry has the wrong number of fields, the user will be
prompted to delete the entire line. If the user does not answer
affirmatively, all further checks are bypassed. An entry with a
duplicated group name is prompted for deletion, but the remaining
checks will still be made. All other errors are warnings and the user
is encouraged to run the <command>groupmod</coamand> command to
correct the error.
</para>
<para>The commands which operate on the <filename>/etc/group</filename>
file are not able to alter corrupted or duplicated entries.
<command>grpck</command> should be used in those circumstances to
remove the offending entry.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
By default, <command>grpck</command> operates on the files
<filename>/etc/group</filename> and <filename>/etc/gshadow</filename>.
The user may select alternate files with the <emphasis
remap='I'>group</emphasis> and <emphasis remap='I'>shadow</emphasis>
parameters. Additionally, the user may execute the command in
read-only mode by specifying the <option>-r</option> flag. This causes
all questions regarding changes to be answered <emphasis
remap='B'>no</emphasis> without user intervention.
<command>grpck</command> can also sort entries in
<filename>/etc/group</filename> and <filename>/etc/gshadow</filename>
by GID. To run it in sort mode pass it <option>-s</option> flag. No
checks are performed then, it just sorts.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>grpck</command> command exits with the
following values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>1</literal> - syntax Error
<!-- .br -->
<literal>2</literal> - one or more bad group entries
<!-- .br -->
<literal>3</literal> - can't open group files
<!-- .br -->
<literal>4</literal> - can't lock group files
<!-- .br -->
<literal>5</literal> - can't update group files
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

87
man/gshadow.5.xml Normal file
View File

@@ -0,0 +1,87 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='gshadow.5'>
<!-- $Id: gshadow.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>gshadow</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>gshadow</refname>
<refpurpose>shadowed group file</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='I'>gshadow</emphasis> contains the shadowed
information for group accounts. It contains lines with the folowing
colon-separated fields:
</para>
<para>Group name</para>
<para>Encrypted password</para>
<para>Comma-separated list of group administrators</para>
<para>Comma-separated list of group members.</para>
<para>The group name and password fields must be filled. The encryped
password consists of 13 characters from the 64-character alphabet a
thru z, A thru Z, 0 thru 9, \. and /. Refer to <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry> for details on how this string is interpreted. If the
password field contains some string that is not valid result of
<citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>, for instance ! or *, the user will not be able to use
a unix password to log in, subject to <citerefentry>
<refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum>
</citerefentry>.
</para>
<para>This information supercedes any password present in
<filename>/etc/group</filename>.
</para>
<para>This file must not be readable by regular users if password
security is to be maintained.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>secure group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>gpasswd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>newgrp</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Nicolas FRANCOIS</para>
</refsect1>
</refentry>

6
man/hu/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/hu
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

68
man/id.1.xml Normal file
View File

@@ -0,0 +1,68 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='id.1'>
<!-- $Id: id.1.xml,v 1.6 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>id</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>id</refname>
<refpurpose>Display current user and group ID names</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>id</command> <arg choice='opt'>-a </arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>id</command> displays the current real and effective user and
group ID names or values. If the value does not have a corresponding
entry in <filename>/etc/passwd</filename> or
<filename>/etc/group</filename>, the value will be displayed without
the corresponding name. The optional <option>-a</option> flag will
display the group set on systems which support multiple concurrent
group membership.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>getgid</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getgroups</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getuid</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

6
man/id/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/id
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/it/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/it
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/ja/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/ja
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/ko/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/ko
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

125
man/lastlog.8.xml Normal file
View File

@@ -0,0 +1,125 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='lastlog.8'>
<!-- $Id: lastlog.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>lastlog</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>lastlog</refname>
<refpurpose>examine lastlog file</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>lastlog</command>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>lastlog</command> formats and prints the contents of the last
login log <filename>/var/log/lastlog</filename> file. The <emphasis
remap='B'> login-name</emphasis>, <emphasis remap='B'>port</emphasis>,
and <emphasis remap='B'>last login time</emphasis> will be printed.
The default (no flags) causes lastlog entries to be printed, sorted by
their order in <filename>/etc/passwd</filename>.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The options which apply to the <command>lastlog</command>
command are:
</term>
</varlistentry>
</variablelist>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-h</option>, <option>--help</option>
</term>
<listitem>
<para>Print help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-t</option>, <option>--time</option> <replaceable>
DAYS
</replaceable>
</term>
<listitem>
<para>
Print the lastlog records more recent than <emphasis remap='I'>
DAYS
</emphasis>
.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-u</option>, <option>--user</option> <replaceable>
LOGIN
</replaceable>
</term>
<listitem>
<para> Print the lastlog record for user with specified <emphasis
remap='I'> LOGIN</emphasis>only.
</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist remap='TP'>
<varlistentry>
<term>
The <option>-t</option> flag overrides the use of <option>-u</option>.
</term>
<listitem>
<para></para> <!-- FIXME: blank list item -->
</listitem>
</varlistentry>
</variablelist>
<para> If the user has never logged in the message <emphasis
remap='B'>"**Never logged in**" </emphasis> will be displayed instead
of the port and time.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/var/log/lastlog</filename></term>
<listitem>lastlog logging file</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>Large gaps in uid numbers will cause the lastlog program to run
longer with no output to the screen (i.e. if mmdf=800 and last
uid=170, program will appear to hang as it processes uid 171-799).
</para>
</refsect1>
<refsect1 id='authors'>
<title>AUTHORS</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)
<!-- .br -->
Phillip Street
</para>
</refsect1>
</refentry>

144
man/limits.5.xml Normal file
View File

@@ -0,0 +1,144 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='limits5'>
<!-- $Id: limits.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>LIMITS</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>limits</refname>
<refpurpose>Resource limits definition</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <emphasis remap='I'>limits</emphasis> file (/etc/limits by
default or LIMITS_FILE defined
config.h) describes the resource limits you wish to impose. It
should be
owned by root and readable by root account only.
</para>
<para>By default no quotas are imposed on 'root'. In fact, there is no
way to impose
limits via this procedure to root-equiv accounts (accounts with UID
0).
</para>
<para>Each line describes a limit for a user in the form:</para>
<para>
<emphasis remap='I'>user LIMITS_STRING</emphasis>
</para>
<para>
The <emphasis remap='B'>LIMITS_STRING</emphasis> is a string of a
concatenated list of resource limits.
Each limit consists of a letter identifier followed by a numerical
limit.
</para>
<para>The valid identifiers are:</para>
<para>A: max address space (KB)
<!-- .br -->
C: max core file size (KB)
<!-- .br -->
D: max data size (KB)
<!-- .br -->
F: maximum filesize (KB)
<!-- .br -->
M: max locked-in-memory address space (KB)
<!-- .br -->
N: max number of open files
<!-- .br -->
R: max resident set size (KB)
<!-- .br -->
S: max stack size (KB)
<!-- .br -->
T: max CPU time (MIN)
<!-- .br -->
U: max number of processes
<!-- .br -->
K: file creation mask, set by
<citerefentry>
<refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>
.
<!-- .br -->
L: max number of logins for this user
<!-- .br -->
P: process priority, set by
<citerefentry>
<refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>
.
</para>
<para> For example, <emphasis remap='I'>L2D2048N5</emphasis> is a valid
<emphasis remap='B'>LIMITS_STRING </emphasis>. For reading
convenience, the following entries are equivalent:
</para>
<para>username L2D2048N5
<!-- .br -->
username L2 D2048 N5
</para>
<para> Be aware that after <emphasis remap='I'>username</emphasis> the
rest of the line is considered a limit string, thus comments are not
allowed. A invalid limits string will be rejected (not considered) by
the login program.
</para>
<para> The default entry is denoted by username "<emphasis
remap='B'>*</emphasis>". If you have multiple <emphasis
remap='I'>default</emphasis> entries in your <emphasis
remap='B'>LIMITS_FILE</emphasis>, then the last one will be used as
the default entry.
</para>
<para>To completely disable limits for a user, a single dash "<emphasis
remap='B'>-</emphasis> "will do.
</para>
<para>Also, please note that all limit settings are set PER LOGIN. They
are not global, nor are they permanent. Perhaps global limits will
come, but for now this will have to do ;)
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/limits</filename></term>
<listitem></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Cristian Gafton (gafton@sorosis.ro)</para>
</refsect1>
</refentry>

4
man/login.1
View File

@@ -1,4 +1,4 @@
.\" $Id: login.1,v 1.23 2005/04/12 16:31:06 kloczek Exp $
.\" $Id: login.1,v 1.24 2005/04/26 12:38:53 kloczek Exp $
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
@@ -37,7 +37,7 @@ login \- begin session on the system
.SH DESCRIPTION
\fBlogin\fR is used to establish a new session with the system. It is
normally invoked automatically by responding to the \fIlogin:\fR prompt on
the user\'s terminal. fBlogin\fR may be special to the shell and may not be
the user\'s terminal. \fBlogin\fR may be special to the shell and may not be
invoked as a sub\-process. Typically, \fBlogin\fR is treated by the shell as
\fBexec login\fR which causes the user to exit from the current shell.
Attempting to execute \fBlogin\fR from any shell but the login shell will

216
man/login.1.xml Normal file
View File

@@ -0,0 +1,216 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='login.1'>
<!-- $Id: login.1.xml,v 1.6 2005/04/26 12:45:50 kloczek Exp $ -->
<refmeta>
<refentrytitle>LOGIN</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>login</refname>
<refpurpose>begin session on the system</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>login</command>
<arg choice='opt'>-p </arg>
<arg choice='opt'>
<replaceable>username</replaceable></arg>
<arg choice='opt' rep='repeat'> <replaceable>ENV=VAR</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>login</command>
<arg choice='opt'>-p </arg>
<arg choice='opt'>-h <replaceable>host</replaceable></arg>
<arg choice='opt'>-f <replaceable>username</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>login</command>
<arg choice='opt'>-p </arg>
<arg choice='plain'>-r <replaceable>host</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>login</command> is used to establish a new session with the
system. It is normally invoked automatically by responding to the
<emphasis remap='I'>login:</emphasis> prompt on the user&acute;s
terminal. <command>login</command> may be special to the shell and may
not be invoked as a sub-process. Typically, <command>login</command>
is treated by the shell as <emphasis remap='B'>exec login</emphasis>
which causes the user to exit from the current shell. Attempting to
execute <command>login</command> from any shell but the login shell
will produce an error message.
</para>
<para>The user is then prompted for a password, where appropriate.
Echoing is disabled to prevent revealing the password. Only a small
number of password failures are permitted before
<command>login</command> exits and the communications link is severed.
</para>
<para>If password aging has been enabled for your account, you may be
prompted for a new password before proceeding. You will be forced to
provide your old password and the new password before continuing.
Please refer to <citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry> for more information.
</para>
<para>After a successful login, you will be informed of any system
messages and the presence of mail. You may turn off the printing of
the system message file, <filename>/etc/motd</filename>, by creating a
zero-length file <markup>.hushlogin</markup> in your login directory.
The mail message will be one of "<emphasis remap='B'>You have new
mail.</emphasis> ", "<emphasis remap='B'>You have mail.</emphasis>",
or "<emphasis remap='B'>No Mail.</emphasis> "according to the
condition of your mailbox.
</para>
<para>Your user and group ID will be set according to their values in
the <filename>/etc/passwd</filename> file. The value for <emphasis
remap='B'>$HOME</emphasis>, <emphasis remap='B'>$SHELL</emphasis>,
<emphasis remap='B'>$PATH</emphasis>, <emphasis remap='B'>$LOGNAME</emphasis>,
and <emphasis remap='B'>$MAIL</emphasis> are set according to the
appropriate fields in the password entry. Ulimit, umask and nice
values may also be set according to entries in the GECOS field.
</para>
<para>On some installations, the environmental variable <emphasis
remap='B'>$TERM</emphasis> will be initialized to the terminal type on
your tty line, as specified in <filename>/etc/ttytype</filename>.
</para>
<para>An initialization script for your command interpreter may also be
executed. Please see the appropriate manual section for more
information on
this function.
</para>
<para>A subsystem login is indicated by the presence of a "*" as the
first character of the login shell. The given home directory will be
used as the root of a new file system which the user is actually
logged into.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-f</option>
</term>
<listitem>
<para>Do not perform authentication, user is preauthenticated.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-h</option>
</term>
<listitem>
<para>Name of the remote host for this login.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-p</option>
</term>
<listitem>
<para>Preserve environment.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-r</option>
</term>
<listitem>
<para>Perform autologin protocol for rlogin.</para>
</listitem>
</varlistentry>
</variablelist>
<para>The <option>-r</option>, <option>-h</option> and
<option>-f</option> options are only used when
<command>login</command> is invoked by root.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
This version of <command>login</command> has many compilation options,
only some of which may be in use at any particular site.
</para>
<para>The location of files is subject to differences in system
configuration.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<para>
<filename>/var/run/utmp</filename> - list of current login
sessions <!-- .br -->
<filename>/var/log/wtmp</filename> - list of previous login
sessions
<!-- .br -->
<filename>/etc/passwd</filename> - user account information
<!-- .br -->
<filename>/etc/shadow</filename> - secure user account information
<!-- .br -->
<filename>/etc/motd</filename> - system message file
<!-- .br -->
<filename>/etc/nologin</filename> - prevent non-root users from
logging in
<!-- .br -->
<filename>/etc/ttytype</filename> - list of terminal types
<!-- .br -->
<emphasis remap='I'>$HOME/.hushlogin</emphasis> - suppress printing
of system messages
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>mail</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>nologin</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>getty</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

104
man/login.access.5.xml Normal file
View File

@@ -0,0 +1,104 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='loginaccess5'>
<!-- $Id: login.access.5.xml,v 1.4 2005/04/22 07:00:57 kloczek Exp $ -->
<!-- this is comment -->
<refmeta>
<refentrytitle>LOGIN.ACCESS</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>login.access</refname>
<refpurpose>Login access control table</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <emphasis remap='I'>login.access</emphasis> file specifies
(user, host) combinations and/or
(user, tty) combinations for which a login will be either accepted
or
refused.
</para>
<para>
When someone logs in, the <emphasis remap='I'>login.access</emphasis> is
scanned for the first entry
that matches the (user, host) combination, or, in case of
non-networked
logins, the first entry that matches the (user, tty) combination.
The
permissions field of that table entry determines whether the login
will be
accepted or refused.
</para>
<para>Each line of the login access control table has three fields
separated by a
":" character:
</para>
<para>
<emphasis remap='I'>permission</emphasis>:<emphasis remap='I'>users</emphasis>:<emphasis remap='I'>
origins
</emphasis>
</para>
<para>
The first field should be a "<emphasis remap='B'>+</emphasis>"
(access granted) or "<emphasis remap='B'>-</emphasis>" (access
denied) character. The second field should be a list of one or more
login
names, group names, or <emphasis remap='B'>ALL</emphasis> (always
matches). The third field should be
a list of one or more tty names (for non-networked logins), host
names,
domain names (begin with "<literal>.</literal>"), host addresses,
internet network
numbers (end with "<literal>.</literal>"), <emphasis remap='B'>ALL</emphasis> (always matches) or <emphasis remap='B'>
LOCAL
</emphasis>
(matches any string that does not contain a "<literal>.</literal>"
character). If you run
NIS you can use @netgroupname in host or user patterns.
</para>
<para>
The <emphasis remap='B'>EXCEPT</emphasis> operator makes it
possible to write very compact rules.
</para>
<para>The group file is searched only when a name does not match that
of the
logged-in user. Only groups are matched in which users are
explicitly
listed: the program does not look at a user's primary group id
value.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<para>
<filename>/etc/loginn.defs</filename> - shadow password suite
configuration
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Guido van Rooij</para>
</refsect1>
</refentry>

6
man/login.defs.5
View File

@@ -1,4 +1,4 @@
.\" $Id: login.defs.5,v 1.15 2005/04/05 18:47:50 kloczek Exp $
.\" $Id: login.defs.5,v 1.17 2005/04/26 12:16:36 kloczek Exp $
.\" Copyright 1991 - 1993, Julianne Frances Haugh and Chip Rosenthal
.\" All rights reserved.
.\"
@@ -57,8 +57,8 @@ If \fIyes\fR, the \fBchfn\fR and \fBchsh\fR programs will require
authentication before making any changes, unless run by the superuser.
.\"
.IP "CHFN_RESTRICT (string)"
This parameter specifies which values in the fIgecos\fR field of the
\fI/etc/passwd\fR file may be changed by regular users using the fBchfn\fR
This parameter specifies which values in the \fIgecos\fR field of the
\fI/etc/passwd\fR file may be changed by regular users using the \fBchfn\fR
program. It can be any combination of letters \fIf\fR, \fIr\fR, \fIw\fR,
\fIh\fR, for Full name, Room number, Work phone, and Home phone,
respectively. For backward compatibility, "yes" is equivalent to "rwh" and

285
man/login.defs.5.xml Normal file
View File

@@ -0,0 +1,285 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='login.defs.5'>
<!-- $Id: login.defs.5.xml,v 1.6 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>login.defs</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>/etc/login.defs</refname>
<refpurpose>shadow password suite configuration</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>The <filename>/etc/login.defs</filename> file defines the
site-specific configuration for the shadow password suite. This file
is required. Absence of this file will not prevent system operation,
but will probably result in undesirable operation.
</para>
<para>This file is a readable text file, each line of the file
describing one configuration parameter. The lines consist of a
configuration name and value, separated by whitespace. Blank lines and
comment lines are ignored. Comments are introduced with a `#' pound
sign and the pound sign must be the first non-white character of the
line.
</para>
<para>Parameter values may be of four types: strings, booleans,
numbers, and long numbers. A string is comprised of any printable
characters. A boolean should be either the value &ldquo;yes&rdquo; or
&ldquo;no&rdquo;. An undefined boolean parameter or one with a value
other than these will be given a &ldquo;no&rdquo; value. Numbers (both
regular and long) may be either decimal values, octal values (precede
the value with &ldquo;0&rdquo;) or hexadecimal values (precede the
value with &ldquo;0x&rdquo;). The maximum value of the regular and
long numeric parameters is machine-dependent.
</para>
<para>The following configuration items are provided:</para>
<variablelist remap='IP'>
<varlistentry>
<term>CHFN_AUTH (boolean)</term>
<listitem>
<para> If <emphasis remap='I'>yes</emphasis>, the
<command>chfn</coamand> and <command>chsh</coamand> programs
will require authentication before making any changes, unless
run by the superuser.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>CHFN_RESTRICT (string)</term>
<listitem>
<para>This parameter specifies which values in the <emphasis
remap='I'>gecos</emphasis> field of the
<filename>/etc/passwd</filename> file may be changed by regular
users using the <command>chfn</command> program. It can be any
combination of letters <emphasis remap='I'>f</emphasis>
,<emphasis remap='I'>r</emphasis>, <emphasis remap='I'>w</emphasis>,
<emphasis remap='I'>h</emphasis>, for Full name, Room number,
Work phone, and Home phone, respectively. For backward
compatibility, "yes" is equivalent to "rwh" and "no" is
equivalent to "frwh". If not specified, only the superuser can
make any changes. The most restrictive setting is better
achieved by not installing chfn SUID.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>CREATE_HOME (boolean)</term>
<listitem>
<para>This defines whether useradd should create home directories
for users by default. This option is OR'ed with the
<option>-m</option> flag on useradd command line.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>GID_MAX (number)</term>
<term>GID_MIN (number)</term>
<listitem>
<para>
Range of group IDs to choose from for the
<command>useradd</coamand> and
<command>groupadd</coamand>programs.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>MAIL_DIR (string)</term>
<listitem>
<para>The mail spool directory. This is needed to manipulate the
mailbox when its corresponding user account is modified or
deleted. If not specified, a compile-time default is used.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>PASS_MAX_DAYS (number)</term>
<listitem>
<para>The maximum number of days a password may be used. If the
password is older than this, a password change will be forced.
If not specified, -1 will be assumed (which disables the
restriction).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>PASS_MIN_DAYS (number)</term>
<listitem>
<para>The minimum number of days allowed between password changes.
Any password changes attempted sooner than this will be
rejected. If not specified, -1 will be assumed (which disables
the restriction).
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>PASS_WARN_AGE (number)</term>
<listitem>
<para>The number of days warning given before a password expires.
A zero means warning is given only upon the day of expiration, a
negative value means no warning is given. If not specified, no
warning will be provided.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>PASS_MAX_DAYS, PASS_MIN_DAYS and PASS_WARN_AGE are only used at
the time of account creation. Any changes to these settings won't
affect existing accounts.
</para>
<variablelist remap='IP'>
<varlistentry>
<term>UID_MAX (number)</term>
<term>UID_MIN (number)</term>
<listitem>
<para>
Range of user IDs to choose from for the
<command>useradd</coamand> program.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>UMASK (number)</term>
<listitem>
<para>The permission mask is initialized to this value. If not
specified, the permission mask will be initialized to 077.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>USERDEL_CMD (string)</term>
<listitem>
<para>If defined, this command is run when removing a user. It
should remove any at/cron/print jobs etc. owned by the user to
be removed (passed as the first argument).
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='cross_reference'>
<title>CROSS REFERENCE</title>
<para>The following cross reference shows which programs in the shadow
password suite use which parameters.
</para>
<!-- .na -->
<variablelist remap='IP'>
<varlistentry>
<term>chfn</term>
<listitem>
<para>CHFN_AUTH CHFN_RESTRICT</para>
</listitem>
</varlistentry>
<varlistentry>
<term>chsh</term>
<listitem>
<para>CHFN_AUTH</para>
</listitem>
</varlistentry>
<varlistentry>
<term>groupadd</term>
<listitem>
<para>GID_MAX GID_MIN</para>
</listitem>
</varlistentry>
<varlistentry>
<term>newusers</term>
<listitem>
<para>PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
UMASK
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>pwconv</term>
<listitem>
<para>PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE</para>
</listitem>
</varlistentry>
<varlistentry>
<term>useradd</term>
<listitem>
<para>CREATE_HOME
GID_MAX GID_MIN
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
UID_MAX UID_MIN
UMASK
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>userdel</term>
<listitem>
<para>MAIL_DIR
USERDEL_CMD
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>usermod</term>
<listitem>
<para>MAIL_DIR</para>
<!-- .ad -->
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='bugs'>
<title>BUGS</title>
<para>Much of the functionality that used to be provided by the shadow
password suite is now handled by PAM. Thus,
<filename>/etc/login.defs</filename> is no longer used by programs
such as:
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>.
Please refer to the corresponding PAM configuration files instead.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='authors'>
<title>AUTHORS</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com) Chip Rosenthal (chip@unicom.com)
</para>
</refsect1>
</refentry>

78
man/logoutd.8.xml Normal file
View File

@@ -0,0 +1,78 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='logoutd8'>
<!-- $Id: logoutd.8.xml,v 1.4 2005/04/22 07:00:57 kloczek Exp $ -->
<!-- Copyright 1991, Julianne Frances Haugh -->
<!-- All rights reserved. -->
<!-- Redistribution and use in source and binary forms, with or without -->
<!-- modification, are permitted provided that the following conditions -->
<!-- are met: -->
<!-- 1. Redistributions of source code must retain the above copyright -->
<!-- notice, this list of conditions and the following disclaimer. -->
<!-- 2. Redistributions in binary form must reproduce the above copyright -->
<!-- notice, this list of conditions and the following disclaimer in the -->
<!-- documentation and/or other materials provided with the distribution. -->
<!-- 3. Neither the name of Julianne F. Haugh nor the names of its contributors -->
<!-- may be used to endorse or promote products derived from this software -->
<!-- without specific prior written permission. -->
<!-- THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND -->
<!-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -->
<!-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -->
<!-- ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE -->
<!-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -->
<!-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -->
<!-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -->
<!-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -->
<!-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -->
<!-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -->
<!-- SUCH DAMAGE. -->
<refmeta>
<refentrytitle>LOGOUTD</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>logoutd</refname>
<refpurpose>Enforce login time restrictions</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>logoutd</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>logoutd</command> enforces the login time and port
restrictions specified in
<filename>/etc/porttime</filename>. <command>logoutd</command>
should be started from <filename>/etc/rc</filename>.
The <filename>/var/run/utmp</filename> file is scanned periodically
and each user name
is checked to see if the named user is permitted on the named port
at the current time.
Any login session which is violating the restrictions in <filename>
/etc/porttime
</filename>
is terminated.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<para>
<filename>/etc/porttime</filename> - login and port permissions
<!-- .br -->
<filename>/var/run/utmp</filename> - current login sessions
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

114
man/mkpasswd.8.xml Normal file
View File

@@ -0,0 +1,114 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='mkpasswd8'>
<!-- $Id: mkpasswd.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>mkpasswd</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>mkpasswd</refname>
<refpurpose>Update passwd and group database files</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>mkpasswd</command>
<arg choice='opt'>-fvgps </arg>
<arg choice='plain'><replaceable>file</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>mkpasswd</command> reads the file in the format given by the
flags and converts it to the corresponding database file format. These
database files are used to improve access performance on systems with
large numbers of users. The output files will be named <emphasis
remap='I'>file</emphasis>.dir and <emphasis
remap='I'>file</emphasis>.pag.
</para>
<para>The <option>-f</option> option causes <command>mkpasswd</command>
to ignore any existing output files and overwrite them. Normally
<command>mkpasswd</command> complains about existing output files and
quits.
</para>
<para>The <option>-v</option> option causes <command>mkpasswd</command>
to output information about each record as it is converted, with a
final message at the very end.
</para>
<para>The <option>-g</option> option treats the input file as though it
were in <filename>/etc/group</filename> file format. When combined
with the <option>-s</option> option, the
<filename>/etc/gshadow</filename> file format is used instead.
</para>
<para>The <option>-p</option> option treats the input file as though it
were in <filename>/etc/passwd</filename> file format. This is the
default. When combined with the <option>-s</option> option, the
<filename>/etc/shadow</filename> file format is used instead.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>The use of more than one database file is limited to systems which
include the NDBM database library and therefore may not be available
on every system.
</para>
</refsect1>
<refsect1 id='note'>
<title>NOTE</title>
<para>Since most commands are capable of updating the database files as
changes are made, this command need only be used when re-creating a
deleted or corrupted database file.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/gshadow</filename></term>
<listitem>group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

146
man/newusers.8.xml Normal file
View File

@@ -0,0 +1,146 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='newusers8'>
<!-- $Id: newusers.8.xml,v 1.4 2005/04/22 07:00:57 kloczek Exp $ -->
<!-- Copyright 1991 \- 1994, Julianne Frances Haugh -->
<!-- All rights reserved. -->
<!-- Redistribution and use in source and binary forms, with or without -->
<!-- modification, are permitted provided that the following conditions -->
<!-- are met: -->
<!-- 1. Redistributions of source code must retain the above copyright -->
<!-- notice, this list of conditions and the following disclaimer. -->
<!-- 2. Redistributions in binary form must reproduce the above copyright -->
<!-- notice, this list of conditions and the following disclaimer in the -->
<!-- documentation and/or other materials provided with the distribution. -->
<!-- 3. Neither the name of Julianne F. Haugh nor the names of its contributors -->
<!-- may be used to endorse or promote products derived from this software -->
<!-- without specific prior written permission. -->
<!-- THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND -->
<!-- ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -->
<!-- IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -->
<!-- ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE -->
<!-- FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -->
<!-- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -->
<!-- OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -->
<!-- HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -->
<!-- LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -->
<!-- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -->
<!-- SUCH DAMAGE. -->
<refmeta>
<refentrytitle>NEWUSERS</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>newusers</refname>
<refpurpose>update and create new users in batch</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>newusers</command>
<arg choice='opt'>
<replaceable>new_users</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>newusers</command> reads a file of user name and
clear-text password pairs and
uses this information to update a group of existing users or to
create new
users. Each line is in the same format as the standard password
file (see
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
)with the following exceptions.
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<emphasis remap='I'>pw_passwd</emphasis>
</term>
<listitem>
<para>This field will be encrypted and used as the new
value of the encrypted
password.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='I'>pw_age</emphasis>
</term>
<listitem>
<para>This field will be ignored for shadow passwords if
the user already exists.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='I'>pw_gid</emphasis>
</term>
<listitem>
<para>This field may be the name of an existing group, in
which case the named
user will be added as a member. If a non-existent
numerical group is given,
a new group will be created having this number.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='I'>pw_dir</emphasis>
</term>
<listitem>
<para>This field will be checked for existence as a
directory and a new directory
with the same name will be created if it does not
already exist. The
ownership of the directory will be set to be that of
the user being created
or updated.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>This command is intended to be used in a large system environment
where many
accounts are updated at a single time.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>The input file must be protected since it contains unencrypted
passwords.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>
,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

4
man/passwd.1
View File

@@ -1,4 +1,4 @@
.\" $Id: passwd.1,v 1.24 2005/04/15 19:17:20 kloczek Exp $
.\" $Id: passwd.1,v 1.25 2005/05/09 10:14:40 kloczek Exp $
.\" Copyright 1989 - 1994, Julianne Frances Haugh
.\" All rights reserved.
.\"
@@ -46,7 +46,7 @@ such as the full name of the user, user's login shell, or password expiry
date and interval.
.PP
The \fB\-s\fR option makes \fBpasswd\fR call \fBchsh\fR to change the user's
shell. The \fB\-f\fR option makes passwd call chfn to change the user's
shell. The \fB\-f\fR option makes \fBpasswd\fR call \fBchfn\fR to change the user's
gecos information. These two options are only meant for compatiblity, since
the other programs can be called directly.
.SS Password Changes

311
man/passwd.1.xml Normal file
View File

@@ -0,0 +1,311 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='passwd.1'>
<!-- $Id: passwd.1.xml,v 1.8 2005/05/09 10:14:39 kloczek Exp $ -->
<refmeta>
<refentrytitle>passwd</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>passwd</refname>
<refpurpose>change user password</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>passwd</command>
<group choice='opt'>
<arg choice='plain'>-f </arg><arg choice='plain'>-s </arg>
</group>
<arg choice='opt'>
<replaceable>name</replaceable>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>passwd</command>
<arg choice='opt'>-g </arg>
<group choice='opt'>
<arg choice='plain'>-r </arg>
<arg choice='plain'>-R </arg>
</group>
<arg choice='plain'>
<replaceable>group</replaceable>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>passwd</command>
<arg choice='opt'>-x <replaceable>max</replaceable></arg>
<arg choice='opt'>-n <replaceable>min</replaceable></arg>
<arg choice='opt'>-w <replaceable>warn</replaceable></arg>
<arg choice='opt'>-i <replaceable>inact</replaceable></arg>
<arg choice='plain'><replaceable>login</replaceable>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>passwd</command>
<group choice='opt'>
<arg choice='plain'>-l </arg>
<arg choice='plain'>-u </arg>
<arg choice='plain'>-d </arg>
<arg choice='plain'>-S </arg>
<arg choice='plain'>-e </arg>
</group>
<arg choice='plain'><replaceable>login</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>passwd</command> changes passwords for user and group
accounts. A normal user may only change the password for his/her own
account, the super user may change the password for any account. The
administrator of a group may change the password for the group.
<command>passwd</command> also changes account information, such as
the full name of the user, user's login shell, or password expiry date
and interval.
</para>
<para>The <option>-s</option> option makes <command>passwd</command>
call <command>chsh</coamand> to change the user's shell. The
<option>-f</option> option makes <command>passwd</command> call
<command>chfn</command> to change the user's gecos information. These
two options are only meant for compatiblity, since the other programs
can be called directly.
</para>
<refsect2 id='password_changes'>
<title>Password Changes</title>
<para>The user is first prompted for his/her old password, if one is
present. This password is then encrypted and compared against the
stored password. The user has only one chance to enter the correct
password. The super user is permitted to bypass this step so that
forgotten passwords may be changed.
</para>
<para>After the password has been entered, password aging information
is checked to see if the user is permitted to change the password at
this time. If not, <command>passwd</command> refuses to change the
password and exits.
</para>
<para>The user is then prompted for a replacement password. This
password is tested for complexity. As a general guideline, passwords
should consist of 6 to 8 characters including one or more from each
of following sets:
</para>
<para>Lower case alphabetics</para>
<para>Upper case alphabetics</para>
<para>Digits 0 thru 9</para>
<para>Punctuation marks</para>
<para>Care must be taken not to include the system default erase or
kill characters. <command>passwd</command> will reject any password
which is not suitably complex.
</para>
<para>If the password is accepted, <command>passwd</command> will
prompt again and compare the second entry against the first. Both
entries are required to match in order for the password to be
changed.
</para>
</refsect2>
<refsect2 id='group_passwords'>
<title>Group passwords</title>
<para>
When the <option>-g</option> option is used, the password for the
named group is changed. The user must either be the super user, or a
group administrator for the named group. The current group password
is not prompted for. The <option>-r</option> option is used with the
<option>-g</option> option to remove the current password from the
named group. This allows group access to all members. The
<option>-R</option> option is used with the <option>-g</option>
option to restrict the named group for all users.
</para>
</refsect2>
<refsect2 id='password_expiry_information'>
<title>Password expiry information</title>
<para>The password aging information may be changed by the super user
with the <option>-x</option>, <option>-n</option>,
<option>-w</option>, and <option>-i</option> options. The
<option>-x</option> option is used to set the maximum number of days
a password remains valid. After <emphasis remap='I'>max</emphasis>
days, the password is required to be changed. The
<option>-n</option> option is used to set the minimum number of days
before a password may be changed. The user will not be permitted to
change the password until <emphasis remap='I'>min</emphasis> days
have elapsed. The <option>-w</option> option is used to set the
number of days of warning the user will receive before his/her
password will expire. The warning occurs <emphasis
remap='I'>warn</emphasis> days before the expiration, telling the
user how many days remain until the password is set to expire. The
<option>-i</option> option is used to disable an account after the
password has been expired for a number of days. After a user account
has had an expired password for <emphasis remap='I'>inact</emphasis>
days, the user may no longer sign on to the account.
</para>
<para>If you wish to immediately expire an account's password, you can
use the <option>-e</option> option. This in effect can force a user
to change his/her password at the user's next login. You can also
use the <option>-d</option> option to delete a user's password (make
it empty). Use caution with this option since it can make an account
not require a password at all to login, leaving your system open to
intruders.
</para>
</refsect2>
<refsect2 id='account_maintenance'>
<title>Account maintenance</title>
<para> User accounts may be locked and unlocked with the
<option>-l</option> and <option>-u</option> flags. The
<option>-l</option> option disables an account by changing the
password to a value which matches no possible encrypted value. The
<option>-u</option> option re-enables an account by changing the
password back to its previous value.
</para>
<para>The account status may be viewed with the <option>-S</option>
option. The status information consists of 7 fields. The first
field is the user's login name. The second field indicates if the
user account is locked (L), has no password (NP), or has a usable
password (P). The third field gives the date of the last password
change. The next four fields are the minimum age, maximum age,
warning period, and inactivity period for the password. These ages
are expressed in days. See <emphasis remap='B'>Password expiry
information</emphasis> above for a discussion of these fields.
</para>
</refsect2>
<refsect2 id='hints_for_user_passwords'>
<title>Hints for user passwords</title>
<para>The security of a password depends upon the strength of the
encryption algorithm and the size of the key space. The <emphasis
remap='B'>\s-2UNIX</emphasis> System encryption method is based on
the NBS DES algorithm and is very secure. The size of the key space
depends upon the randomness of the password which is selected.
</para>
<para>Compromises in password security normally result from careless
password selection or handling. For this reason, you should not
select a password which appears in a dictionary or which must be
written down. The password should also not be a proper name, your
license number, birth date, or street address. Any of these may be
used as guesses to violate system security.
</para>
<para>Your password must easily remembered so that you will not be
forced to write it on a piece of paper. This can be accomplished by
appending two small words together and separating each with a
special character or digit. For example, Pass%word.
</para>
<para>Other methods of construction involve selecting an easily
remembered phrase from literature and selecting the first or last
letter from each word. An example of this is
</para>
<para>Ask not for whom the bell tolls.</para>
<para>which produces</para>
<para>An4wtbt.</para>
<para>You may be reasonably sure few crackers will have included this
in their dictionaries. You should, however, select your own methods
for constructing passwords and not rely exclusively on the methods
given here.
</para>
</refsect2>
<refsect2 id='notes_about_group_passwords'>
<title>Notes about group passwords</title>
<para>Group passwords are an inherent security problem since more than
one person is permitted to know the password. However, groups are a
useful tool for permitting co-operation between different users.
</para>
</refsect2>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>Not all options may be supported. Password complexity checking
may vary from site to site. The user is urged to select a password as
complex as he feels comfortable with. Users may not be able to change
their password on a system if NIS is enabled and they are not logged
into the NIS server.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>passwd</command> command exits with the
following values:
</term>
<listitem>
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>1</literal> - permission denied
<!-- .br -->
<literal>2</literal> - invalid combination of options
<!-- .br -->
<literal>3</literal> - unexpected failure, nothing done
<!-- .br -->
<literal>4</literal> - unexpected failure, passwd file
missing
<!-- .br -->
<literal>5</literal> - passwd file busy, try again
later <!-- .br -->
<literal>6</literal> - invalid argument to option
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

123
man/passwd.5.xml Normal file
View File

@@ -0,0 +1,123 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='passwd.5'>
<!-- $Id: passwd.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>passwd</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>passwd</refname>
<refpurpose>The password file</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<filename>/etc/passwd</filename> contains various pieces of
information for each user account. Included is:
</para>
<para>Login name</para>
<para>Optional encrypted password</para>
<para>Numerical user ID</para>
<para>Numerical group ID</para>
<para>User name or comment field</para>
<para>User home directory</para>
<para>User command interpreter</para>
<para>The password field may not be filled if shadow passwords have been
enabled. If shadow passwords are being used, the encrypted password
will be found in <filename>/etc/shadow</filename>. The encrypted
password consists of characters from the 64 characters alphabet a thru
z, A thru Z, 0 thru 9, \. and /. Optionally it can start with a "$"
character. This means the encrypted password was generated using
another (not DES) algorithm. For example if it starts with "$1$" it
means the MD5-based algorithm was used.
</para>
<para> Refer to <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry> for details on how this string is interpreted.
</para>
<para>The comment field is used by various system utilities, such as
<citerefentry>
<refentrytitle>finger</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>. Three additional values may be present in the comment
field. They are:
</para>
<para>pri= - set initial value of nice</para>
<para>umask= - set initial value of umask</para>
<para>ulimit= - set initial value of ulimit</para>
<para>These fields are separated from each other and from any other
comment field by a comma.
</para>
<para>The home directory field provides the name of the initial working
directory. <emphasis remap='B'>Login</emphasis> uses this information
to set the value of the <envar>$HOME</envar> environmental variable.
</para>
<para>The command interpreter field provides the name of the user's
command language interpreter, or the name of the initial program to
execute. <emphasis remap='B'>Login</emphasis> uses this information
to set the value of the <envar>$SHELL</envar> environmental variable.
If this field is empty, it defaults to the value
<filename>/bin/sh</filename>.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

6
man/pl/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/pl
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

102
man/porttime.5.xml Normal file
View File

@@ -0,0 +1,102 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='porttime.5'>
<!-- $Id: porttime.5.xml,v 1.6 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>porttime</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>porttime</refname>
<refpurpose>port access time file</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='I'>porttime</emphasis> contains a list of tty
devices, user names, and permitted login times.
</para>
<para>Each entry consists of three colon separated fields. The first
field is a comma separated list of tty devices, or an asterisk to
indicate that all tty devices are matched by this entry. The second
field is a comma separated list of user names, or an asterisk to
indicated that all user names are matched by this entry. The third
field is a comma separated list of permitted access times.
</para>
<para>Each access time entry consists of zero or more days of the week,
abbreviated <emphasis remap='B'>Su</emphasis>, <emphasis
remap='B'>Mo</emphasis>,<emphasis remap='B'>Tu</emphasis>, <emphasis
remap='B'>We</emphasis>, <emphasis remap='B'>Th</emphasis>, <emphasis
remap='B'>Fr</emphasis>, and <emphasis remap='B'>Sa</emphasis>,
followed by a pair of times separated by a hyphen. The abbreviation
<emphasis remap='B'>Wk</emphasis> may be used to represent Monday thru
Friday, and <emphasis remap='B'>Al</emphasis> may be used to indicate
every day. If no days are given, <emphasis remap='B'>Al</emphasis> is
assumed.
</para>
</refsect1>
<refsect1 id='examples'>
<title>EXAMPLES</title>
<para>
The following entry allows access to user <emphasis
remap='B'>jfh</emphasis> on every port during weekdays from 9am to
5pm.
</para>
<!-- .br -->
<para> *:jfh:Wk0900-1700</para>
<!-- .br -->
<para>The following entries allow access only to the users <emphasis
remap='B'>root</emphasis> and <emphasis remap='B'>oper</emphasis> on
/dev/console at any time. This illustrates how the
<filename>/etc/porttime</filename> file is an ordered list of access
times. Any other user would match the second entry which does not
permit access at any time.
</para>
<!-- .br -->
<para> console:root,oper:Al0000-2400
<!-- .br -->
console:*:
</para>
<!-- .br -->
<para>The following entry allows access for the user <emphasis
remap='B'>games</emphasis> on any port during non-working hours.
</para>
<!-- .br -->
<para> *:games:Wk1700-0900,SaSu0000-2400</para>
<!-- .br -->
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/porttime</filename></term>
<listitem>file containing port access</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

6
man/pt_BR/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/pt_BR
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

244
man/pw_auth.3.xml Normal file
View File

@@ -0,0 +1,244 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='pw_auth.3'>
<!-- $Id: pw_auth.3.xml,v 1.5 2005/04/27 15:43:25 kloczek Exp $ -->
<refmeta>
<refentrytitle>pw_auth</refentrytitle>
<manvolnum>3</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>pwauth</refname>
<refpurpose>administrator defined password authentication routines</refpurpose>
</refnamediv>
<refsect1 id='syntax'>
<title>SYNTAX</title>
<para>
<emphasis remap='B'>#include &lt;pwauth.h&gt;</emphasis>
</para>
<para>
<emphasis remap='B'>int pw_auth (char</emphasis>
<emphasis remap='I'>*command,</emphasis>
<emphasis remap='B'>char</emphasis>
<emphasis remap='I'>*user,</emphasis>
<emphasis remap='B'>int</emphasis>
<emphasis remap='I'>reason,</emphasis>
<emphasis remap='B'>char</emphasis>
<emphasis remap='I'>*input)</emphasis><emphasis remap='B'>;</emphasis>
</para>
</refsect1>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='B'>pw_auth</emphasis>
invokes the administrator defined functions for a given user.
</para>
<para><emphasis remap='I'>command</emphasis> is the name of the
authentication program. It is retrieved from the user's password file
information. The string contains one or more executable file names,
delimited by semi-colons. Each program will be executed in the order
given. The command line arguments are given for each of the reasons
listed below.
</para>
<para> <emphasis remap='I'>user</emphasis> is the name of the user to be
authenticated, as given in the <filename>/etc/passwd</filename> file.
User entries are indexed by username. This allows non-unique user IDs
to be present and for each different username associated with that
user ID to have a different authentication program and information.
</para>
<para>Each of the permissible authentication reasons is handled in a
potentially differenent manner. Unless otherwise mentioned, the
standard file descriptors 0, 1, and 2 are available for communicating
with the user. The real user ID may be used to determine the identity
of the user making the authentication request. <emphasis
remap='I'>reason</emphasis> is one of
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<emphasis remap='B'>PW_SU</emphasis>
</term>
<listitem>
<para>Perform authentication for the current real user ID
attempting to switch real user ID to the named user. The
authentication program will be invoked with a
<option>-s</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_LOGIN</emphasis>
</term>
<listitem>
<para>Perform authentication for the named user creating a new
login session. The authentication program will be invoked with a
<option>-l</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_ADD</emphasis>
</term>
<listitem>
<para>Create a new entry for the named user. This allows an
authentication program to initialize storage for a new user. The
authentication program will be invoked with a
<option>-a</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_CHANGE</emphasis>
</term>
<listitem>
<para>Alter an existing entry for the named user. This allows an
authentication program to alter the authentication information
for an existing user. The authentication program will be invoked
with a <option>-c</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_DELETE</emphasis>
</term>
<listitem>
<para>Delete authentication information for the named user. This
allows an authentication program to reclaim storage for a user
which is no longer authenticated using the authentication
program. The authentication program will be invoked with a
<option>-d</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_TELNET</emphasis>
</term>
<listitem>
<para>Authenticate a user who is connecting to the system using
the <emphasis remap='B'>telnet</emphasis> command. The
authentication program will be invoked with a
<option>-t</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_RLOGIN</emphasis>
</term>
<listitem>
<para>
Authenticate a user who is connecting to the system using the
<emphasis remap='B'>rlogin</emphasis> command. The
authentication program will be invoked with a
<option>-r</option> option, followed by the username.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_FTP</emphasis>
</term>
<listitem>
<para>
Authenticate a user who is connecting to the system using the
<emphasis remap='B'>ftp</emphasis> command. The authentication
program will be invoked with a <option>-f</option> option,
followed by the username. The standard file descriptors are not
available for communicating with the user. The standard input
file descriptor will be connected to the parent process, while
the other two output file descriptors will be connected to
<filename>/dev/null</filename>. The <emphasis
remap='B'>pw_auth</emphasis> function will pipe a single line of
data to the authentication program using file descriptor 0.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>PW_REXEC</emphasis>
</term>
<listitem>
<para>
Authenticate a user who is connecting to the system using the
<emphasis remap='I'>rexec</emphasis> command. The authentication
program will be invoked with a <option>-x</option> option,
followed by the username. The standard file descriptors are not
available for communicating with the remote user. The standard
input file descriptor will be connected to the parent process,
while the other two output file descriptors will be connected to
<filename>/dev/null</filename>. The <emphasis
remap='B'>pw_auth</emphasis> function will pipe a single line of
data to the authentication program using file descriptor 0.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>The last argument is the authentication data which is used by the
<emphasis remap='B'>PW_FTP</emphasis> and <emphasis
remap='B'>PW_REXEC</emphasis> reasons. It is treated as a single line
of text which is piped to the authentication program. When the reason
is <emphasis remap='B'>PW_CHANGE,</emphasis> the value of <emphasis
remap='I'>input</emphasis> is the value of previous user name if the
user name is being changed.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>This function does not create the actual session. It only
indicates if the user should be allowed to create the session.
</para>
<para>The network options are untested at this time.</para>
</refsect1>
<refsect1 id='diagnostics'>
<title>DIAGNOSTICS</title>
<para>
The <emphasis remap='B'>pw_auth</emphasis> function returns 0 if the
authentication program exited with a 0 exit code, and a non-zero value
otherwise.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

159
man/pwck.8.xml Normal file
View File

@@ -0,0 +1,159 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='pwck.8'>
<!-- $Id: pwck.8.xml,v 1.6 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>pwck</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>pwck</refname>
<refpurpose>verify integrity of password files</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>pwck</command> <arg choice='opt'>-sr </arg>
<arg choice='opt'>
<arg choice='plain'>
<replaceable>passwd</replaceable>
</arg>
<arg choice='plain'>
<replaceable>shadow</replaceable>
</arg>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>pwck</command> verifies the integrity of the system
authentication information. All entries in the
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
are checked to see that the entry has the proper format and valid data
in each field. The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
</para>
<para>Checks are made to verify that each entry has</para>
<!-- .in +.5i -->
<para>- the correct number of fields
<!-- .br -->
- a unique user name
<!-- .br -->
- a valid user and group identifier
<!-- .br -->
- a valid primary group
<!-- .br -->
- a valid home directory
<!-- .br -->
- a valid login shell
</para>
<!-- .in \-.5i -->
<para>The checks for correct number of fields and unique user name are
fatal. If the entry has the wrong number of fields, the user will be
prompted to delete the entire line. If the user does not answer
affirmatively, all further checks are bypassed. An entry with a
duplicated user name is prompted for deletion, but the remaining
checks will still be made. All other errors are warning and the user
is encouraged to run the <command>usermod</coamand> command to correct
the error.
</para>
<para> The commands which operate on the
<filename>/etc/passwd</filename> file are not able to alter corrupted
or duplicated entries. <command>pwck</command> should be used in
those circumstances to remove the offending entry.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
By default, <command>pwck</command> operates on the files
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>.
The user may select alternate files with the <emphasis
remap='I'>passwd</emphasis> and <emphasis remap='I'>shadow</emphasis>
parameters. Additionally, the user may execute the command in
read-only mode by specifying the <option>-r</option> flag. This causes
all questions regarding changes to be answered <emphasis
remap='B'>no</emphasis> without user intervention.
<command>pwck</command> can also sort entries in
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
by UID. To run it in sort mode pass it <option>-s</option> flag. No
checks are performed then, it just sorts.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>pwck</command> command exits with the
following values:
</term>
<listitem>
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>1</literal> - invalid command syntax
<!-- .br -->
<literal>2</literal> - one or more bad password entries
<!-- .br -->
<literal>3</literal> - can't open password files
<!-- .br -->
<literal>4</literal> - can't lock password files
<!-- .br -->
<literal>5</literal> - can't update password files
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

6
man/pwconv.8
View File

@@ -1,4 +1,4 @@
.\"$Id: pwconv.8,v 1.15 2005/04/02 08:01:24 kloczek Exp $
.\"$Id: pwconv.8,v 1.17 2005/05/19 10:34:59 kloczek Exp $
.TH PWCONV 8 "26 Sep 1997"
.SH NAME
pwconv, pwunconv, grpconv, grpunconv \- convert to and from shadow passwords and groups.
@@ -40,10 +40,10 @@ shadowed file if the main file is edited by hand.
and \fIPASS_WARN_AGE\fR from \fI/etc/login.defs\fR when adding new entries
to \fI/etc/shadow\fR.
.PP
Likewise \fBpwunconv\fR and \fBgrpunconv\fR are similiar. Passwords in the
Likewise \fBpwunconv\fR and \fBgrpunconv\fR are similar. Passwords in the
main file are updated from the shadowed file. Entries which exist in the
main file but not in the shadowed file are left alone. Finally, the shadowed
file is removed. Some password aging information is lost by fBpwunconv\fR.
file is removed. Some password aging information is lost by \fBpwunconv\fR.
It will convert what it can.
.SH "BUGS"
Errors in the password or group files (such as invalid or duplicate entries)

117
man/pwconv.8.xml Normal file
View File

@@ -0,0 +1,117 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='pwconv.8'>
<!-- $Id: pwconv.8.xml,v 1.6 2005/05/19 10:35:00 kloczek Exp $ -->
<refentryinfo>
<date>26 Sep 1997</date>
</refentryinfo>
<refmeta>
<refentrytitle>PWCONV</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class='date'>26 Sep 1997</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>pwconv</refname>
<refname>pwunconv</refname>
<refname>grpconv</refname>
<refname>grpunconv</refname>
<refpurpose>convert to and from shadow passwords and groups.</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>pwconv</command>
</cmdsynopsis>
<cmdsynopsis>
<command>pwunconv</command>
</cmdsynopsis>
<cmdsynopsis>
<command>grpconv</command>
</cmdsynopsis>
<cmdsynopsis>
<command>grpunconv</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para><command>pwconv</command> creates <emphasis
remap='I'>shadow</emphasis> from <emphasis remap='I'>passwd</emphasis>
and an optionally existing <emphasis remap='I'>shadow</emphasis>.
</para>
<para><command>pwunconv</command> creates <emphasis
remap='I'>passwd</emphasis> from <emphasis remap='I'>passwd</emphasis>
and <emphasis remap='I'>shadow</emphasis> and then removes <emphasis
remap='I'>shadow</emphasis>.
</para>
<para><command>grpconv</command> creates <emphasis
remap='I'>gshadow</emphasis> from <emphasis remap='I'>group</emphasis>
and an optionally existing <emphasis remap='I'>gshadow</emphasis>.
</para>
<para><command>grpunconv</command> creates <emphasis
remap='I'>group</emphasis> from <emphasis remap='I'>group</emphasis>
and <emphasis remap='I'>gshadow</emphasis> and then removes <emphasis
remap='I'>gshadow</emphasis>.
</para>
<para>These four programs all operate on the normal and shadow password
and group files: <filename>/etc/passwd</filename>,
<filename>/etc/group</filename>, <filename>/etc/shadow</filename>, and
<filename>/etc/gshadow</filename>.
</para>
<para> Each program acquires the necessary locks before conversion.
<command>pwconv</command> and <command>grpconv</command> are similar.
First, entries in the shadowed file which don't exist in the main file
are removed. Then, shadowed entries which don't have `x' as the
password in the main file are updated. Any missing shadowed entries
are added. Finally, passwords in the main file are replaced with `x'.
These programs can be used for initial conversion as well to update
the shadowed file if the main file is edited by hand.
</para>
<para><command>pwconv</command> will use the values of <emphasis
remap='I'>PASS_MIN_DAYS</emphasis>, <emphasis
remap='I'>PASS_MAX_DAYS</emphasis>, and <emphasis
remap='I'>PASS_WARN_AGE</emphasis> from
<filename>/etc/login.defs</filename> when adding new entries to
<filename>/etc/shadow</filename>.
</para>
<para>Likewise <command>pwunconv</command> and
<command>grpunconv</command> are similar. Passwords in the main file
are updated from the shadowed file. Entries which exist in the main
file but not in the shadowed file are left alone. Finally, the
shadowed file is removed. Some password aging information is lost by
<command>pwunconv</command>. It will convert what it can.
</para>
</refsect1>
<refsect1 id='bugs'>
<title>BUGS</title>
<para>Errors in the password or group files (such as invalid or
duplicate entries) may cause these programs to loop forever or fail in
other strange ways. Please run <command>pwck</command> and
<command>grpck</command> to correct any such errors before converting
to or from shadow passwords or groups.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pwck</refentrytitle><manvolnum>8</manvolnum>
</citerefentry></para>
</refsect1>
</refentry>

6
man/ru/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/ru
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

199
man/shadow.3.xml Normal file
View File

@@ -0,0 +1,199 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='shadow.3'>
<!-- $Id: shadow.3.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>shadow</refentrytitle>
<manvolnum>3</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>shadow</refname>
<refpurpose>encrypted password file routines</refpurpose>
</refnamediv>
<refsect1 id='syntax'>
<title>SYNTAX</title>
<para>
<emphasis remap='B'>#include &lt;shadow.h&gt;</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *getspent();</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *getspnam(char</emphasis>
<emphasis remap='I'>*name</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>void setspent();</emphasis>
</para>
<para>
<emphasis remap='B'>void endspent();</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *fgetspent(FILE</emphasis>
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *sgetspent(char</emphasis>
<emphasis remap='I'>*cp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>int putspent(struct spwd</emphasis>
<emphasis remap='I'>*p,</emphasis>
<emphasis remap='B'>FILE</emphasis>
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>int lckpwdf();</emphasis>
</para>
<para>
<emphasis remap='B'>int ulckpwdf();</emphasis>
</para>
</refsect1>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='I'>shadow</emphasis>
manipulates the contents of the shadow password file,
<filename>/etc/shadow</filename>.
The structure in the <emphasis remap='I'>#include</emphasis> file
is
</para>
<para>struct spwd {
<!-- .in +.5i -->
<!-- .br -->
char *sp_namp; /* user login name */
<!-- .br -->
char *sp_pwdp; /* encrypted password */
<!-- .br -->
long int sp_lstchg; /* last password change */
<!-- .br -->
long int sp_min; /* days until change allowed. */
<!-- .br -->
long int sp_max; /* days before change required */
<!-- .br -->
long int sp_warn; /* days warning for expiration */
<!-- .br -->
long int sp_inact; /* days before account inactive */
<!-- .br -->
long int sp_expire; /* date when account expires */
<!-- .br -->
unsigned long int sp_flag; /* reserved for future use */
<!-- .br -->
<!-- .in \-.5i -->
}
</para>
<para>The meanings of each field are</para>
<para>sp_namp - pointer to null-terminated user name.
<!-- .br -->
sp_pwdp - pointer to null-terminated password.
<!-- .br -->
sp_lstchg - days since Jan 1, 1970 password was last changed.
<!-- .br -->
sp_min - days before which password may not be changed.
<!-- .br -->
sp_max - days after which password must be changed.
<!-- .br -->
sp_warn - days before password is to expire that user is warned
of pending password expiration.
<!-- .br -->
sp_inact - days after password expires that account is considered
inactive and disabled.
<!-- .br -->
sp_expire - days since Jan 1, 1970 when account will be disabled.
<!-- .br -->
sp_flag - reserved for future use.
</para>
</refsect1>
<refsect1 id='description2'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='B'>getspent</emphasis>, <emphasis
remap='B'>getspname</emphasis> <emphasis
remap='B'>fgetspent</emphasis>, and <emphasis
remap='B'>sgetspent</emphasis> each return a pointer to a <emphasis
remap='B'>struct spwd</emphasis>. <emphasis
remap='B'>getspent</emphasis> returns the next entry from the file,
and <emphasis remap='B'>fgetspent</emphasis> returns the next entry
from the given stream, which is assumed to be a file of the proper
format. <emphasis remap='B'>sgetspent</emphasis> returns a pointer to
a <emphasis remap='B'>struct spwd</emphasis> using the provided string
as input. <emphasis remap='B'>getspnam</emphasis> searches from the
current position in the file for an entry matching <emphasis
remap='B'>name</emphasis>.
</para>
<para><emphasis remap='B'>setspent</emphasis> and <emphasis
remap='B'>endspent</emphasis> may be used to begin and end,
respectively, access to the shadow password file.
</para>
<para>The <emphasis remap='B'>lckpwdf</emphasis> and <emphasis
remap='B'>ulckpwdf</emphasis> routines should be used to insure
exclusive access to the <filename>/etc/shadow</filename> file.
<emphasis remap='B'>lckpwdf</emphasis> attempts to acquire a lock
using <emphasis remap='B'>pw_lock</emphasis> for up to 15 seconds. It
continues by attempting to acquire a second lock using <emphasis
remap='B'>spw_lock</emphasis> for the remainder of the initial 15
seconds. Should either attempt fail after a total of 15 seconds,
<emphasis remap='B'>lckpwdf</emphasis> returns -1. When both locks are
acquired 0 is returned.
</para>
</refsect1>
<refsect1 id='diagnostics'>
<title>DIAGNOSTICS</title>
<para>Routines return NULL if no more entries are available or if an
error occurs during processing. Routines which have <emphasis
remap='B'>int</emphasis> as the return value return 0 for success and
-1 for failure.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>These routines may only be used by the super user as access to the
shadow password file is restricted.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

128
man/shadow.5.xml Normal file
View File

@@ -0,0 +1,128 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='shadow.5'>
<!-- $Id: shadow.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>shadow</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>shadow</refname>
<refpurpose>encrypted password file</refpurpose>
</refnamediv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='I'>shadow</emphasis> contains the encrypted
password information for user's accounts
and optional the password aging information. Included is
</para>
<para>Login name</para>
<para>Encrypted password</para>
<para>Days since Jan 1, 1970 that password was last changed</para>
<para>Days before password may be changed</para>
<para>Days after which password must be changed</para>
<para>Days before password is to expire that user is warned</para>
<para>Days after password expires that account is disabled</para>
<para>Days since Jan 1, 1970 that account is disabled</para>
<para>A reserved field</para>
<para>The password field must be filled. The encryped password consists
of 13 to 24 characters from the 64 characters alphabet a thru z, A
thru Z, 0 thru 9, \. and /. Optionally it can start with a "$"
character. This means the encrypted password was generated using
another (not DES) algorithm. For example if it starts with "$1$" it
means the MD5-based algorithm was used.
</para>
<para>
Refer to
<citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>
for details on how this string is interpreted.
</para>
<para>The date of the last password change is given as the number of
days since Jan 1, 1970. The password may not be changed again until
the proper number of days have passed, and must be changed after the
maximum number of days. If the minimum number of days required is
greater than the maximum number of day allowed, this password may not
be changed by the user.
</para>
<para>An account is considered to be inactive and is disabled if the
password is not changed within the specified number of days after the
password expires. An account will also be disabled on the specified
day regardless of other password expiration information.
</para>
<para>This information supercedes any password or password age
information present in <filename>/etc/passwd</filename>.
</para>
<para>This file must not be readable by regular users if password
security is to be maintained.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chage</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pwconv</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>pwunconv</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>sulogin</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

53
man/shadowconfig.8.xml Normal file
View File

@@ -0,0 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='shadowconfig.8'>
<!-- $Id: shadowconfig.8.xml,v 1.5 2005/04/27 18:20:35 kloczek Exp $ -->
<refentryinfo>
<date>19 Apr 1997</date>
</refentryinfo>
<refmeta>
<refentrytitle>shadowconfig</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class='date'>19 Apr 1997</refmiscinfo>
<refmiscinfo class='source'>Debian GNU/Linux</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>shadowconfig</refname>
<refpurpose>toggle shadow passwords on and off</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>shadowconfig</command>
<group choice='plain'>
<arg choice='plain'><replaceable>on</replaceable></arg>
<arg choice='plain'><replaceable>off</replaceable></arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>shadowconfig</coamand> on will turn shadow passwords on;
<emphasis remap='B'>shadowconfig off</emphasis> will turn shadow
passwords off. <command>shadowconfig</command> will print an error
message and exit with a nonzero code if it finds anything awry. If
that happens, you should correct the error and run it again. Turning
shadow passwords on when they are already on, or off when they are
already off, is harmless.
</para>
<para>
Read <filename>/usr/share/doc/passwd/README.debian</filename> for a
brief introduction
to shadow passwords and related features.
</para>
<para>Note that turning shadow passwords off and on again will lose all
password
aging information.
</para>
</refsect1>
</refentry>

6
man/su.1
View File

@@ -1,4 +1,4 @@
.\" $Id: su.1,v 1.16 2005/04/12 16:31:06 kloczek Exp $
.\" $Id: su.1,v 1.18 2005/05/19 10:35:00 kloczek Exp $
.\" Copyright 1989 - 1990, Julianne Frances Haugh
.\" All rights reserved.
.\"
@@ -33,7 +33,7 @@ su \- change user ID or become super\-user
.SH DESCRIPTION
\fBsu\fR is used to become another user during a login session. Invoked
without a username, \fBsu\fR defaults to becoming the super user. The
optional argument \fB\-\fR may be used to provide an environment similiar to
optional argument \fB\-\fR may be used to provide an environment similar to
what the user would expect had the user logged in directly.
.PP
Additional arguments may be provided after the username, in which case they
@@ -46,7 +46,7 @@ The user will be prompted for a password, if appropriate. Invalid passwords
will produce an error message. All attempts, both valid and invalid, are
logged to detect abuses of the system.
.PP
The current environment is passed to the new shell. The value of fB$PATH\fR
The current environment is passed to the new shell. The value of \fB$PATH\fR
\is reset to \fB/bin:/usr/bin\fR for normal users, or
\fB/sbin:/bin:/usr/sbin:/usr/bin\fR for the super user. This may be changed
with the \fBENV_PATH\fR and \fBENV_SUPATH\fR definitions in

113
man/su.1.xml Normal file
View File

@@ -0,0 +1,113 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='su.1'>
<!-- $Id: su.1.xml,v 1.8 2005/05/19 10:35:00 kloczek Exp $ -->
<refmeta>
<refentrytitle>su</refentrytitle>
<manvolnum>1</manvolnum>
<refmiscinfo class="sectdesc">User Commands</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>su</refname>
<refpurpose>change user ID or become super-user</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>su</command>
<arg choice='opt'>- </arg>
<arg choice='opt'>
<arg choice='plain'>
<replaceable>username</replaceable>
</arg>
<arg choice='opt'>
<replaceable>args</replaceable>
</arg>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>su</command> is used to become another user during a login
session. Invoked without a username, <command>su</command> defaults to
becoming the super user. The optional argument <option>-</option> may
be used to provide an environment similar to what the user would
expect had the user logged in directly.
</para>
<para>Additional arguments may be provided after the username, in which
case they are supplied to the user&acute;s login shell. In particular,
an argument of <option>-c</option> will cause the next argument to be
treated as a command by most command interpreters. The command will be
executed by the shell specified in <filename>/etc/passwd</filename>
for the target user.
</para>
<para>The user will be prompted for a password, if appropriate. Invalid
passwords will produce an error message. All attempts, both valid and
invalid, are logged to detect abuses of the system.
</para>
<para>The current environment is passed to the new shell. The value of
<emphasis remap='B'>$PATH</emphasis> is reset to
<filename>/bin:/usr/bin</filename> for normal users, or
<filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the super user.
This may be changed with the <emphasis remap='B'>ENV_PATH</emphasis>
and <emphasis remap='B'>ENV_SUPATH</emphasis> definitions in
<filename>/etc/login.defs</filename>.
</para>
<para>A subsystem login is indicated by the presense of a "*" as the
first character of the login shell. The given home directory will be
used as the root of a new filesystem which the user is actually logged
into.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
This version of <command>su</command> has many compilation options,
only some of which may be in use at any particular site.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>suauth</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh &lt;jockgrrl@ix.netcom.com&gt;</para>
</refsect1>
</refentry>

196
man/suauth.5.xml Normal file
View File

@@ -0,0 +1,196 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='suauth.5'>
<!-- $Id: suauth.5.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>suauth</refentrytitle>
<manvolnum>5</manvolnum>
<refmiscinfo class='source'>Feb 14, 1996</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>suauth</refname>
<refpurpose>Detailed su control file</refpurpose>
</refnamediv>
<!-- body begins here -->
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>/etc/suauth</command>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>The file <filename>/etc/suauth</filename> is referenced
whenever the su command is called. It can change the behaviour of the
su command, based upon
</para>
<!-- .RS -->
<literallayout remap='.nf'>
1) the user su is targetting
</literallayout>
<!-- .fi -->
<para>2) the user executing the su command (or any groups he might be
a member of)
</para>
<!-- .RE -->
<para>The file is formatted like this, with lines starting with a #
being treated as comment lines and ignored;
</para>
<!-- .RS -->
<literallayout remap='RS'>
to-id:from-id:ACTION
</literallayout>
<!-- remap='RE' -->
<para>Where to-id is either the word
<emphasis remap='B'>ALL</emphasis>,
a list of usernames
delimited by "," or the words
<emphasis remap='B'>ALL EXCEPT</emphasis>
followed by a list
of usernames delimited by ","
</para>
<para>from-id is formatted the same as to-id except the extra word
<emphasis remap='B'>GROUP</emphasis>
is recognised.
<emphasis remap='B'>ALL EXCEPT GROUP</emphasis>
is perfectly valid too.
Following
<emphasis remap='B'>GROUP</emphasis>
appears one or more group names, delimited by
",". It is not sufficient to have primary group id of the
relevant group, an entry in
<citerefentry>
<refentrytitle>/etc/group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
is neccessary.
</para>
<para>Action can be one only of the following currently supported
options.
</para>
<variablelist remap='TP'>
<varlistentry>
<term>
<emphasis remap='B'>DENY</emphasis>
</term>
<listitem>
<para>The attempt to su is stopped before a password is
even asked for.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>NOPASS</emphasis>
</term>
<listitem>
<para>The attempt to su is automatically successful; no
password is
asked for.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<emphasis remap='B'>OWNPASS</emphasis>
</term>
<listitem>
<para>For the su command to be successful, the user must
enter
his or her own password. They are told this.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>Note there are three separate fields delimited by a colon. No
whitespace must surround this colon. Also note that the file
is examined sequentially line by line, and the first applicable
rule is used without examining the file further. This makes it
possible for a system administrator to exercise as fine control
as he or she wishes.
</para>
</refsect1>
<refsect1 id='example'>
<title>EXAMPLE</title>
<literallayout remap='.nf'>
# sample /etc/suauth file
#
# A couple of privileged usernames may
# su to root with their own password.
#
root:chris,birddog:OWNPASS
#
# Anyone else may not su to root unless in
# group wheel. This is how BSD does things.
#
root:ALL EXCEPT GROUP wheel:DENY
#
# Perhaps terry and birddog are accounts
# owned by the same person.
# Access can be arranged between them
# with no password.
#
terry:birddog:NOPASS
birddog:terry:NOPASS
#
</literallayout>
<!-- .fi -->
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/suauth</filename></term>
<listitem></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='bugs'>
<title>BUGS</title>
<para>There could be plenty lurking. The file parser is particularly
unforgiving about syntax errors, expecting no spurious whitespace
(apart from beginning and end of lines), and a specific token
delimiting different things.
</para>
</refsect1>
<refsect1 id='diagnostics'>
<title>DIAGNOSTICS</title>
<para>An error parsing the file is reported using
<citerefentry>
<refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
as level ERR on
facility AUTH.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>su</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<literallayout remap='.nf'>
Chris Evans (lady0110@sable.ox.ac.uk)
Lady Margaret Hall
Oxford University
England
</literallayout>
</refsect1>
</refentry>

117
man/sulogin.8.xml Normal file
View File

@@ -0,0 +1,117 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='sulogin.8'>
<!-- $Id: sulogin.8.xml,v 1.6 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>sulogin</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>sulogin</refname>
<refpurpose>Single-user login</refpurpose>
</refnamediv>
<refsect1 id='syntax'>
<title>SYNTAX</title>
<para>
<command>sulogin</coamand> [<emphasis remap='I'>
tty-device
</emphasis>
]
</para>
</refsect1>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>sulogin</coamand> is invoked by <command>init</coamand> prior
to allowing the user access to the system when in single user mode.
This feature may only be available on certain systems where
<command>init</coamand> has been modified accordingly, or where the
<filename>/etc/inittab</filename> has an entry for a single user
login.
</para>
<para>The user is prompted</para>
<para>Type control-d to proceed with normal startup,
<!-- .br -->
(or give root password for system maintenance):
</para>
<para>Input and output will be performed with the standard file
descriptors unless
the optional device name argument is provided.
</para>
<para>If the user enters the correct root password, a login session is
initiated.
When <emphasis remap='B'>EOF</emphasis> is pressed instead, the
system enters multi-user mode.
</para>
<para>After the user exits the single-user shell, or presses <emphasis
remap='B'>EOF</emphasis>, the system begins the initialization process
required to enter multi-user mode.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
This command can only be used if <command>init</coamand> has been
modified to call <command>sulogin</coamand> instead of
<filename>/bin/sh</filename>, or if the user has set the <emphasis
remap='I'>inittab</emphasis> to support a single user login. For
example, the line:
</para>
<!-- .br -->
<para>co:s:respawn:/etc/sulogin /dev/console</para>
<!-- .br -->
<para>should execute the sulogin command in single user mode.</para>
<para>As complete an environment as possible is created. However,
various devices
may be unmounted or uninitialized and many of the user commands may
be
unavailable or nonfunctional as a result.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>login</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>init</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

417
man/useradd.8.xml Normal file
View File

@@ -0,0 +1,417 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='useradd.8'>
<!-- $Id: useradd.8.xml,v 1.6 2005/04/27 18:20:35 kloczek Exp $ -->
<refmeta>
<refentrytitle>useradd</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>useradd</refname>
<refpurpose>Create a new user or update default new user information</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>useradd</command>
<arg choice='opt'>-c <replaceable>comment</replaceable></arg>
<arg choice='opt'>-d <replaceable>home_dir</replaceable></arg>
<arg choice='opt'>-e <replaceable>expire_date</replaceable></arg>
<arg choice='opt'>-f <replaceable>inactive_days</replaceable></arg>
<sbr/>
<arg choice='opt'>-g <replaceable>initial_group</replaceable></arg>
<arg choice='opt'>
<arg choice='plain'>-G <replaceable>group1</replaceable></arg>
<arg choice='opt'>
<arg choice='plain' rep='repeat'>
<replaceable>,group2,</replaceable>
</arg>
<arg choice='plain'>
<replaceable>,</replaceable>
</arg>
<arg choice='opt'>
<replaceable>groupN</replaceable>
</arg>
</arg>
</arg>
<sbr/>
<arg choice='opt'>
<arg choice='opt'>-M </arg><arg choice='plain'>-m </arg>
<arg choice='opt'>-k <replaceable>skeleton_dir</replaceable></arg>
</arg>
<arg choice='opt'>-o </arg>
<arg choice='opt'>-p <replaceable>passwd</replaceable></arg>
<arg choice='opt'>-s <replaceable>shell</replaceable></arg>
<sbr/>
<arg choice='opt'>-u <replaceable>uid</replaceable></arg>
<arg choice='plain'><replaceable>login</replaceable></arg>
<arg choice='plain'><replaceable>useradd</replaceable></arg>
<arg choice='plain'>-D </arg>
<arg choice='opt'>-g <replaceable>group</replaceable></arg>
<arg choice='opt'>-b <replaceable>home_dir</replaceable></arg>
<arg choice='opt'>-e <replaceable>expire_date</replaceable></arg>
<sbr/>
<arg choice='opt'>-f <replaceable>inactive_days</replaceable></arg>
<arg choice='opt'>-s <replaceable>shell</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<refsect2 id='creating_new_users'>
<title>Creating New Users</title>
<para>
When invoked without the <option>-D</option> option, the
<command>useradd</command> command creates a new user account using
the values specified on the command line and the default values from
the system. Depending on command line options, the useradd command
will update system files and may also create the new user's home
directory and copy initial files.
</para>
</refsect2>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>The options which apply to the <command>useradd</command> command are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-c</option> <replaceable>comment</replaceable>
</term>
<listitem>
<para>The new user's password file comment field.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-d</option> <replaceable>home_dir</replaceable>
</term>
<listitem>
<para>
The new user will be created using <emphasis remap='I'> home_dir
</emphasis>as the value for the user's login directory. The
default is to append the <emphasis remap='I'>login</emphasis>
name to <emphasis remap='I'>home</emphasis> and use that as the
login directory name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-e</option> <replaceable>expire_date</replaceable>
</term>
<listitem>
<para>The date on which the user account will be disabled. The
date is specified in the format <emphasis
remap='I'>YYYY-MM-DD</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-f</option> <replaceable>inactive_days</replaceable>
</term>
<listitem>
<para>The number of days after a password expires until the
account is permanently disabled. A value of 0 disables the
account as soon as the password has expired, and a value of -1
disables the feature. The default value is -1.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option> <replaceable>initial_group</replaceable>
</term>
<listitem>
<para>The group name or number of the user's initial login group.
The group name must exist. A group number must refer to an
already existing group. The default group number is 1 or
whatever is specified in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-G</option> <replaceable>group1</replaceable>[<emphasis remap='I'>
,group2,...,
</emphasis>
[<emphasis remap='I'>groupN</emphasis>]]]
</term>
<listitem>
<para>A list of supplementary groups which the user is also a
member of. Each group is separated from the next by a comma,
with no intervening whitespace. The groups are subject to the
same restrictions as the group given with the
<option>-g</option> option. The default is for the user to
belong only to the initial group.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-M</option>
</term>
<listitem>
<para>RedHat added the CREATE_HOME option in login.defs in their
version of shadow-utils (which makes -m the default, with new -M
option to turn it off). Unfortunately, this changes the way
useradd works (it can be run by scripts expecting some standard
behaviour), compared to other Unices and other Linux
distributions, and also adds a lot of confusion.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-m</option>
</term>
<listitem>
<para>The user's home directory will be created if it does not
exist. The files contained in <emphasis
remap='I'>skeleton_dir</emphasis> will be copied to the home
directory if the <option>-k</option> option is used, otherwise
the files contained in <filename>/etc/skel</filename> will be
used instead. Any directories contained in <emphasis remap='I'>
skeleton_dir</emphasis> or <filename>/etc/skel</filename> will
be created in the user's home directory as well. The
<option>-k</option> option is only valid in conjunction with the
<option>-m</option> option. The default is to not create the
directory and to not copy any files.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-o</option>
</term>
<listitem>
<para>Allow create user with duplicate (non-unique) UID.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-p</option> <replaceable>passwd</replaceable>
</term>
<listitem>
<para>
The encrypted password, as returned by <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>. The default is to disable the account.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-s</option> <replaceable>shell</replaceable>
</term>
<listitem>
<para>The name of the user's login shell. The default is to
leave this field
blank, which causes the system to select the default
login shell.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-u</option> <replaceable>uid</replaceable>
</term>
<listitem>
<para>The numerical value of the user's ID. This value must be
unique, unless the <option>-o</option> option is used. The value
must be non-negative. The default is to use the smallest ID
value greater than 999 and greater than every other user.
Values between 0 and 999 are typically reserved for system
accounts.
</para>
</listitem>
</varlistentry>
</variablelist>
<refsect2 id='changing_the_default_values'>
<title>Changing the default values</title>
<para>
When invoked with the <option>-D</option> option,
<command>useradd</command> will either display the current default
values, or update the default values from the command line. The
valid options are
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-b</option> <replaceable>home_dir</replaceable>
</term>
<listitem>
<para>The initial path prefix for a new user's home directory.
The user's name will be affixed to the end of <emphasis
remap='I'>home</emphasis> to create the new directory name if
the <option>-d</option> option is not used when creating a new
account.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-e</option> <replaceable>expire_date</replaceable>
</term>
<listitem>
<para>The date on which the user account is disabled.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-f</option> <replaceable>inactive</replaceable>
</term>
<listitem>
<para>The number of days after a password has expired before the
account will be disabled.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option> <replaceable>group</replaceable>
</term>
<listitem>
<para>The group name or ID for a new user's initial group. The
named group must exist, and a numerical group ID must have an
existing entry .
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-s</option> <replaceable>shell</replaceable>
</term>
<listitem>
<para>The name of the new user's login shell. The named program
will be used for all future new user accounts.
</para>
</listitem>
</varlistentry>
</variablelist>
<para>If no options are specified, <command>useradd</command>
displays the current default values.
</para>
</refsect2>
</refsect1>
<refsect1 id='notes'>
<title>NOTES</title>
<para>The system administrator is responsible for placing the default
user files in the <filename>/etc/skel/</filename> directory.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>You may not add a user to an NIS group. This must be performed on
the NIS server.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/default/useradd</filename></term>
<listitem>default information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/skel/</filename></term>
<listitem>directory containing default files</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>useadd</coamand> command exits with the following
values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>1</literal> - can't update password file
<!-- .br -->
<literal>2</literal> - invalid command syntax
<!-- .br -->
<literal>3</literal> - invalid argument to option
<!-- .br -->
<literal>4</literal> - uid already in use (and no -o)
<!-- .br -->
<literal>6</literal> - specified group doesn't exist
<!-- .br -->
<literal>9</literal> - username already in use
<!-- .br -->
<literal>10</literal> - can't update group file
<!-- .br -->
<literal>12</literal> - can't create home directory
<!-- .br -->
<literal>13</literal> - can't create mail spool
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

147
man/userdel.8.xml Normal file
View File

@@ -0,0 +1,147 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='userdel.8'>
<!-- $Id: userdel.8.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>USERDEL</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>userdel</refname>
<refpurpose>Delete a user account and related files</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>userdel</command>
<arg choice='opt'>-r </arg>
<arg choice='plain'>
<replaceable>login</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <command>userdel</command> command modifies the system account
files, deleting all entries that refer to <emphasis
remap='I'>login</emphasis>. The named user must exist.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>userdel</command> command are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-r</option>
</term>
<listitem>
<para>Files in the user's home directory will be removed along
with the home directory itself and the user's mail spool. Files
located in other file systems will have to be searched for and
deleted manually.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<variablelist remap='TP'>
<varlistentry>
<term>
The <command>userdel</command> command exits with the following
values:
</term>
<listitem>
<!-- .br -->
<para>
<literal>0</literal> - success
<!-- .br -->
<literal>1</literal> - can't update password file
<!-- .br -->
<literal>2</literal> - invalid command syntax
<!-- .br -->
<literal>6</literal> - specified user doesn't exist
<!-- .br -->
<literal>8</literal> - user currently logged in
<!-- .br -->
<literal>10</literal> - can't update group file
<!-- .br -->
<literal>12</literal> - can't remove home directory
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
<command>userdel</command> will not allow you to remove an account if
the user is currently logged in. You must kill any running processes
which belong to an account that you are deleting. You may not remove
any NIS attributes on an NIS client. This must be performed on the NIS
server.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

300
man/usermod.8.xml Normal file
View File

@@ -0,0 +1,300 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='usermod.8'>
<!-- $Id: usermod.8.xml,v 1.5 2005/04/28 13:57:45 kloczek Exp $ -->
<refmeta>
<refentrytitle>usermod</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>usermod</refname>
<refpurpose>Modify a user account</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>usermod</command>
<arg choice='opt'>-c <replaceable>comment</replaceable></arg>
<arg choice='opt'>
<arg choice='plain'>-d <replaceable>home_dir</replaceable></arg>
<arg choice='opt'>-m </arg>
</arg>
<arg choice='opt'>-e <replaceable>expire_date</replaceable></arg>
<arg choice='opt'>-f <replaceable>inactive_time</replaceable></arg>
<arg choice='opt'>-g <replaceable>initial_group</replaceable></arg>
<sbr/>
<arg choice='opt'>
<arg choice='plain'>-G <replaceable>group1</replaceable></arg>
<arg choice='opt'>
<arg choice='plain' rep='repeat'><replaceable>,group2,</replaceable></arg>
<arg choice='plain'><replaceable>,</replaceable></arg>
<arg choice='opt'><replaceable>groupN</replaceable></arg>
</arg>
</arg>
<sbr/>
<arg choice='opt'>-l <replaceable>login_name</replaceable></arg>
<arg choice='opt'>-p <replaceable>passwd</replaceable></arg>
<arg choice='opt'>-s <replaceable>shell</replaceable></arg>
<arg choice='opt'>
<arg choice='plain'>-u <replaceable>uid</replaceable></arg>
<arg choice='opt'>-o </arg>
</arg>
<sbr/>
<group choice='opt'>
<arg choice='plain'>-L </arg><arg choice='plain'>-U </arg>
</group>
<arg choice='plain'><replaceable>login</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
The <command>usermod</command> command modifies the system account
files to reflect the changes that are specified on the command line.
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>
The options which apply to the <command>usermod</command> command
are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-c</option> <replaceable>comment</replaceable>
</term>
<listitem>
<para>The new value of the user's password file comment
field. It is normally modified using the <citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>utility.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-d</option> <replaceable>home_dir</replaceable>
</term>
<listitem>
<para>
The user's new login directory. If the <option>-m</option>
option is given the contents of the current home directory will
be moved to the new home directory, which is created if it does
not already exist.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-e</option> <replaceable>expire_date</replaceable>
</term>
<listitem>
<para>The date on which the user account will be disabled. The
date is specified in the format <emphasis remap='I'>YYYY-MM-DD
</emphasis>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-f</option> <replaceable>inactive_days</replaceable>
</term>
<listitem>
<para>The number of days after a password expires until the
account is permanently disabled. A value of 0 disables the
account as soon as the password has expired, and a value of -1
disables the feature. The default value is -1.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option> <replaceable>initial_group</replaceable>
</term>
<listitem>
<para>The group name or number of the user's new initial login
group. The group name must exist. A group number must refer to
an already existing group. The default group number is 1.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-G</option> <replaceable>group1</replaceable>[<emphasis remap='I'>
,group2,...,
</emphasis>
[<emphasis remap='I'>groupN</emphasis>]]]
</term>
<listitem>
<para>A list of supplementary groups which the user is also a
member of. Each group is separated from the next by a comma,
with no intervening whitespace. The groups are subject to the
same restrictions as the group given with the
<option>-g</option> option. If the user is currently a member of
a group which is not listed, the user will be removed from the
group.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-l</option> <replaceable>login_name</replaceable>
</term>
<listitem>
<para>
The name of the user will be changed from <emphasis
remap='I'>login </emphasis> to <emphasis
remap='I'>login_name</emphasis>. Nothing else is changed. In
particular, the user's home directory name should probably be
changed to reflect the new login name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-L</option>
</term>
<listitem>
<para>Lock a user's password. This puts a '!' in front of the
encrypted password, effectively disabling the password. You
can't use this option with <option>-p</option> or
<option>-U</option>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-o</option>
</term>
<listitem>
<para>
When used with the <option>-u</option> option, this option
allows to change the user ID to a non-unique value.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-p</option> <replaceable>passwd</replaceable>
</term>
<listitem>
<para>
The encrypted password, as returned by <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-s</option> <replaceable>shell</replaceable>
</term>
<listitem>
<para>The name of the user's new login shell. Setting this field
to blank causes the system to select the default login shell.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-u</option> <replaceable>uid</replaceable>
</term>
<listitem>
<para>The numerical value of the user's ID. This value must be
unique, unless the <option>-o</option> option is used. The value
must be non-negative. Values between 0 and 99 are typically
reserved for system accounts. Any files which the user owns and
which are located in the directory tree rooted at the user's
home directory will have the file user ID changed automatically.
Files outside of the user's home directory must be altered
manually.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-U</option>
</term>
<listitem>
<para>Unlock a user's password. This removes the '!' in front of
the encrypted password. You can't use this option with
<option>-p</option> or <option>-L</option>.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
<command>usermod</command> will not allow you to change the name of a
user who is logged in. You must make certain that the named user is
not executing any processes when this command is being executed if the
user's numerical user ID is being changed. You must change the owner
of any crontab files manually. You must change the owner of any at
jobs manually. You must make any changes involving NIS on the NIS
server.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>group account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>.
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>

9
man/vipw.8
View File

@@ -1,4 +1,4 @@
.\"$Id: vipw.8,v 1.8 2005/04/05 18:47:50 kloczek Exp $
.\"$Id: vipw.8,v 1.10 2005/04/27 08:29:36 kloczek Exp $
.TH VIPW 8 "26 Sep 1997"
.SH NAME
vipw, vigr \- edit the password, group, shadow\-password, or shadow\-group file.
@@ -9,12 +9,11 @@ vipw, vigr \- edit the password, group, shadow\-password, or shadow\-group file.
.SH DESCRIPTION
\fBvipw\fR and \fBvigr\fR will edit the files \fI/etc/passwd\fR and
\fI/etc/group\fR, respectively. With the \fB\-s\fR flag, they will edit the
shadow versions of those files, fI/etc/shadow\fR and \fI/etc/gshadow\fR,
shadow versions of those files, \fI/etc/shadow\fR and \fI/etc/gshadow\fR,
respectively. The programs will set the appropriate locks to prevent file
corruption. When looking for an editor, the programs will first try the
environment variable \fBVISUAL\fR, then the environment variable
\fBEDITOR\fR, and finally the default editor,
.BR vi .
environment variable \fB$VISUAL\fR, then the environment variable
\fB$EDITOR\fR, and finally the default editor, \fBvi\fR(1).
.SH "SEE ALSO"
.BR group (5),
.BR passwd (5),

63
man/vipw.8.xml Normal file
View File

@@ -0,0 +1,63 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='vipw.8'>
<!-- $Id: vipw.8.xml,v 1.6 2005/04/28 13:54:06 kloczek Exp $ -->
<refentryinfo>
<date>26 Sep 1997</date>
</refentryinfo>
<refmeta>
<refentrytitle>vipw</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class='date'>26 Sep 1997</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>vipw</refname>
<refname>vigr</refname>
<refpurpose>edit the password, group, shadow-password, or shadow-group
file.
</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>vipw</command><arg choice='opt'>-s </arg>
</cmdsynopsis>
<cmdsynopsis>
<command>vigr</command><arg choice='opt'>-s </arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<command>vipw</command> and <command>vigr</command> will edit the
files <filename>/etc/passwd</filename> and
<filename>/etc/group</filename>, respectively. With the
<option>-s</option> flag, they will edit the shadow versions of those
files, <filename>/etc/shadow</filename> and
<filename>/etc/gshadow</filename>, respectively. The programs will set
the appropriate locks to prevent file corruption. When looking for an
editor, the programs will first try the environment variable
<envar>$VISUAL</envar>, then the environment variable <emphasis
remap='B'>$EDITOR</emphasis>, and finally the default editor, <citerefentry>
<refentrytitle>vi</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>.
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
</refentry>

6
man/zh_CN/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/zh_CN
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs

6
man/zh_TW/Makefile.in
View File

@@ -38,7 +38,11 @@ host_triplet = @host@
subdir = man/zh_TW
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/configure.in
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.in
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs