VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Delete extraneous files

Browse Source
This commit is contained in:
Christian Perrier
2014-03-14 21:51:48 +01:00
parent 68fb7adaf7
commit 2649a0dc50
4 changed files with 0 additions and 30605 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14622
ChangeLog.orig
View File

File diff suppressed because it is too large Load Diff

14677
ChangeLog~
View File

File diff suppressed because it is too large Load Diff

458
lib/groupio.c~
View File

@@ -1,458 +0,0 @@
/*
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
* Copyright (c) 2001 , Michał Moskal
* Copyright (c) 2005 , Tomasz Kłoczko
* Copyright (c) 2007 - 2010, Nicolas François
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the copyright holders or contributors may not be used to
* endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <config.h>
#ident "$Id$"
#include <assert.h>
#include <stdio.h>
#include "prototypes.h"
#include "defines.h"
#include "commonio.h"
#include "getdef.h"
#include "groupio.h"
static /*@null@*/struct commonio_entry *merge_group_entries (
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
/*@null@*/struct commonio_entry *gr2);
static int split_groups (unsigned int max_members);
static int group_open_hook (void);
static /*@null@*/ /*@only@*/void *group_dup (const void *ent)
{
const struct group *gr = ent;
return __gr_dup (gr);
}
static void group_free (/*@out@*/ /*@only@*/void *ent)
{
struct group *gr = ent;
gr_free (gr);
}
static const char *group_getname (const void *ent)
{
const struct group *gr = ent;
return gr->gr_name;
}
static void *group_parse (const char *line)
{
return (void *) sgetgrent (line);
}
static int group_put (const void *ent, FILE * file)
{
const struct group *gr = ent;
if ( (NULL == gr)
|| (valid_field (gr->gr_name, ":\n") == -1)
|| (valid_field (gr->gr_passwd, ":\n") == -1)
|| (gr->gr_gid == (gid_t)-1)) {
return -1;
}
/* FIXME: fail also if gr->gr_mem == NULL ?*/
if (NULL != gr->gr_mem) {
size_t i;
for (i = 0; NULL != gr->gr_mem[i]; i++) {
if (valid_field (gr->gr_mem[i], ",:\n") == -1) {
return -1;
}
}
}
return (putgrent (gr, file) == -1) ? -1 : 0;
}
static int group_close_hook (void)
{
unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
if (0 == max_members) {
return 1;
}
return split_groups (max_members);
}
static struct commonio_ops group_ops = {
group_dup,
group_free,
group_getname,
group_parse,
group_put,
fgetsx,
fputsx,
group_open_hook,
group_close_hook
};
static /*@owned@*/struct commonio_db group_db = {
GROUP_FILE, /* filename */
&group_ops, /* ops */
NULL, /* fp */
#ifdef WITH_SELINUX
NULL, /* scontext */
#endif
NULL, /* head */
NULL, /* tail */
NULL, /* cursor */
false, /* changed */
false, /* isopen */
false, /* locked */
false /* readonly */
};
int gr_setdbname (const char *filename)
{
return commonio_setname (&group_db, filename);
}
/*@observer@*/const char *gr_dbname (void)
{
return group_db.filename;
}
int gr_lock (void)
{
return commonio_lock (&group_db);
}
int gr_open (int mode)
{
return commonio_open (&group_db, mode);
}
/*@observer@*/ /*@null@*/const struct group *gr_locate (const char *name)
{
return commonio_locate (&group_db, name);
}
/*@observer@*/ /*@null@*/const struct group *gr_locate_gid (gid_t gid)
{
const struct group *grp;
gr_rewind ();
while ( ((grp = gr_next ()) != NULL)
&& (grp->gr_gid != gid)) {
}
return grp;
}
int gr_update (const struct group *gr)
{
return commonio_update (&group_db, (const void *) gr);
}
int gr_remove (const char *name)
{
return commonio_remove (&group_db, name);
}
int gr_rewind (void)
{
return commonio_rewind (&group_db);
}
/*@observer@*/ /*@null@*/const struct group *gr_next (void)
{
return commonio_next (&group_db);
}
int gr_close (void)
{
return commonio_close (&group_db);
}
int gr_unlock (void)
{
return commonio_unlock (&group_db);
}
void __gr_set_changed (void)
{
group_db.changed = true;
}
/*@dependent@*/ /*@null@*/struct commonio_entry *__gr_get_head (void)
{
return group_db.head;
}
/*@observer@*/const struct commonio_db *__gr_get_db (void)
{
return &group_db;
}
void __gr_del_entry (const struct commonio_entry *ent)
{
commonio_del_entry (&group_db, ent);
}
static int gr_cmp (const void *p1, const void *p2)
{
gid_t u1, u2;
if ((*(struct commonio_entry **) p1)->eptr == NULL) {
return 1;
}
if ((*(struct commonio_entry **) p2)->eptr == NULL) {
return -1;
}
u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid;
u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid;
if (u1 < u2) {
return -1;
} else if (u1 > u2) {
return 1;
} else {
return 0;
}
}
/* Sort entries by GID */
int gr_sort ()
{
return commonio_sort (&group_db, gr_cmp);
}
static int group_open_hook (void)
{
unsigned int max_members = getdef_unum("MAX_MEMBERS_PER_GROUP", 0);
struct commonio_entry *gr1, *gr2;
if (0 == max_members) {
return 1;
}
for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) {
for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) {
struct group *g1 = (struct group *)gr1->eptr;
struct group *g2 = (struct group *)gr2->eptr;
if (NULL != g1 &&
NULL != g2 &&
0 == strcmp (g1->gr_name, g2->gr_name) &&
0 == strcmp (g1->gr_passwd, g2->gr_passwd) &&
g1->gr_gid == g2->gr_gid) {
/* Both group entries refer to the same
* group. It is a split group. Merge the
* members. */
gr1 = merge_group_entries (gr1, gr2);
if (NULL == gr1)
return 0;
/* Unlink gr2 */
if (NULL != gr2->next) {
gr2->next->prev = gr2->prev;
}
/* gr2 does not start with head */
assert (NULL != gr2->prev);
gr2->prev->next = gr2->next;
}
}
assert (NULL != gr1);
}
return 1;
}
/*
* Merge the list of members of the two group entries.
*
* The commonio_entry arguments shall be group entries.
*
* You should not merge the members of two groups if they don't have the
* same name, password and gid.
*
* It merge the members of the second entry in the first one, and return
* the modified first entry on success, or NULL on failure (with errno
* set).
*/
static /*@null@*/struct commonio_entry *merge_group_entries (
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
/*@null@*/struct commonio_entry *gr2)
{
struct group *gptr1;
struct group *gptr2;
char **new_members;
size_t members = 0;
char *new_line;
size_t new_line_len, i;
if (NULL == gr2 || NULL == gr1) {
errno = EINVAL;
return NULL;
}
gptr1 = (struct group *)gr1->eptr;
gptr2 = (struct group *)gr2->eptr;
if (NULL == gptr2 || NULL == gptr1) {
errno = EINVAL;
return NULL;
}
/* Concatenate the 2 lines */
new_line_len = strlen (gr1->line) + strlen (gr2->line) +2;
new_line = (char *)malloc ((new_line_len + 1) * sizeof(char*));
if (NULL == new_line) {
errno = ENOMEM;
return NULL;
}
snprintf(new_line, new_line_len, "%s\n%s", gr1->line, gr2->line);
new_line[new_line_len] = '\0';
/* Concatenate the 2 list of members */
for (i=0; NULL != gptr1->gr_mem[i]; i++);
members += i;
for (i=0; NULL != gptr2->gr_mem[i]; i++) {
char **pmember = gptr1->gr_mem;
while (NULL != *pmember) {
if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
break;
}
pmember++;
}
if (NULL == *pmember) {
members++;
}
}
new_members = (char **)malloc ( (members+1) * sizeof(char*) );
if (NULL == new_members) {
free (new_line);
errno = ENOMEM;
return NULL;
}
for (i=0; NULL != gptr1->gr_mem[i]; i++) {
new_members[i] = gptr1->gr_mem[i];
}
members = i;
for (i=0; NULL != gptr2->gr_mem[i]; i++) {
char **pmember = new_members;
while (NULL != *pmember) {
if (0 == strcmp(*pmember, gptr2->gr_mem[i])) {
break;
}
pmember++;
}
if (NULL == *pmember) {
new_members[members] = gptr2->gr_mem[i];
members++;
new_members[members] = NULL;
}
}
gr1->line = new_line;
gptr1->gr_mem = new_members;
return gr1;
}
/*
* Scan the group database and split the groups which have more members
* than specified, if this is the result from a current change.
*
* Return 0 on failure (errno set) and 1 on success.
*/
static int split_groups (unsigned int max_members)
{
struct commonio_entry *gr;
for (gr = group_db.head; NULL != gr; gr = gr->next) {
struct group *gptr = (struct group *)gr->eptr;
struct commonio_entry *new;
struct group *new_gptr;
unsigned int members = 0;
unsigned int i;
/* Check if this group must be split */
if (!gr->changed) {
continue;
}
if (NULL == gptr) {
continue;
}
for (members = 0; NULL != gptr->gr_mem[members]; members++);
if (members <= max_members) {
continue;
}
new = (struct commonio_entry *) malloc (sizeof *new);
if (NULL == new) {
errno = ENOMEM;
return 0;
}
new->eptr = group_dup(gr->eptr);
if (NULL == new->eptr) {
free (new);
errno = ENOMEM;
return 0;
}
new_gptr = (struct group *)new->eptr;
new->line = NULL;
new->changed = true;
/* Enforce the maximum number of members on gptr */
for (i = max_members; NULL != gptr->gr_mem[i]; i++) {
free (gptr->gr_mem[i]);
gptr->gr_mem[i] = NULL;
}
/* Shift all the members */
/* The number of members in new_gptr will be check later */
for (i = 0; NULL != new_gptr->gr_mem[i + max_members]; i++) {
if (NULL != new_gptr->gr_mem[i]) {
free (new_gptr->gr_mem[i]);
}
new_gptr->gr_mem[i] = new_gptr->gr_mem[i + max_members];
new_gptr->gr_mem[i + max_members] = NULL;
}
for (; NULL != new_gptr->gr_mem[i]; i++) {
free (new_gptr->gr_mem[i]);
new_gptr->gr_mem[i] = NULL;
}
/* insert the new entry in the list */
new->prev = gr;
new->next = gr->next;
gr->next = new;
}
return 1;
}

848
man/useradd.8.xml~
View File

@@ -1,848 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1991 - 1994, Julianne Frances Haugh
Copyright (c) 2007 - 2011, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the copyright holders or contributors may not be used to
endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY CREATE_HOME SYSTEM "login.defs.d/CREATE_HOME.xml">
<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
<!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml">
<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
<!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml">
<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml">
<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
<!-- SHADOW-CONFIG-HERE -->
]>
<refentry id='useradd.8'>
<!-- $Id$ -->
<refentryinfo>
<author>
<firstname>Julianne Frances</firstname>
<surname>Haugh</surname>
<contrib>Creation, 1991</contrib>
</author>
<author>
<firstname>Thomas</firstname>
<surname>Kłoczko</surname>
<email>kloczek@pld.org.pl</email>
<contrib>shadow-utils maintainer, 2000 - 2007</contrib>
</author>
<author>
<firstname>Nicolas</firstname>
<surname>François</surname>
<email>nicolas.francois@centraliens.net</email>
<contrib>shadow-utils maintainer, 2007 - now</contrib>
</author>
</refentryinfo>
<refmeta>
<refentrytitle>useradd</refentrytitle>
<manvolnum>8</manvolnum>
<refmiscinfo class="sectdesc">System Management Commands</refmiscinfo>
<refmiscinfo class="source">shadow-utils</refmiscinfo>
<refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
</refmeta>
<refnamediv id='name'>
<refname>useradd</refname>
<refpurpose>create a new user or update default new user information</refpurpose>
</refnamediv>
<refsynopsisdiv id='synopsis'>
<cmdsynopsis>
<command>useradd</command>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
<arg choice='plain'><replaceable>LOGIN</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>useradd</command>
<arg choice='plain'>-D </arg>
</cmdsynopsis>
<cmdsynopsis>
<command>useradd</command>
<arg choice='plain'>-D </arg>
<arg choice='opt'>
<replaceable>options</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
When invoked without the <option>-D</option> option, the
<command>useradd</command> command creates a new user account using
the values specified on the command line plus the default values from
the system. Depending on command line options, the
<command>useradd</command> command
will update system files and may also create the new user's home
directory and copy initial files.
</para>
<para>
By default, a group will also be created for the new user (see
<option>-g</option>, <option>-N</option>, <option>-U</option>, and
<option>USERGROUPS_ENAB</option>).
</para>
</refsect1>
<refsect1 id='options'>
<title>OPTIONS</title>
<para>The options which apply to the <command>useradd</command> command are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-b</option>, <option>--base-dir</option>
<replaceable>BASE_DIR</replaceable>
</term>
<listitem>
<para>
The default base directory for the system if <option>-d</option>
<replaceable>HOME_DIR</replaceable> is not specified.
<replaceable>BASE_DIR</replaceable> is
concatenated with the account name to define the home directory.
If the <option>-m</option> option is not used,
<replaceable>BASE_DIR</replaceable> must exist.
</para>
<para>
If this option is not specified, <command>useradd</command>
will use the base directory specified by the
<option>HOME</option> variable in
<filename>/etc/default/useradd</filename>, or
<filename>/home</filename> by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-c</option>, <option>--comment</option>
<replaceable>COMMENT</replaceable>
</term>
<listitem>
<para>
Any text string. It is generally a short description of the
login, and is currently used as the field for the user's full
name.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-d</option>, <option>--home</option>
<replaceable>HOME_DIR</replaceable>
</term>
<listitem>
<para>
The new user will be created using
<replaceable>HOME_DIR</replaceable> as the value for the user's
login directory. The default is to append the
<replaceable>LOGIN</replaceable> name to
<replaceable>BASE_DIR</replaceable> and use that as the login
directory name. The directory <replaceable>HOME_DIR</replaceable>
does not have to exist but will not be created if it is missing.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-D</option>, <option>--defaults</option>
</term>
<listitem>
<para>
See below, the subsection "Changing the default values".
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-e</option>, <option>--expiredate</option>
<replaceable>EXPIRE_DATE</replaceable>
</term>
<listitem>
<para>
The date on which the user account will be disabled. The date is
specified in the format <emphasis remap='I'>YYYY-MM-DD</emphasis>.
</para>
<para>
If not specified, <command>useradd</command> will use the
default expiry date specified by the <option>EXPIRE</option>
variable in <filename>/etc/default/useradd</filename>, or
an empty string (no expiry) by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-f</option>, <option>--inactive</option>
<replaceable>INACTIVE</replaceable>
</term>
<listitem>
<para>
The number of days after a password expires until the account is
permanently disabled. A value of 0 disables the account as soon
as the password has expired, and a value of -1 disables the
feature.
</para>
<para>
If not specified, <command>useradd</command> will use the
default inactivity period specified by the
<option>INACTIVE</option> variable in
<filename>/etc/default/useradd</filename>, or -1 by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option>, <option>--gid</option>
<replaceable>GROUP</replaceable>
</term>
<listitem>
<para>
The group name or number of the user's initial login group. The
group name must exist. A group number must refer to an already
existing group.
</para>
<para>
If not specified, the behavior of <command>useradd</command>
will depend on the <option>USERGROUPS_ENAB</option> variable
in <filename>/etc/login.defs</filename>. If this variable is
set to <replaceable>yes</replaceable> (or
<option>-U/--user-group</option> is specified on the command
line), a group will be created for the user, with the same
name as her loginname. If the variable is set to
<replaceable>no</replaceable> (or
<option>-N/--no-user-group</option> is specified on the
command line), useradd will set the primary group of the new
user to the value specified by the <option>GROUP</option>
variable in <filename>/etc/default/useradd</filename>, or
100 by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-G</option>, <option>--groups</option>
<replaceable>GROUP1</replaceable>[<emphasis remap='I'>,GROUP2,...</emphasis>[<emphasis remap='I'>,GROUPN</emphasis>]]]
</term>
<listitem>
<para>
A list of supplementary groups which the user is also a member
of. Each group is separated from the next by a comma, with no
intervening whitespace. The groups are subject to the same
restrictions as the group given with the <option>-g</option>
option. The default is for the user to belong only to the
initial group.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-k</option>, <option>--skel</option>
<replaceable>SKEL_DIR</replaceable>
</term>
<listitem>
<para>
The skeleton directory, which contains files and directories
to be copied in the user's home directory, when the home
directory is created by <command>useradd</command>.
</para>
<para>
This option is only valid if the <option>-m</option> (or
<option>--create-home</option>) option is specified.
</para>
<para>
If this option is not set, the skeleton directory is defined
by the <option>SKEL</option> variable in
<filename>/etc/default/useradd</filename> or, by default,
<filename>/etc/skel</filename>.
</para>
<para>
If possible, the ACLs and extended attributes are copied.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-K</option>, <option>--key</option>
<replaceable>KEY</replaceable>=<replaceable>VALUE</replaceable>
</term>
<listitem>
<para>
Overrides <filename>/etc/login.defs</filename> defaults
(<option>UID_MIN</option>, <option>UID_MAX</option>,
<option>UMASK</option>, <option>PASS_MAX_DAYS</option>
and others).
<para>
</para>
Example: <option>-K </option><replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable>
can be used when creating system account to turn off password
ageing, even though system account has no password at all.
Multiple <option>-K</option> options can be specified, e.g.:
<option>-K </option>
<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>
<option>-K </option>
<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
</para>
<!--para>
Note: <option>-K </option>
<replaceable>UID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
doesn't work yet.
</para-->
</listitem>
</varlistentry>
<varlistentry>
<term><option>-l</option>, <option>--no-log-init</option></term>
<listitem>
<para>
Do not add the user to the lastlog and faillog databases.
</para>
<para>
By default, the user's entries in the lastlog and faillog
databases are resetted to avoid reusing the entry from a previously
deleted user.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-m</option>, <option>--create-home</option>
</term>
<listitem>
<para>
Create the user's home directory if it does not exist.
The files and directories contained in the skeleton directory
(which can be defined with the <option>-k</option> option)
will be copied to the home directory.
</para>
<para>
By default, if this option is not specified and
<option>CREATE_HOME</option> is not enabled, no home
directories are created.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-M</option>
</term>
<listitem>
<para>
Do no create the user's home directory, even if the system
wide setting from <filename>/etc/login.defs</filename>
(<option>CREATE_HOME</option>) is set to
<replaceable>yes</replaceable>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-N</option>, <option>--no-user-group</option>
</term>
<listitem>
<para>
Do not create a group with the same name as the user, but
add the user to the group specified by the <option>-g</option>
option or by the <option>GROUP</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
<para>
The default behavior (if the <option>-g</option>,
<option>-N</option>, and <option>-U</option> options are not
specified) is defined by the <option>USERGROUPS_ENAB</option>
variable in <filename>/etc/login.defs</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-o</option>, <option>--non-unique</option>
</term>
<listitem>
<para>Allow the creation of a user account with a duplicate (non-unique) UID.</para>
<para>
This option is only valid in combination with the
<option>-u</option> option.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-p</option>, <option>--password</option>
<replaceable>PASSWORD</replaceable>
</term>
<listitem>
<para>
The encrypted password, as returned by <citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>. The default is to disable the password.
</para>
<para>
<emphasis role="bold">Note:</emphasis> This option is not
recommended because the password (or encrypted password) will
be visible by users listing the processes.
</para>
<para>
You should make sure the password respects the system's
password policy.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-r</option>, <option>--system</option>
</term>
<listitem>
<para>
Create a system account.
</para>
<para>
System users will be created with no aging information in
<filename>/etc/shadow</filename>, and their numeric
identifiers are chosen in the
<option>SYS_UID_MIN</option>-<option>SYS_UID_MAX</option>
range, defined in <filename>/etc/login.defs</filename>, instead of
<option>UID_MIN</option>-<option>UID_MAX</option> (and their
<option>GID</option> counterparts for the creation of groups).
</para>
<para>
Note that <command>useradd</command> will not create a home
directory for such an user, regardless of the default setting
in <filename>/etc/login.defs</filename>
(<option>CREATE_HOME</option>). You have to specify the
<option>-m</option> options if you want a home directory for a
system account to be created.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-R</option>, <option>--root</option>
<replaceable>CHROOT_DIR</replaceable>
</term>
<listitem>
<para>
Apply changes in the <replaceable>CHROOT_DIR</replaceable>
directory and use the configuration files from the
<replaceable>CHROOT_DIR</replaceable> directory.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-s</option>, <option>--shell</option>
<replaceable>SHELL</replaceable>
</term>
<listitem>
<para>
The name of the user's login shell. The default is to leave this
field blank, which causes the system to select the default login
shell specified by the <option>SHELL</option> variable in
<filename>/etc/default/useradd</filename>, or an empty string
by default.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-u</option>, <option>--uid</option>
<replaceable>UID</replaceable>
</term>
<listitem>
<para>
The numerical value of the user's ID. This value must be unique,
unless the <option>-o</option> option is used. The value must be
non-negative. The default is to use the smallest ID value
greater than or equal to <option>UID_MIN</option> and greater
than every other user.
</para>
<para>
See also the <option>-r</option> option and the
<option>UID_MAX</option> description.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-U</option>, <option>--user-group</option>
</term>
<listitem>
<para>
Create a group with the same name as the user, and
add the user to this group.
</para>
<para>
The default behavior (if the <option>-g</option>,
<option>-N</option>, and <option>-U</option> options are not
specified) is defined by the <option>USERGROUPS_ENAB</option>
variable in <filename>/etc/login.defs</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-Z</option>, <option>--selinux-user</option>
<replaceable>SEUSER</replaceable>
</term>
<listitem>
<para>
The SELinux user for the user's login. The default is to leave this
field blank, which causes the system to select the default SELinux
user.
</para>
</listitem>
</varlistentry>
</variablelist>
<refsect2 id='changing_the_default_values'>
<title>Changing the default values</title>
<para>
When invoked with only the <option>-D</option> option,
<command>useradd</command> will display the current default values.
When invoked with <option>-D</option> plus other options,
<command>useradd</command> will update the default values for the
specified options. Valid default-changing options are:
</para>
<variablelist remap='IP'>
<varlistentry>
<term>
<option>-b</option>, <option>--base-dir</option>
<replaceable>BASE_DIR</replaceable>
</term>
<listitem>
<para>
The path prefix for a new user's home directory. The
user's name will be affixed to the end of
<replaceable>BASE_DIR</replaceable> to form the new user's
home directory name, if the <option>-d</option> option is not used
when creating a new account.
</para>
<para>
This option sets the <option>HOME</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-e</option>, <option>--expiredate</option>
<replaceable>EXPIRE_DATE</replaceable>
</term>
<listitem>
<para>The date on which the user account is disabled.</para>
<para>
This option sets the <option>EXPIRE</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-f</option>, <option>--inactive</option>
<replaceable>INACTIVE</replaceable>
</term>
<listitem>
<para>
The number of days after a password has expired before the
account will be disabled.
</para>
<para>
This option sets the <option>INACTIVE</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-g</option>, <option>--gid</option>
<replaceable>GROUP</replaceable>
</term>
<listitem>
<para>
The group name or ID for a new user's initial group (when
the <option>-N/--no-user-group</option> is used or when the
<option>USERGROUPS_ENAB</option> variable is set to
<replaceable>no</replaceable> in
<filename>/etc/login.defs</filename>). The named
group must exist, and a numerical group ID must have an
existing entry.
</para>
<para>
This option sets the <option>GROUP</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>-s</option>, <option>--shell</option>
<replaceable>SHELL</replaceable>
</term>
<listitem>
<para>
The name of a new user's login shell.
</para>
<para>
This option sets the <option>SHELL</option> variable in
<filename>/etc/default/useradd</filename>.
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect2>
</refsect1>
<refsect1 id='notes'>
<title>NOTES</title>
<para>The system administrator is responsible for placing the default
user files in the <filename>/etc/skel/</filename> directory (or any
other skeleton directory specified in
<filename>/etc/default/useradd</filename> or on the command line).
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
You may not add a user to a NIS or LDAP group. This must be
performed on the corresponding server.
</para>
<para>
Similarly, if the username already exists in an external user
database such as NIS or LDAP, <command>useradd</command> will deny
the user account creation request.
</para>
<para>
Usernames must start with a lower case letter or an underscore,
followed by lower case letters, digits, underscores, or dashes.
They can end with a dollar sign.
In regular expression terms: [a-z_][a-z0-9_-]*[$]?
</para>
<para>
Usernames may only be up to 32 characters long.
</para>
</refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&CREATE_HOME;
&GID_MAX; <!-- documents also GID_MIN -->
&MAIL_DIR;
&MAX_MEMBERS_PER_GROUP;
&PASS_MAX_DAYS;
&PASS_MIN_DAYS;
&PASS_WARN_AGE;
&SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
&SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
&TCB_AUTH_GROUP;
&TCB_SYMLINKS;
&UID_MAX; <!-- documents also UID_MIN -->
&UMASK;
&USE_TCB;
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/passwd</filename></term>
<listitem>
<para>User account information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>
<para>Secure user account information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/group</filename></term>
<listitem>
<para>Group account information.</para>
</listitem>
</varlistentry>
<varlistentry condition="gshadow">
<term><filename>/etc/gshadow</filename></term>
<listitem>
<para>Secure group account information.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/default/useradd</filename></term>
<listitem>
<para>Default values for account creation.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/skel/</filename></term>
<listitem>
<para>Directory containing default files.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>/etc/login.defs</filename></term>
<listitem>
<para>Shadow password suite configuration.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='exit_values'>
<title>EXIT VALUES</title>
<para>
The <command>useradd</command> command exits with the following values:
<variablelist>
<varlistentry>
<term><replaceable>0</replaceable></term>
<listitem>
<para>success</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>1</replaceable></term>
<listitem>
<para>can't update password file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>2</replaceable></term>
<listitem>
<para>invalid command syntax</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>3</replaceable></term>
<listitem>
<para>invalid argument to option</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>4</replaceable></term>
<listitem>
<para>UID already in use (and no <option>-o</option>)</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>6</replaceable></term>
<listitem>
<para>specified group doesn't exist</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>9</replaceable></term>
<listitem>
<para>username already in use</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>10</replaceable></term>
<listitem>
<para>can't update group file</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>12</replaceable></term>
<listitem>
<para>can't create home directory</para>
</listitem>
</varlistentry>
<varlistentry>
<term><replaceable>14</replaceable></term>
<listitem>
<para>can't update SELinux user mapping</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>chfn</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>chsh</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>userdel</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>usermod</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>.
</para>
</refsect1>
</refentry>