Changeset e02afe0 for chapter06/shadow.xml
- Timestamp:
- 02/10/2006 07:38:49 PM (19 years ago)
- Children:
- 851829a
- Parents:
- 529c103
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
chapter06/shadow.xml
r529c103 re02afe0 1 1 <?xml version="1.0" encoding="ISO-8859-1"?> 2 <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [ 2 <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN" 3 "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [ 3 4 <!ENTITY % general-entities SYSTEM "../general.ent"> 4 5 %general-entities; 5 6 ]> 7 6 8 <sect1 id="ch-system-shadow" role="wrap"> 7 <title>Shadow-&shadow-version;</title> 8 <?dbhtml filename="shadow.html"?> 9 10 <indexterm zone="ch-system-shadow"><primary sortas="a-Shadow">Shadow</primary></indexterm> 11 12 <sect2 role="package"><title/> 13 <para>The Shadow package contains programs for handling passwords in a secure 14 way.</para> 15 16 <segmentedlist> 17 <segtitle>&buildtime;</segtitle> 18 <segtitle>&diskspace;</segtitle> 19 <seglistitem><seg>0.4 SBU</seg><seg>14.7 MB</seg></seglistitem> 20 </segmentedlist> 21 22 <segmentedlist> 23 <segtitle>&dependencies;</segtitle> 24 <seglistitem><seg>Bash, Binutils, Bison, Coreutils, 25 Diffutils, GCC, Gettext, Glibc, Grep, Make, Patch, and Sed</seg></seglistitem> 26 </segmentedlist> 27 </sect2> 28 29 <sect2 role="installation"> 30 <title>Installation of Shadow</title> 31 32 <note><para>If you would like to enforce the use of strong passwords, refer to 33 <ulink url="&blfs-root;view/svn/postlfs/cracklib.html"/> for installing Cracklib 34 prior to building Shadow. Then add <parameter>--with-libcrack</parameter> to the 35 <command>configure</command> command below.</para></note> 36 37 <para>Prepare Shadow for compilation:</para> 9 <?dbhtml filename="shadow.html"?> 10 11 <title>Shadow-&shadow-version;</title> 12 13 <indexterm zone="ch-system-shadow"> 14 <primary sortas="a-Shadow">Shadow</primary> 15 </indexterm> 16 17 <sect2 role="package"> 18 <title/> 19 20 <para>The Shadow package contains programs for handling passwords in a secure 21 way.</para> 22 23 <segmentedlist> 24 <segtitle>&buildtime;</segtitle> 25 <segtitle>&diskspace;</segtitle> 26 27 <seglistitem> 28 <seg>0.4 SBU</seg> 29 <seg>14.7 MB</seg> 30 </seglistitem> 31 </segmentedlist> 32 33 <segmentedlist> 34 <segtitle>&dependencies;</segtitle> 35 36 <seglistitem> 37 <seg>Bash, Binutils, Bison, Coreutils, Diffutils, GCC, Gettext, 38 Glibc, Grep, Make, Patch, and Sed</seg> 39 </seglistitem> 40 </segmentedlist> 41 42 </sect2> 43 44 <sect2 role="installation"> 45 <title>Installation of Shadow</title> 46 47 <note> 48 <para>If you would like to enforce the use of strong passwords, refer to 49 <ulink url="&blfs-root;view/svn/postlfs/cracklib.html"/> for installing 50 Cracklib prior to building Shadow. Then add 51 <parameter>--with-libcrack</parameter> to the <command>configure</command> 52 command below.</para> 53 </note> 54 55 <para>Prepare Shadow for compilation:</para> 38 56 39 57 <screen><userinput>./configure --libdir=/lib --enable-shared --without-selinux</userinput></screen> 40 58 41 <para>The meaning of the configure options:</para> 42 43 <variablelist> 44 <varlistentry> 45 <term><parameter>--without-selinux</parameter></term> 46 <listitem><para>Support for selinux is enabled by default, but selinux is not 47 built in a base LFS system. The <command>configure</command> script will fail 48 if this option is not used.</para></listitem> 49 </varlistentry> 50 </variablelist> 51 52 <para>Disable the installation of the <command>groups</command> program and its man page, as Coreutils provides a better version:</para> 59 <variablelist> 60 <title>The meaning of the configure options:</title> 61 62 <varlistentry> 63 <term><parameter>--without-selinux</parameter></term> 64 <listitem> 65 <para>Support for selinux is enabled by default, but selinux is not 66 built in a base LFS system. The <command>configure</command> script 67 will fail if this option is not used.</para> 68 </listitem> 69 </varlistentry> 70 71 </variablelist> 72 73 <para>Disable the installation of the <command>groups</command> program 74 and its man page, as Coreutils provides a better version:</para> 53 75 54 76 <screen><userinput>sed -i 's/groups$(EXEEXT) //' src/Makefile 55 77 find man -name Makefile -exec sed -i '/groups/d' {} \;</userinput></screen> 56 78 57 <para>Disable the installation of Chinese and Korean manual pages, since Man-DB 58 cannot format them properly:</para>79 <para>Disable the installation of Chinese and Korean manual pages, since 80 Man-DB cannot format them properly:</para> 59 81 60 82 <screen><userinput>sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile</userinput></screen> 61 83 62 <para>Compile the package:</para>84 <para>Compile the package:</para> 63 85 64 86 <screen><userinput>make</userinput></screen> 65 87 66 <para>This package does not come with a test suite.</para>67 68 <para>Install the package:</para>88 <para>This package does not come with a test suite.</para> 89 90 <para>Install the package:</para> 69 91 70 92 <screen><userinput>make install</userinput></screen> 71 93 72 <para id="shadow-limits-login_access">Shadow uses two files to configure 73 authentication settings for the system. Install these two configuration 74 files:</para> 75 76 <indexterm zone="shadow-limits-login_access"><primary sortas="e-/etc/limits">/etc/limits</primary></indexterm> 77 <indexterm zone="shadow-limits-login_access"><primary sortas="e-/etc/login.access">/etc/login.access</primary></indexterm> 94 <para id="shadow-limits-login_access">Shadow uses two files to configure 95 authentication settings for the system. Install these two configuration 96 files:</para> 97 98 <indexterm zone="shadow-limits-login_access"> 99 <primary sortas="e-/etc/limits">/etc/limits</primary> 100 </indexterm> 101 102 <indexterm zone="shadow-limits-login_access"> 103 <primary sortas="e-/etc/login.access">/etc/login.access</primary> 104 </indexterm> 78 105 79 106 <screen><userinput>cp -v etc/{limits,login.access} /etc</userinput></screen> 80 107 81 <para id="shadow-login_defs">Instead of using the default <emphasis>crypt</emphasis> method, 82 use the more secure <emphasis>MD5</emphasis> method of password 83 encryption, which also allows passwords longer than 8 characters. It 84 is also necessary to change the obsolete <filename 85 class="directory">/var/spool/mail</filename> location for user 86 mailboxes that Shadow uses by default to the <filename 87 class="directory">/var/mail</filename> location used currently. Both 88 of these can be accomplished by changing the relevant configuration 89 file while copying it to its destination:</para> 90 91 <indexterm zone="shadow-login_defs"><primary sortas="e-/etc/login.defs">/etc/login.defs</primary></indexterm> 92 93 <note><para>If you built Shadow with Cracklib support, insert the following into 94 the <command>sed</command> given below:</para> 108 <para id="shadow-login_defs">Instead of using the default 109 <emphasis>crypt</emphasis> method, use the more secure 110 <emphasis>MD5</emphasis> method of password encryption, which also allows 111 passwords longer than 8 characters. It is also necessary to change the 112 obsolete <filename class="directory">/var/spool/mail</filename> location 113 for user mailboxes that Shadow uses by default to the <filename 114 class="directory">/var/mail</filename> location used currently. Both of 115 these can be accomplished by changing the relevant configuration file 116 while copying it to its destination:</para> 117 118 <indexterm zone="shadow-login_defs"> 119 <primary sortas="e-/etc/login.defs">/etc/login.defs</primary> 120 </indexterm> 121 122 <note> 123 <para>If you built Shadow with Cracklib support, insert the following into 124 the <command>sed</command> given below:</para> 95 125 96 126 <screen><literal>-e 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@'</literal></screen> 97 </note>127 </note> 98 128 99 129 <screen><userinput>sed -e's@#MD5_CRYPT_ENAB.no@MD5_CRYPT_ENAB yes@' \ … … 101 131 etc/login.defs > /etc/login.defs</userinput></screen> 102 132 103 <para>Move a misplaced program to its proper location:</para>133 <para>Move a misplaced program to its proper location:</para> 104 134 105 135 <screen><userinput>mv -v /usr/bin/passwd /bin</userinput></screen> 106 136 107 <para>Move Shadow's libraries to more appropriate locations:</para>137 <para>Move Shadow's libraries to more appropriate locations:</para> 108 138 109 139 <screen><userinput>mv -v /lib/libshadow.*a /usr/lib … … 111 141 ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> 112 142 113 <para>The <parameter>-D</parameter> option of the114 <command>useradd</command> program requires the <filename115 class="directory">/etc/default</filename> directory for it to work116 properly:</para>143 <para>The <parameter>-D</parameter> option of the 144 <command>useradd</command> program requires the <filename 145 class="directory">/etc/default</filename> directory for it to work 146 properly:</para> 117 147 118 148 <screen><userinput>mkdir -v /etc/default</userinput></screen> 119 149 120 </sect2> 121 122 123 <sect2 id="conf-shadow" role="configuration"><title>Configuring Shadow</title> 124 <indexterm zone="conf-shadow"> 125 <primary sortas="a-Shadow">Shadow</primary> 126 <secondary>configuring</secondary></indexterm> 127 128 <para>This package contains utilities to add, modify, and delete users 129 and groups; set and change their passwords; and perform other 130 administrative tasks. For a full explanation of what 131 <emphasis>password shadowing</emphasis> means, see the 132 <filename>doc/HOWTO</filename> file within the unpacked source tree. 133 If using Shadow support, keep in mind that programs which need to 134 verify passwords (display managers, FTP programs, pop3 daemons, etc.) 135 must be Shadow-compliant. That is, they need to be able to work with 136 shadowed passwords.</para> 137 138 <para>To enable shadowed passwords, run the following command:</para> 150 </sect2> 151 152 <sect2 id="conf-shadow" role="configuration"> 153 <title>Configuring Shadow</title> 154 155 <indexterm zone="conf-shadow"> 156 <primary sortas="a-Shadow">Shadow</primary> 157 <secondary>configuring</secondary> 158 </indexterm> 159 160 <para>This package contains utilities to add, modify, and delete users and 161 groups; set and change their passwords; and perform other administrative 162 tasks. For a full explanation of what <emphasis>password shadowing</emphasis> 163 means, see the <filename>doc/HOWTO</filename> file within the unpacked 164 source tree. If using Shadow support, keep in mind that programs which need 165 to verify passwords (display managers, FTP programs, pop3 daemons, etc.) 166 must be Shadow-compliant. That is, they need to be able to work with 167 shadowed passwords.</para> 168 169 <para>To enable shadowed passwords, run the following command:</para> 139 170 140 171 <screen><userinput>pwconv</userinput></screen> 141 172 142 <para>To enable shadowed group passwords, run:</para>173 <para>To enable shadowed group passwords, run:</para> 143 174 144 175 <screen><userinput>grpconv</userinput></screen> 145 176 146 <para>Under normal circumstances, passwords will not have been created 147 yet. However, if returning to this section later to enable shadowing, 148 reset any current user passwords with the <command>passwd</command> 149 command or any group passwords with the <command>gpasswd</command> 150 command.</para> 151 152 </sect2> 153 154 155 <sect2 role="configuration"> 156 <title>Setting the root password</title> 157 158 <para>Choose a password for user <emphasis>root</emphasis> and set it 159 by running:</para> 177 <para>Under normal circumstances, passwords will not have been created 178 yet. However, if returning to this section later to enable shadowing, 179 reset any current user passwords with the <command>passwd</command> 180 command or any group passwords with the <command>gpasswd</command> 181 command.</para> 182 183 </sect2> 184 185 <sect2 role="configuration"> 186 <title>Setting the root password</title> 187 188 <para>Choose a password for user <emphasis>root</emphasis> and set it 189 by running:</para> 160 190 161 191 <screen role="nodump"><userinput>passwd root</userinput></screen> 162 </sect2> 163 164 165 <sect2 id="contents-shadow" role="content"><title>Contents of Shadow</title> 166 167 <segmentedlist> 168 <segtitle>Installed programs</segtitle> 169 <segtitle>Installed libraries</segtitle> 170 <seglistitem><seg>chage, chfn, chpasswd, chsh, expiry, faillog, gpasswd, 171 groupadd, groupdel, groupmod, grpck, grpconv, grpunconv, lastlog, login, 172 logoutd, newgrp, newusers, passwd, pwck, pwconv, pwunconv, sg (link to newgrp), 173 su, useradd, userdel, usermod, vigr (link to vipw), and vipw</seg> 174 <seg>libshadow.[a,so]</seg> 175 </seglistitem> 176 </segmentedlist> 177 178 <variablelist><bridgehead renderas="sect3">Short Descriptions</bridgehead> 179 <?dbfo list-presentation="list"?> 180 <?dbhtml list-presentation="table"?> 181 182 <varlistentry id="chage"> 183 <term><command>chage</command></term> 184 <listitem> 185 <para>Used to change the maximum number of days between obligatory 186 password changes</para> 187 <indexterm zone="ch-system-shadow chage"><primary sortas="b-chage">chage</primary></indexterm> 188 </listitem> 189 </varlistentry> 190 191 <varlistentry id="chfn"> 192 <term><command>chfn</command></term> 193 <listitem> 194 <para>Used to change a user's full name and other information</para> 195 <indexterm zone="ch-system-shadow chfn"><primary sortas="b-chfn">chfn</primary></indexterm> 196 </listitem> 197 </varlistentry> 198 199 <varlistentry id="chpasswd"> 200 <term><command>chpasswd</command></term> 201 <listitem> 202 <para>Used to update the passwords of an entire series of user 203 accounts</para> 204 <indexterm zone="ch-system-shadow chpasswd"><primary sortas="b-chpasswd">chpasswd</primary></indexterm> 205 </listitem> 206 </varlistentry> 207 208 <varlistentry id="chsh"> 209 <term><command>chsh</command></term> 210 <listitem> 211 <para>Used to change a user's default login shell</para> 212 <indexterm zone="ch-system-shadow chsh"><primary sortas="b-chsh">chsh</primary></indexterm> 213 </listitem> 214 </varlistentry> 215 216 <varlistentry id="expiry"> 217 <term><command>expiry</command></term> 218 <listitem> 219 <para>Checks and enforces the current password expiration policy</para> 220 <indexterm zone="ch-system-shadow expiry"><primary sortas="b-expiry">expiry</primary></indexterm> 221 </listitem> 222 </varlistentry> 223 224 <varlistentry id="faillog"> 225 <term><command>faillog</command></term> 226 <listitem> 227 <para>Is used to examine the log of login failures, to set a maximum number of 228 failures before an account is blocked, or to reset the failure count</para> 229 <indexterm zone="ch-system-shadow faillog"><primary sortas="b-faillog">faillog</primary></indexterm> 230 </listitem> 231 </varlistentry> 232 233 <varlistentry id="gpasswd"> 234 <term><command>gpasswd</command></term> 235 <listitem> 236 <para>Is used to add and delete members and administrators to groups</para> 237 <indexterm zone="ch-system-shadow gpasswd"><primary sortas="b-gpasswd">gpasswd</primary></indexterm> 238 </listitem> 239 </varlistentry> 240 241 <varlistentry id="groupadd"> 242 <term><command>groupadd</command></term> 243 <listitem> 244 <para>Creates a group with the given name</para> 245 <indexterm zone="ch-system-shadow groupadd"><primary sortas="b-groupadd">groupadd</primary></indexterm> 246 </listitem> 247 </varlistentry> 248 249 <varlistentry id="groupdel"> 250 <term><command>groupdel</command></term> 251 <listitem> 252 <para>Deletes the group with the given name</para> 253 <indexterm zone="ch-system-shadow groupdel"><primary sortas="b-groupdel">groupdel</primary></indexterm> 254 </listitem> 255 </varlistentry> 256 257 <varlistentry id="groupmod"> 258 <term><command>groupmod</command></term> 259 <listitem> 260 <para>Is used to modify the given group's name or GID</para> 261 <indexterm zone="ch-system-shadow groupmod"><primary sortas="b-groupmod">groupmod</primary></indexterm> 262 </listitem> 263 </varlistentry> 264 265 <varlistentry id="grpck"> 266 <term><command>grpck</command></term> 267 <listitem> 268 <para>Verifies the integrity of the group files <filename>/etc/group</filename> 269 and <filename>/etc/gshadow</filename></para> 270 <indexterm zone="ch-system-shadow grpck"><primary sortas="b-grpck">grpck</primary></indexterm> 271 </listitem> 272 </varlistentry> 273 274 <varlistentry id="grpconv"> 275 <term><command>grpconv</command></term> 276 <listitem> 277 <para>Creates or updates the shadow group file from the normal group file</para> 278 <indexterm zone="ch-system-shadow grpconv"><primary sortas="b-grpconv">grpconv</primary></indexterm> 279 </listitem> 280 </varlistentry> 281 282 <varlistentry id="grpunconv"> 283 <term><command>grpunconv</command></term> 284 <listitem> 285 <para>Updates <filename>/etc/group</filename> 286 from <filename>/etc/gshadow</filename> and then deletes the latter</para> 287 <indexterm zone="ch-system-shadow grpunconv"><primary sortas="b-grpunconv">grpunconv</primary></indexterm> 288 </listitem> 289 </varlistentry> 290 291 <varlistentry id="lastlog"> 292 <term><command>lastlog</command></term> 293 <listitem> 294 <para>Reports the most recent login of all users or of a given user</para> 295 <indexterm zone="ch-system-shadow lastlog"><primary sortas="b-lastlog">lastlog</primary></indexterm> 296 </listitem> 297 </varlistentry> 298 299 <varlistentry id="login"> 300 <term><command>login</command></term> 301 <listitem> 302 <para>Is used by the system to let users sign on</para> 303 <indexterm zone="ch-system-shadow login"><primary sortas="b-login">login</primary></indexterm> 304 </listitem> 305 </varlistentry> 306 307 <varlistentry id="logoutd"> 308 <term><command>logoutd</command></term> 309 <listitem> 310 <para>Is a daemon used to enforce restrictions on log-on time and ports</para> 311 <indexterm zone="ch-system-shadow logoutd"><primary sortas="b-logoutd">logoutd</primary></indexterm> 312 </listitem> 313 </varlistentry> 314 315 <varlistentry id="newgrp"> 316 <term><command>newgrp</command></term> 317 <listitem> 318 <para>Is used to change the current GID during a login session</para> 319 <indexterm zone="ch-system-shadow newgrp"><primary sortas="b-newgrp">newgrp</primary></indexterm> 320 </listitem> 321 </varlistentry> 322 323 <varlistentry id="newusers"> 324 <term><command>newusers</command></term> 325 <listitem> 326 <para>Is used to create or update an entire series of user accounts</para> 327 <indexterm zone="ch-system-shadow newusers"><primary sortas="b-newusers">newusers</primary></indexterm> 328 </listitem> 329 </varlistentry> 330 331 <varlistentry id="passwd"> 332 <term><command>passwd</command></term> 333 <listitem> 334 <para>Is used to change the password for a user or group account</para> 335 <indexterm zone="ch-system-shadow passwd"><primary sortas="b-passwd">passwd</primary></indexterm> 336 </listitem> 337 </varlistentry> 338 339 <varlistentry id="pwck"> 340 <term><command>pwck</command></term> 341 <listitem> 342 <para>Verifies the integrity of the password files 343 <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename></para> 344 <indexterm zone="ch-system-shadow pwck"><primary sortas="b-pwck">pwck</primary></indexterm> 345 </listitem> 346 </varlistentry> 347 348 <varlistentry id="pwconv"> 349 <term><command>pwconv</command></term> 350 <listitem> 351 <para>Creates or updates the shadow password file from the normal 352 password file</para> 353 <indexterm zone="ch-system-shadow pwconv"><primary sortas="b-pwconv">pwconv</primary></indexterm> 354 </listitem> 355 </varlistentry> 356 357 <varlistentry id="pwunconv"> 358 <term><command>pwunconv</command></term> 359 <listitem> 360 <para>Updates <filename>/etc/passwd</filename> 361 from <filename>/etc/shadow</filename> and then deletes the latter</para> 362 <indexterm zone="ch-system-shadow pwunconv"><primary sortas="b-pwunconv">pwunconv</primary></indexterm> 363 </listitem> 364 </varlistentry> 365 366 <varlistentry id="sg"> 367 <term><command>sg</command></term> 368 <listitem> 369 <para>Executes a given command while the user's GID 370 is set to that of the given group</para> 371 <indexterm zone="ch-system-shadow sg"><primary sortas="b-sg">sg</primary></indexterm> 372 </listitem> 373 </varlistentry> 374 375 <varlistentry id="su"> 376 <term><command>su</command></term> 377 <listitem> 378 <indexterm zone="ch-system-shadow su"><primary sortas="b-su">su</primary></indexterm> 379 <para>Runs a shell with substitute user and group IDs</para> 380 </listitem> 381 </varlistentry> 382 383 <varlistentry id="useradd"> 384 <term><command>useradd</command></term> 385 <listitem> 386 <para>Creates a new user with the given name, or updates the default 387 new-user information</para> 388 <indexterm zone="ch-system-shadow useradd"><primary sortas="b-useradd">useradd</primary></indexterm> 389 </listitem> 390 </varlistentry> 391 392 <varlistentry id="userdel"> 393 <term><command>userdel</command></term> 394 <listitem> 395 <para>Deletes the given user account</para> 396 <indexterm zone="ch-system-shadow userdel"><primary sortas="b-userdel">userdel</primary></indexterm> 397 </listitem> 398 </varlistentry> 399 400 <varlistentry id="usermod"> 401 <term><command>usermod</command></term> 402 <listitem> 403 <para>Is used to modify the given user's login name, User 404 Identification (UID), 405 shell, initial group, home directory, etc.</para> 406 <indexterm zone="ch-system-shadow usermod"><primary sortas="b-usermod">usermod</primary></indexterm> 407 </listitem> 408 </varlistentry> 409 410 <varlistentry id="vigr"> 411 <term><command>vigr</command></term> 412 <listitem> 413 <para>Edits the <filename>/etc/group</filename> or 414 <filename>/etc/gshadow</filename> files</para> 415 <indexterm zone="ch-system-shadow vigr"><primary sortas="b-vigr">vigr</primary></indexterm> 416 </listitem> 417 </varlistentry> 418 419 <varlistentry id="vipw"> 420 <term><command>vipw</command></term> 421 <listitem> 422 <para>Edits the <filename>/etc/passwd</filename> or 423 <filename>/etc/shadow</filename> files</para> 424 <indexterm zone="ch-system-shadow vipw"><primary sortas="b-vipw">vipw</primary></indexterm> 425 </listitem> 426 </varlistentry> 427 428 <varlistentry id="libshadow"> 429 <term><filename class="libraryfile">libshadow</filename></term> 430 <listitem> 431 <para>Contains functions used by most programs in this package</para> 432 <indexterm zone="ch-system-shadow libshadow"><primary sortas="c-libshadow">libshadow</primary></indexterm> 433 </listitem> 434 </varlistentry> 435 </variablelist> 436 437 </sect2> 192 193 </sect2> 194 195 <sect2 id="contents-shadow" role="content"> 196 <title>Contents of Shadow</title> 197 198 <segmentedlist> 199 <segtitle>Installed programs</segtitle> 200 <segtitle>Installed libraries</segtitle> 201 202 <seglistitem> 203 <seg>chage, chfn, chpasswd, chsh, expiry, faillog, gpasswd, groupadd, 204 groupdel, groupmod, grpck, grpconv, grpunconv, lastlog, login, logoutd, 205 newgrp, newusers, passwd, pwck, pwconv, pwunconv, sg (link to newgrp), 206 su, useradd, userdel, usermod, vigr (link to vipw), and vipw</seg> 207 <seg>libshadow.[a,so]</seg> 208 </seglistitem> 209 </segmentedlist> 210 211 <variablelist> 212 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 213 <?dbfo list-presentation="list"?> 214 <?dbhtml list-presentation="table"?> 215 216 <varlistentry id="chage"> 217 <term><command>chage</command></term> 218 <listitem> 219 <para>Used to change the maximum number of days between obligatory 220 password changes</para> 221 <indexterm zone="ch-system-shadow chage"> 222 <primary sortas="b-chage">chage</primary> 223 </indexterm> 224 </listitem> 225 </varlistentry> 226 227 <varlistentry id="chfn"> 228 <term><command>chfn</command></term> 229 <listitem> 230 <para>Used to change a user's full name and other information</para> 231 <indexterm zone="ch-system-shadow chfn"> 232 <primary sortas="b-chfn">chfn</primary> 233 </indexterm> 234 </listitem> 235 </varlistentry> 236 237 <varlistentry id="chpasswd"> 238 <term><command>chpasswd</command></term> 239 <listitem> 240 <para>Used to update the passwords of an entire series of user 241 accounts</para> 242 <indexterm zone="ch-system-shadow chpasswd"> 243 <primary sortas="b-chpasswd">chpasswd</primary> 244 </indexterm> 245 </listitem> 246 </varlistentry> 247 248 <varlistentry id="chsh"> 249 <term><command>chsh</command></term> 250 <listitem> 251 <para>Used to change a user's default login shell</para> 252 <indexterm zone="ch-system-shadow chsh"> 253 <primary sortas="b-chsh">chsh</primary> 254 </indexterm> 255 </listitem> 256 </varlistentry> 257 258 <varlistentry id="expiry"> 259 <term><command>expiry</command></term> 260 <listitem> 261 <para>Checks and enforces the current password expiration policy</para> 262 <indexterm zone="ch-system-shadow expiry"> 263 <primary sortas="b-expiry">expiry</primary> 264 </indexterm> 265 </listitem> 266 </varlistentry> 267 268 <varlistentry id="faillog"> 269 <term><command>faillog</command></term> 270 <listitem> 271 <para>Is used to examine the log of login failures, to set a maximum 272 number of failures before an account is blocked, or to reset the 273 failure count</para> 274 <indexterm zone="ch-system-shadow faillog"> 275 <primary sortas="b-faillog">faillog</primary> 276 </indexterm> 277 </listitem> 278 </varlistentry> 279 280 <varlistentry id="gpasswd"> 281 <term><command>gpasswd</command></term> 282 <listitem> 283 <para>Is used to add and delete members and administrators to 284 groups</para> 285 <indexterm zone="ch-system-shadow gpasswd"> 286 <primary sortas="b-gpasswd">gpasswd</primary> 287 </indexterm> 288 </listitem> 289 </varlistentry> 290 291 <varlistentry id="groupadd"> 292 <term><command>groupadd</command></term> 293 <listitem> 294 <para>Creates a group with the given name</para> 295 <indexterm zone="ch-system-shadow groupadd"> 296 <primary sortas="b-groupadd">groupadd</primary> 297 </indexterm> 298 </listitem> 299 </varlistentry> 300 301 <varlistentry id="groupdel"> 302 <term><command>groupdel</command></term> 303 <listitem> 304 <para>Deletes the group with the given name</para> 305 <indexterm zone="ch-system-shadow groupdel"> 306 <primary sortas="b-groupdel">groupdel</primary> 307 </indexterm> 308 </listitem> 309 </varlistentry> 310 311 <varlistentry id="groupmod"> 312 <term><command>groupmod</command></term> 313 <listitem> 314 <para>Is used to modify the given group's name or GID</para> 315 <indexterm zone="ch-system-shadow groupmod"> 316 <primary sortas="b-groupmod">groupmod</primary> 317 </indexterm> 318 </listitem> 319 </varlistentry> 320 321 <varlistentry id="grpck"> 322 <term><command>grpck</command></term> 323 <listitem> 324 <para>Verifies the integrity of the group files 325 <filename>/etc/group</filename> and 326 <filename>/etc/gshadow</filename></para> 327 <indexterm zone="ch-system-shadow grpck"> 328 <primary sortas="b-grpck">grpck</primary> 329 </indexterm> 330 </listitem> 331 </varlistentry> 332 333 <varlistentry id="grpconv"> 334 <term><command>grpconv</command></term> 335 <listitem> 336 <para>Creates or updates the shadow group file from the normal 337 group file</para> 338 <indexterm zone="ch-system-shadow grpconv"> 339 <primary sortas="b-grpconv">grpconv</primary> 340 </indexterm> 341 </listitem> 342 </varlistentry> 343 344 <varlistentry id="grpunconv"> 345 <term><command>grpunconv</command></term> 346 <listitem> 347 <para>Updates <filename>/etc/group</filename> from 348 <filename>/etc/gshadow</filename> and then deletes the latter</para> 349 <indexterm zone="ch-system-shadow grpunconv"> 350 <primary sortas="b-grpunconv">grpunconv</primary> 351 </indexterm> 352 </listitem> 353 </varlistentry> 354 355 <varlistentry id="lastlog"> 356 <term><command>lastlog</command></term> 357 <listitem> 358 <para>Reports the most recent login of all users or of a 359 given user</para> 360 <indexterm zone="ch-system-shadow lastlog"> 361 <primary sortas="b-lastlog">lastlog</primary> 362 </indexterm> 363 </listitem> 364 </varlistentry> 365 366 <varlistentry id="login"> 367 <term><command>login</command></term> 368 <listitem> 369 <para>Is used by the system to let users sign on</para> 370 <indexterm zone="ch-system-shadow login"> 371 <primary sortas="b-login">login</primary> 372 </indexterm> 373 </listitem> 374 </varlistentry> 375 376 <varlistentry id="logoutd"> 377 <term><command>logoutd</command></term> 378 <listitem> 379 <para>Is a daemon used to enforce restrictions on log-on time 380 and ports</para> 381 <indexterm zone="ch-system-shadow logoutd"> 382 <primary sortas="b-logoutd">logoutd</primary> 383 </indexterm> 384 </listitem> 385 </varlistentry> 386 387 <varlistentry id="newgrp"> 388 <term><command>newgrp</command></term> 389 <listitem> 390 <para>Is used to change the current GID during a login session</para> 391 <indexterm zone="ch-system-shadow newgrp"> 392 <primary sortas="b-newgrp">newgrp</primary> 393 </indexterm> 394 </listitem> 395 </varlistentry> 396 397 <varlistentry id="newusers"> 398 <term><command>newusers</command></term> 399 <listitem> 400 <para>Is used to create or update an entire series of user 401 accounts</para> 402 <indexterm zone="ch-system-shadow newusers"> 403 <primary sortas="b-newusers">newusers</primary> 404 </indexterm> 405 </listitem> 406 </varlistentry> 407 408 <varlistentry id="passwd"> 409 <term><command>passwd</command></term> 410 <listitem> 411 <para>Is used to change the password for a user or group account</para> 412 <indexterm zone="ch-system-shadow passwd"> 413 <primary sortas="b-passwd">passwd</primary> 414 </indexterm> 415 </listitem> 416 </varlistentry> 417 418 <varlistentry id="pwck"> 419 <term><command>pwck</command></term> 420 <listitem> 421 <para>Verifies the integrity of the password files 422 <filename>/etc/passwd</filename> and 423 <filename>/etc/shadow</filename></para> 424 <indexterm zone="ch-system-shadow pwck"> 425 <primary sortas="b-pwck">pwck</primary> 426 </indexterm> 427 </listitem> 428 </varlistentry> 429 430 <varlistentry id="pwconv"> 431 <term><command>pwconv</command></term> 432 <listitem> 433 <para>Creates or updates the shadow password file from the normal 434 password file</para> 435 <indexterm zone="ch-system-shadow pwconv"> 436 <primary sortas="b-pwconv">pwconv</primary> 437 </indexterm> 438 </listitem> 439 </varlistentry> 440 441 <varlistentry id="pwunconv"> 442 <term><command>pwunconv</command></term> 443 <listitem> 444 <para>Updates <filename>/etc/passwd</filename> from 445 <filename>/etc/shadow</filename> and then deletes the latter</para> 446 <indexterm zone="ch-system-shadow pwunconv"> 447 <primary sortas="b-pwunconv">pwunconv</primary> 448 </indexterm> 449 </listitem> 450 </varlistentry> 451 452 <varlistentry id="sg"> 453 <term><command>sg</command></term> 454 <listitem> 455 <para>Executes a given command while the user's GID 456 is set to that of the given group</para> 457 <indexterm zone="ch-system-shadow sg"> 458 <primary sortas="b-sg">sg</primary> 459 </indexterm> 460 </listitem> 461 </varlistentry> 462 463 <varlistentry id="su"> 464 <term><command>su</command></term> 465 <listitem> 466 <para>Runs a shell with substitute user and group IDs</para> 467 <indexterm zone="ch-system-shadow su"> 468 <primary sortas="b-su">su</primary> 469 </indexterm> 470 </listitem> 471 </varlistentry> 472 473 <varlistentry id="useradd"> 474 <term><command>useradd</command></term> 475 <listitem> 476 <para>Creates a new user with the given name, or updates the default 477 new-user information</para> 478 <indexterm zone="ch-system-shadow useradd"> 479 <primary sortas="b-useradd">useradd</primary> 480 </indexterm> 481 </listitem> 482 </varlistentry> 483 484 <varlistentry id="userdel"> 485 <term><command>userdel</command></term> 486 <listitem> 487 <para>Deletes the given user account</para> 488 <indexterm zone="ch-system-shadow userdel"> 489 <primary sortas="b-userdel">userdel</primary> 490 </indexterm> 491 </listitem> 492 </varlistentry> 493 494 <varlistentry id="usermod"> 495 <term><command>usermod</command></term> 496 <listitem> 497 <para>Is used to modify the given user's login name, User 498 Identification (UID), shell, initial group, home directory, etc.</para> 499 <indexterm zone="ch-system-shadow usermod"> 500 <primary sortas="b-usermod">usermod</primary> 501 </indexterm> 502 </listitem> 503 </varlistentry> 504 505 <varlistentry id="vigr"> 506 <term><command>vigr</command></term> 507 <listitem> 508 <para>Edits the <filename>/etc/group</filename> or 509 <filename>/etc/gshadow</filename> files</para> 510 <indexterm zone="ch-system-shadow vigr"> 511 <primary sortas="b-vigr">vigr</primary> 512 </indexterm> 513 </listitem> 514 </varlistentry> 515 516 <varlistentry id="vipw"> 517 <term><command>vipw</command></term> 518 <listitem> 519 <para>Edits the <filename>/etc/passwd</filename> or 520 <filename>/etc/shadow</filename> files</para> 521 <indexterm zone="ch-system-shadow vipw"> 522 <primary sortas="b-vipw">vipw</primary> 523 </indexterm> 524 </listitem> 525 </varlistentry> 526 527 <varlistentry id="libshadow"> 528 <term><filename class="libraryfile">libshadow</filename></term> 529 <listitem> 530 <para>Contains functions used by most programs in this package</para> 531 <indexterm zone="ch-system-shadow libshadow"> 532 <primary sortas="c-libshadow">libshadow</primary> 533 </indexterm> 534 </listitem> 535 </varlistentry> 536 537 </variablelist> 538 539 </sect2> 438 540 439 541 </sect1> 440
Note:
See TracChangeset
for help on using the changeset viewer.