1.\" Copyright (c) 1995-1996 Wolfram Schneider <wosch@FreeBSD.org>. Berlin. 2.\" All rights reserved. 3.\" Copyright (c) 2002 Michael Telahun Makonnen <makonnen@pacbell.net> 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.\" $FreeBSD$ 28.\" 29.Dd August 14, 2002 30.Dt ADDUSER 8 31.Os 32.Sh NAME 33.Nm adduser 34.Nd command for adding new users 35.Sh SYNOPSIS 36.Nm 37.Op Fl CENhq 38.Op Fl G Ar groups 39.Op Fl L Ar login_class 40.Op Fl d Ar partition 41.Op Fl f Ar file 42.Op Fl k Ar dotdir 43.Op Fl m Ar message_file 44.Op Fl s Ar shell 45.Op Fl u Ar uid_start 46.Op Fl w Ar type 47.Sh DESCRIPTION 48The 49.Nm 50utility is a shell script, implemented around the 51.Xr pw 8 52command, for adding new users. 53It creates passwd/group entries, a home directory, 54copies dotfiles and sends the new user a welcome message. 55It supports two modes of operation. 56It may be used interactively 57at the command line to add one user at a time, or it may be directed 58to get the list of new users from a file and operate in batch mode 59without requiring any user interaction. 60.Sh RESTRICTIONS 61.Bl -tag -width indent 62.It username 63Login name. 64The user name is restricted to whatever 65.Xr pw 8 66will accept. 67Generally this means it 68may contain only lowercase characters or digits. 69Maximum length 70is 16 characters. 71The reasons for this limit are historical. 72Given that people have traditionally wanted to break this 73limit for aesthetic reasons, it has never been of great importance to break 74such a basic fundamental parameter in 75.Ux . 76You can change 77.Dv UT_NAMESIZE 78in 79.Pa /usr/include/utmp.h 80and recompile the 81world; people have done this and it works, but you will have problems 82with any precompiled programs, or source that assumes the 8-character 83name limit and NIS. 84The NIS protocol mandates an 8-character username. 85If you need a longer login name for e-mail addresses, 86you can define an alias in 87.Pa /etc/mail/aliases . 88.It "full name" 89This is typically known as the gecos field and usually contains 90the user's full name. 91Additionally, it may contain a comma separated 92list of values such as office number and work and home phones. 93If the 94name contains an ampersand it will be replaced by the capitalized 95login name when displayed by other programs. 96The 97.Ql \&: 98character is not allowed. 99.It shell 100Only valid shells from the shell database 101.Pq Pa /etc/shells 102are allowed. 103In 104addition, only the base name of the shell is necessary, not the full path. 105.It UID 106Automatically generated or your choice. 107It must be less than 32000. 108.It "GID/login group" 109Automatically generated or your choice. 110It must be less than 32000. 111.It password 112You may choose an empty password, disable the password, use a 113randomly generated password or specify your own plaintext password, 114which will be encrypted before being stored in the user database. 115.El 116.Sh UNIQUE GROUPS 117Perhaps you are missing what 118.Em can 119be done with this scheme that falls apart 120with most other schemes. 121With each user in their own group, 122they can safely run with a umask of 002 instead of the usual 022 123and create files in their home directory 124without worrying about others being able to change them. 125.Pp 126For a shared area you create a separate UID/GID (like cvs or ncvs on freefall), 127you place each person that should be able to access this area into that new 128group. 129.Pp 130This model of UID/GID administration allows far greater flexibility than lumping 131users into groups and having to muck with the umask when working in a shared 132area. 133.Pp 134I have been using this model for almost 10 years and found that it works 135for most situations, and has never gotten in the way. 136(Rod Grimes) 137.Sh CONFIGURATION 138The 139.Nm 140utility reads its configuration information from 141.Pa /etc/adduser.conf . 142If this file does not exist, it will use predefined defaults. 143While this file may be edited by hand, 144the safer option is to use the 145.Fl C 146command line argument. 147With this argument, 148.Nm 149will start interactive input, save the answers to its prompts in 150.Pa /etc/adduser.conf , 151and promptly exit without modifying the user 152database. 153Options specified on the command line will take precedence over 154any values saved in this file. 155.Sh OPTIONS 156.Bl -tag -width indent 157.It Fl C 158Create new configuration file and exit. 159This option is mutually exclusive with the 160.Fl f 161option. 162.It Fl d Ar partition 163Home partition. 164Default partition, under which all user directories 165will be located. 166.It Fl E 167Disable the account. 168This option will lock the account by prepending the string 169.Dq Li *LOCKED* 170to the password field. 171The account may be unlocked 172by the super-user with the 173.Xr pw 8 174command: 175.Pp 176.D1 Nm pw Cm unlock Op Ar name | uid 177.It Fl f Ar file 178Get the list of accounts to create from 179.Ar file . 180If 181.Ar file 182is 183.Dq Fl , 184then get the list from standard input. 185If this option is specified, 186.Nm 187will operate in batch mode and will not seek any user input. 188If an error is encountered while processing an account, it will write a 189message to standard error and move to the next account. 190The format 191of the input file is described below. 192.It Fl G Ar groups 193Additional groups. 194By default, the user name is used as the login group. 195This option allows the user to specify additional groups to add users to. 196.It Fl h 197Print a summary of options and exit. 198.It Fl k Ar directory 199Copy files from 200.Ar directory 201into the home 202directory of new users; 203.Pa dot.foo 204will be renamed to 205.Pa .foo . 206.It Fl L Ar login_class 207Set default login class. 208.It Fl m Ar file 209Send new users a welcome message from 210.Ar file . 211Specifying a value of 212.Cm no 213for 214.Ar file 215causes no message to be sent to new users. 216Please note that the message 217file can reference the internal variables of the 218.Nm 219script. 220.It Fl N 221Do not read the default configuration file. 222.It Fl q 223Minimal user feedback. 224In particular, the random password will not be echoed to 225standard output. 226.It Fl s Ar shell 227Default shell for new users. 228The 229.Ar shell 230argument must be the base name of the shell, 231.Em not 232the full path. 233It must exist in 234.Pa /etc/shells 235to be considered a valid shell. 236.It Fl u Ar uid 237Use UIDs from 238.Ar uid 239on up. 240.It Fl w Ar type 241Password type. 242The 243.Nm 244utility allows the user to specify what type of password to create. 245The 246.Ar type 247argument may have one of the following values: 248.Bl -tag -width ".Cm random" 249.It Cm no 250Disable the password. 251Instead of an encrypted string, the password field will contain a single 252.Ql * 253character. 254The user may not log in until the super-user 255manually enables the password. 256.It Cm none 257Use an empty string as the password. 258.It Cm yes 259Use a user-supplied string as the password. 260In interactive mode, 261the user will be prompted for the password. 262In batch mode, the 263last (10th) field in the line is assumed to be the password. 264.It Cm random 265Generate a random string and use it as a password. 266The password will be echoed to standard output. 267In addition, it will be available for inclusion in the message file in the 268.Va randompass 269variable. 270.El 271.El 272.Sh FORMAT 273When the 274.Fl f 275option is used, the account information must be stored in a specific 276format. 277All empty lines or lines beginning with a 278.Ql # 279will be ignored. 280All other lines must contain ten colon 281.Pq Ql \&: 282separated fields as described below. 283Command line options do not take precedence 284over values in the fields. 285Only the password field may contain a 286.Ql \&: 287character as part of the string. 288.Pp 289.Sm off 290.D1 Ar name : uid : gid : class : change : expire : gecos : home_dir : shell : password 291.Sm on 292.Bl -tag -width ".Ar password" 293.It Ar name 294Login name. 295This field may not be empty. 296.It Ar uid 297Numeric login user ID. 298If this field is left empty, it will be automatically generated. 299.It Ar gid 300Numeric primary group ID. 301If this field is left empty, a group with the 302same name as the user name will be created and its GID will be used 303instead. 304.It Ar class 305Login class. 306This field may be left empty. 307.It Ar change 308Password ageing. 309This field denotes the password change date for the account. 310The format of this field is the same as the format of the 311.Fl p 312argument to 313.Xr pw 8 . 314It may be 315.Ar dd Ns - Ns Ar mmm Ns - Ns Ar yy Ns Op Ar yy , 316where 317.Ar dd 318is for the day, 319.Ar mmm 320is for the month in numeric or alphabetical format: 321.Dq Li 10 322or 323.Dq Li Oct , 324and 325.Ar yy Ns Op Ar yy 326is the four or two digit year. 327To denote a time relative to the current date the format is: 328.No + Ns Ar n Ns Op Ar mhdwoy , 329where 330.Ar n 331denotes a number, followed by the minutes, hours, days, weeks, 332months or years after which the password must be changed. 333This field may be left empty to turn it off. 334.It Ar expire 335Account expiration. 336This field denotes the expiry date of the account. 337The account may not be used after the specified date. 338The format of this field is the same as that for password ageing. 339This field may be left empty to turn it off. 340.It Ar gecos 341Full name and other extra information about the user. 342.It Ar home_dir 343Home directory. 344If this field is left empty, it will be automatically 345created by appending the username to the home partition. 346.It Ar shell 347Login shell. 348This field should contain the full path to a valid login shell. 349.It Ar password 350User password. 351This field should contain a plaintext string, which will 352be encrypted before being placed in the user database. 353If the password type is 354.Cm yes 355and this field is empty, it is assumed the account will have an empty password. 356If the password type is 357.Cm random 358and this field is 359.Em not 360empty, its contents will be used 361as a password. 362This field will be ignored if the 363.Fl p 364option is used with a 365.Cm no 366or 367.Cm none 368argument. 369Be careful not to terminate this field with a closing 370.Ql \&: 371because it will be treated as part of the password. 372.El 373.Sh FILES 374.Bl -tag -width ".Pa /etc/adduser.message" -compact 375.It Pa /etc/master.passwd 376user database 377.It Pa /etc/group 378group database 379.It Pa /etc/shells 380shell database 381.It Pa /etc/login.conf 382login classes database 383.It Pa /etc/adduser.conf 384configuration file for 385.Nm 386.It Pa /etc/adduser.message 387message file for 388.Nm 389.It Pa /usr/share/skel 390skeletal login directory 391.It Pa /var/log/adduser 392logfile for 393.Nm 394.El 395.Sh SEE ALSO 396.Xr chpass 1 , 397.Xr passwd 1 , 398.Xr aliases 5 , 399.Xr group 5 , 400.Xr login.conf 5 , 401.Xr passwd 5 , 402.Xr shells 5 , 403.Xr pw 8 , 404.Xr pwd_mkdb 8 , 405.Xr rmuser 8 , 406.Xr vipw 8 , 407.Xr yp 8 408.Sh HISTORY 409The 410.Nm 411command appeared in 412.Fx 2.1 . 413.Sh AUTHORS 414.An -nosplit 415This manual page and the original script, in Perl, was written by 416.An Wolfram Schneider Aq wosch@FreeBSD.org . 417The replacement script, written as a Bourne 418shell script with some enhancements, and the man page modification that 419came with it were done by 420.An Mike Makonnen Aq mtm@identd.net . 421.Sh BUGS 422In order for 423.Nm 424to correctly expand variables such as 425.Va $username 426and 427.Va $randompass 428in the message sent to new users, it must let the shell evaluate 429each line of the message file. 430This means that shell commands can also be embedded in the message file. 431The 432.Nm 433utility attempts to mitigate the possibility of an attacker using this 434feature by refusing to evaluate the file if it is not owned and writeable 435only by the root user. 436In addition, shell special characters and operators will have to be 437escaped when used in the message file. 438.Pp 439Also, password ageing and account expiry times are currently setable 440only in batch mode. 441The user should be able to set them in interactive mode as well. 442