xref: /freebsd/usr.sbin/pw/pw.8 (revision 137db389edace435947717e08e13b597a9fd0c1e)
1db34a710SJoerg Wunsch.\" Copyright (C) 1996
2db34a710SJoerg Wunsch.\" David L. Nugent.  All rights reserved.
3d6f907dcSJoerg Wunsch.\"
49fd0dafcSJoerg Wunsch.\" Redistribution and use in source and binary forms, with or without
59fd0dafcSJoerg Wunsch.\" modification, are permitted provided that the following conditions
69fd0dafcSJoerg Wunsch.\" are met:
79fd0dafcSJoerg Wunsch.\" 1. Redistributions of source code must retain the above copyright
89fd0dafcSJoerg Wunsch.\"    notice, this list of conditions and the following disclaimer.
99fd0dafcSJoerg Wunsch.\" 2. Redistributions in binary form must reproduce the above copyright
109fd0dafcSJoerg Wunsch.\"    notice, this list of conditions and the following disclaimer in the
119fd0dafcSJoerg Wunsch.\"    documentation and/or other materials provided with the distribution.
12d6f907dcSJoerg Wunsch.\"
13db34a710SJoerg Wunsch.\" THIS SOFTWARE IS PROVIDED BY DAVID L. NUGENT AND CONTRIBUTORS ``AS IS'' AND
149fd0dafcSJoerg Wunsch.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
159fd0dafcSJoerg Wunsch.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16db34a710SJoerg Wunsch.\" ARE DISCLAIMED.  IN NO EVENT SHALL DAVID L. NUGENT OR CONTRIBUTORS BE LIABLE
179fd0dafcSJoerg Wunsch.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
189fd0dafcSJoerg Wunsch.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
199fd0dafcSJoerg Wunsch.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
209fd0dafcSJoerg Wunsch.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
219fd0dafcSJoerg Wunsch.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
229fd0dafcSJoerg Wunsch.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
239fd0dafcSJoerg Wunsch.\" SUCH DAMAGE.
249fd0dafcSJoerg Wunsch.\"
25137db389SSteve Price.\"	$Id: pw.8,v 1.11 1997/10/10 06:23:33 charnier Exp $
269fd0dafcSJoerg Wunsch.\"
279fd0dafcSJoerg Wunsch.Dd December 9, 1996
28d6f907dcSJoerg Wunsch.Dt PW 8
29d6f907dcSJoerg Wunsch.Os
30d6f907dcSJoerg Wunsch.Sh NAME
31d6f907dcSJoerg Wunsch.Nm pw
329fd0dafcSJoerg Wunsch.Nd create, remove, modify & display system users and groups
33d6f907dcSJoerg Wunsch.Sh SYNOPSIS
34d6f907dcSJoerg Wunsch.Nm pw
35d6f907dcSJoerg Wunsch.Ar useradd
36d6f907dcSJoerg Wunsch.Op name|uid
37d6f907dcSJoerg Wunsch.Op Fl C Ar config
38d6f907dcSJoerg Wunsch.Op Fl q
39d6f907dcSJoerg Wunsch.Op Fl n Ar name
40d6f907dcSJoerg Wunsch.Op Fl u Ar uid
41d6f907dcSJoerg Wunsch.Op Fl c Ar comment
42d6f907dcSJoerg Wunsch.Op Fl d Ar dir
43d6f907dcSJoerg Wunsch.Op Fl e Ar date
44d6f907dcSJoerg Wunsch.Op Fl p Ar date
45d6f907dcSJoerg Wunsch.Op Fl g Ar group
46d6f907dcSJoerg Wunsch.Op Fl G Ar grouplist
47d6f907dcSJoerg Wunsch.Op Fl m
48d6f907dcSJoerg Wunsch.Op Fl k Ar dir
49d6f907dcSJoerg Wunsch.Op Fl s Ar shell
50d6f907dcSJoerg Wunsch.Op Fl o
51d6f907dcSJoerg Wunsch.Op Fl L Ar class
52d6f907dcSJoerg Wunsch.Op Fl h Ar fd
539fd0dafcSJoerg Wunsch.Op Fl N
549fd0dafcSJoerg Wunsch.Op Fl P
55f1d684faSDavid Nugent.Op Fl Y
56d6f907dcSJoerg Wunsch.Nm pw
57d6f907dcSJoerg Wunsch.Ar useradd
58d6f907dcSJoerg Wunsch.Op name|uid
59f1d684faSDavid Nugent.Fl D
60d6f907dcSJoerg Wunsch.Op Fl C Ar config
61d6f907dcSJoerg Wunsch.Op Fl q
62d6f907dcSJoerg Wunsch.Op Fl b Ar dir
63d6f907dcSJoerg Wunsch.Op Fl e Ar days
64d6f907dcSJoerg Wunsch.Op Fl p Ar days
65d6f907dcSJoerg Wunsch.Op Fl g Ar group
66d6f907dcSJoerg Wunsch.Op Fl G Ar grouplist
67d6f907dcSJoerg Wunsch.Op Fl k Ar dir
68d6f907dcSJoerg Wunsch.Op Fl u Ar min,max
69d6f907dcSJoerg Wunsch.Op Fl i Ar min,max
70d6f907dcSJoerg Wunsch.Op Fl w Ar method
71d6f907dcSJoerg Wunsch.Op Fl s Ar shell
72f1d684faSDavid Nugent.Op Fl y Ar path
73d6f907dcSJoerg Wunsch.Nm pw
74d6f907dcSJoerg Wunsch.Ar userdel
75d6f907dcSJoerg Wunsch.Op name|uid
76d6f907dcSJoerg Wunsch.Op Fl n Ar name
77d6f907dcSJoerg Wunsch.Op Fl u Ar uid
78d6f907dcSJoerg Wunsch.Op Fl r
79f1d684faSDavid Nugent.Op Fl Y
80d6f907dcSJoerg Wunsch.Nm pw
81d6f907dcSJoerg Wunsch.Ar usermod
82d6f907dcSJoerg Wunsch.Op name|uid
83d6f907dcSJoerg Wunsch.Op Fl C Ar config
84d6f907dcSJoerg Wunsch.Op Fl q
85d6f907dcSJoerg Wunsch.Op Fl n Ar name
86d6f907dcSJoerg Wunsch.Op Fl u Ar uid
87d6f907dcSJoerg Wunsch.Op Fl c Ar comment
88d6f907dcSJoerg Wunsch.Op Fl d Ar dir
89d6f907dcSJoerg Wunsch.Op Fl e Ar date
90d6f907dcSJoerg Wunsch.Op Fl p Ar date
91d6f907dcSJoerg Wunsch.Op Fl g Ar group
92d6f907dcSJoerg Wunsch.Op Fl G Ar grouplist
93d6f907dcSJoerg Wunsch.Op Fl l Ar name
94d6f907dcSJoerg Wunsch.Op Fl m
95d6f907dcSJoerg Wunsch.Op Fl k Ar dir
969fd0dafcSJoerg Wunsch.Op Fl w Ar method
97d6f907dcSJoerg Wunsch.Op Fl s Ar shell
98d6f907dcSJoerg Wunsch.Op Fl L Ar class
99d6f907dcSJoerg Wunsch.Op Fl h Ar fd
1009fd0dafcSJoerg Wunsch.Op Fl N
1019fd0dafcSJoerg Wunsch.Op Fl P
102f1d684faSDavid Nugent.Op Fl Y
103d6f907dcSJoerg Wunsch.Nm pw
104d6f907dcSJoerg Wunsch.Ar usershow
105d6f907dcSJoerg Wunsch.Op name|uid
106d6f907dcSJoerg Wunsch.Op Fl n Ar name
107d6f907dcSJoerg Wunsch.Op Fl u Ar uid
108d6f907dcSJoerg Wunsch.Op Fl F
1099fd0dafcSJoerg Wunsch.Op Fl P
110d6f907dcSJoerg Wunsch.Op Fl a
111d6f907dcSJoerg Wunsch.Nm pw
1129fd0dafcSJoerg Wunsch.Ar usernext
1139fd0dafcSJoerg Wunsch.Op Fl C Ar config
1149fd0dafcSJoerg Wunsch.Op Fl q
1159fd0dafcSJoerg Wunsch.Nm pw
116d6f907dcSJoerg Wunsch.Ar groupadd
117d6f907dcSJoerg Wunsch.Op group|gid
118d6f907dcSJoerg Wunsch.Op Fl C Ar config
119d6f907dcSJoerg Wunsch.Op Fl q
120d6f907dcSJoerg Wunsch.Op Fl n Ar group
121d6f907dcSJoerg Wunsch.Op Fl g Ar gid
1229fd0dafcSJoerg Wunsch.Op Fl M Ar members
123d6f907dcSJoerg Wunsch.Op Fl o
124d6f907dcSJoerg Wunsch.Op Fl h Ar fd
1259fd0dafcSJoerg Wunsch.Op Fl N
1269fd0dafcSJoerg Wunsch.Op Fl P
127f1d684faSDavid Nugent.Op Fl Y
128d6f907dcSJoerg Wunsch.Nm pw
129d6f907dcSJoerg Wunsch.Ar groupdel
130d6f907dcSJoerg Wunsch.Op Fl n Ar name
131d6f907dcSJoerg Wunsch.Op Fl g Ar gid
132f1d684faSDavid Nugent.Op Fl Y
133d6f907dcSJoerg Wunsch.Nm pw
134d6f907dcSJoerg Wunsch.Ar groupmod
135d6f907dcSJoerg Wunsch.Op Fl C Ar config
136d6f907dcSJoerg Wunsch.Op Fl q
137d6f907dcSJoerg Wunsch.Op Fl F
138d6f907dcSJoerg Wunsch.Op Fl n Ar name
139d6f907dcSJoerg Wunsch.Op Fl g Ar gid
140d6f907dcSJoerg Wunsch.Op Fl l Ar name
1419fd0dafcSJoerg Wunsch.Op Fl M Ar members
1429fd0dafcSJoerg Wunsch.Op Fl m Ar newmembers
143d6f907dcSJoerg Wunsch.Op Fl h Ar fd
1449fd0dafcSJoerg Wunsch.Op Fl N
1459fd0dafcSJoerg Wunsch.Op Fl P
146f1d684faSDavid Nugent.Op Fl Y
147d6f907dcSJoerg Wunsch.Nm pw
148d6f907dcSJoerg Wunsch.Ar groupshow
149d6f907dcSJoerg Wunsch.Op Fl n Ar name
150d6f907dcSJoerg Wunsch.Op Fl g Ar gid
151d6f907dcSJoerg Wunsch.Op Fl F
1529fd0dafcSJoerg Wunsch.Op Fl P
153d6f907dcSJoerg Wunsch.Op Fl a
1549fd0dafcSJoerg Wunsch.Nm pw
1559fd0dafcSJoerg Wunsch.Ar groupnext
1569fd0dafcSJoerg Wunsch.Op Fl C Ar config
1579fd0dafcSJoerg Wunsch.Op Fl q
158d6f907dcSJoerg Wunsch.Sh DESCRIPTION
1591dcc6ec7SPhilippe Charnier.Nm Pw
160d6f907dcSJoerg Wunschis a command-line based editor for the system
1611dcc6ec7SPhilippe Charnier.Ar user
162d6f907dcSJoerg Wunschand
1631dcc6ec7SPhilippe Charnier.Ar group
1643a7e7077SDaniel O'Callaghanfiles, allowing the superuser an easy to use and standardized way of adding,
165d6f907dcSJoerg Wunschmodifying and removing users and groups.
166d6f907dcSJoerg WunschNote that
1671dcc6ec7SPhilippe Charnier.Nm
168137db389SSteve Priceonly operates on the local user and group files.  NIS users and groups must be
169d6f907dcSJoerg Wunschmaintained on the NIS server.
1701dcc6ec7SPhilippe Charnier.Nm Pw
171053375e8SMike Pritchardhandles updating the
172053375e8SMike Pritchard.Pa passwd ,
173053375e8SMike Pritchard.Pa master.passwd ,
174053375e8SMike Pritchard.Pa group
175053375e8SMike Pritchardand the secure and insecure
176d6f907dcSJoerg Wunschpassword database files, and must be run as root.
177d6f907dcSJoerg Wunsch.Pp
178137db389SSteve PriceThe first one or two keywords provided to
179137db389SSteve Price.Nm
180137db389SSteve Priceon the command line provide the context for the remainder of the arguments.
181137db389SSteve PriceThe keywords
182d6f907dcSJoerg Wunsch.Ar user
183d6f907dcSJoerg Wunschand
184d6f907dcSJoerg Wunsch.Ar group
185137db389SSteve Pricemay be combined with
186d6f907dcSJoerg Wunsch.Ar add ,
187d6f907dcSJoerg Wunsch.Ar del ,
1889fd0dafcSJoerg Wunsch.Ar mod ,
189d6f907dcSJoerg Wunsch.Ar show ,
1909fd0dafcSJoerg Wunschor
191137db389SSteve Price.Ar next
192137db389SSteve Pricein any order. (For example,
193137db389SSteve Price.Ar showuser ,
194137db389SSteve Price.Ar usershow ,
195137db389SSteve Price.Ar show user , and
196137db389SSteve Price.Ar user show
197137db389SSteve Priceall mean the same thing.)
198137db389SSteve PriceThis flexibility is useful for interactive scripts calling
1991dcc6ec7SPhilippe Charnier.Nm
200137db389SSteve Pricefor user and group database manipulation.
201d6f907dcSJoerg WunschFollowing these keywords, you may optionally specify the user or group name or numeric
202d6f907dcSJoerg Wunschid as an alternative to using the
203d6f907dcSJoerg Wunsch.Fl n Ar name ,
204d6f907dcSJoerg Wunsch.Fl u Ar uid ,
205d6f907dcSJoerg Wunsch.Fl g Ar gid
2069fd0dafcSJoerg Wunschoptions.
207d6f907dcSJoerg Wunsch.Pp
208137db389SSteve PriceThe following flags are common to most modes of operation;
209d6f907dcSJoerg Wunsch.Pp
2109fd0dafcSJoerg Wunsch.Bl -tag -width "-G grouplist"
211d6f907dcSJoerg Wunsch.It Fl C Ar config
212d6f907dcSJoerg WunschBy default,
2131dcc6ec7SPhilippe Charnier.Nm
214d6f907dcSJoerg Wunschreads the file
215d6f907dcSJoerg Wunsch.Pa /etc/pw.conf
216137db389SSteve Priceto obtain policy information on how new user accounts and groups are to be created.
217137db389SSteve PriceThe
2189fd0dafcSJoerg Wunsch.Fl C
2199fd0dafcSJoerg Wunschoption specifies a different configuration file.
220137db389SSteve PriceWhile most of the contents of the configuration file may be overridden via
221137db389SSteve Pricecommand-line options, it may be more convenient to keep standard information in a
222137db389SSteve Priceconfiguration file.
223d6f907dcSJoerg Wunsch.It Fl q
224d6f907dcSJoerg WunschUse of this option causes
2251dcc6ec7SPhilippe Charnier.Nm
226d6f907dcSJoerg Wunschto suppress error messages, which may be useful in interactive environments where it
227d6f907dcSJoerg Wunschis preferable to interpret status codes returned by
2281dcc6ec7SPhilippe Charnier.Nm
229d6f907dcSJoerg Wunschrather than messing up a carefully formatted display.
2309fd0dafcSJoerg Wunsch.It Fl N
231137db389SSteve PriceThis option is available in
232137db389SSteve Price.Ar add
233137db389SSteve Priceand
234137db389SSteve Price.Ar modify
235137db389SSteve Priceoperations, and tells
2361dcc6ec7SPhilippe Charnier.Nm
237137db389SSteve Priceto output the result of the operation without updating the user or group
238137db389SSteve Pricedatabases.
2399fd0dafcSJoerg WunschYou may use the
2409fd0dafcSJoerg Wunsch.Fl P
2419fd0dafcSJoerg Wunschoption to switch between standard passwd and readable formats.
242f1d684faSDavid Nugent.It Fl Y
243f1d684faSDavid NugentUsing this option with any of the update modes causes
2441dcc6ec7SPhilippe Charnier.Nm
245f1d684faSDavid Nugentto run
246f1d684faSDavid Nugent.Xr make 1
247f1d684faSDavid Nugentafter changing to the directory
248f1d684faSDavid Nugent.Pa /var/yp .
249137db389SSteve PriceThis is intended to allow automatic updating of NIS database files.
250f1d684faSDavid NugentIf separate passwd and group files are being used by NIS, then use the
251f1d684faSDavid Nugent.Fl y Ar path
252137db389SSteve Priceoption to specify the location of the NIS passwd database so that
253137db389SSteve Price.Nm
254137db389SSteve Pricewill concurrently update it with the system password
255f1d684faSDavid Nugentdatabases.
256d6f907dcSJoerg Wunsch.El
257d6f907dcSJoerg Wunsch.Pp
258d6f907dcSJoerg Wunsch.Sh USER OPTIONS
259d6f907dcSJoerg WunschThe following options apply to the
260137db389SSteve Price.Ar useradd
261d6f907dcSJoerg Wunschand
262137db389SSteve Price.Ar usermod
263d6f907dcSJoerg Wunschcommands:
264d6f907dcSJoerg Wunsch.Pp
2659fd0dafcSJoerg Wunsch.Bl -tag -width "-G grouplist"
266d6f907dcSJoerg Wunsch.It Fl n Ar name
2671dcc6ec7SPhilippe CharnierSpecify the user/account name.
268d6f907dcSJoerg Wunsch.It Fl u Ar uid
2691dcc6ec7SPhilippe CharnierSpecify the user/account numeric id.
270d6f907dcSJoerg Wunsch.Pp
271137db389SSteve PriceUsually, you only need to provide one or the other of these options, as the account
272137db389SSteve Pricename will imply the uid, or vice versa.
273137db389SSteve PriceHowever, there are times when you need to provide both.
274d6f907dcSJoerg WunschFor example, when changing the uid of an existing user with
275d6f907dcSJoerg Wunsch.Ar usermod ,
276d6f907dcSJoerg Wunschor overriding the default uid when creating a new account.
277d6f907dcSJoerg WunschIf you wish
2781dcc6ec7SPhilippe Charnier.Nm
279137db389SSteve Priceto automatically allocate the uid to a new user with
280d6f907dcSJoerg Wunsch.Ar useradd ,
281d6f907dcSJoerg Wunschthen you should
282d6f907dcSJoerg Wunsch.Em not
283d6f907dcSJoerg Wunschuse the
284d6f907dcSJoerg Wunsch.Ql Fl u
2859fd0dafcSJoerg Wunschoption.
286137db389SSteve PriceYou may also provide either the account or userid immediately after the
287137db389SSteve Price.Ar useradd ,
288137db389SSteve Price.Ar userdel ,
289137db389SSteve Price.Ar usermod
290137db389SSteve Priceor
291137db389SSteve Price.Ar usershow
292137db389SSteve Pricekeywords on the command line without using the
293137db389SSteve Price.Ql Fl n
294137db389SSteve Priceor
295137db389SSteve Price.Ql Fl u
296137db389SSteve Priceoptions.
297d6f907dcSJoerg Wunsch.El
298d6f907dcSJoerg Wunsch.Pp
299d6f907dcSJoerg Wunsch.Bl -tag -width "-G grouplist"
300d6f907dcSJoerg Wunsch.It Fl c Ar comment
301d6f907dcSJoerg WunschThis field sets the contents of the passwd GECOS field, which normally contains up
302d6f907dcSJoerg Wunschto four comma-separated fields containing the user's full name, office or location,
303137db389SSteve Priceand work and home phone numbers.
304d6f907dcSJoerg WunschThese sub-fields are used by convention only, however, and are optional.
305d6f907dcSJoerg WunschIf this field is to contain spaces, you need to quote the comment itself with double
306d6f907dcSJoerg Wunschquotes
307d6f907dcSJoerg Wunsch.Ql \&" .
308d6f907dcSJoerg WunschAvoid using commas in this field as these are used as sub-field separators, and the
309d6f907dcSJoerg Wunschcolon
310d6f907dcSJoerg Wunsch.Ql \&:
311137db389SSteve Pricecharacter also cannot be used as this is the field separator for the passwd
312137db389SSteve Pricefile itself.
313d6f907dcSJoerg Wunsch.It Fl d Ar dir
314d6f907dcSJoerg WunschThis option sets the account's home directory.
315d6f907dcSJoerg WunschNormally, you will only use this if the home directory is to be different from the
316137db389SSteve Pricedefault determined from
317137db389SSteve Price.Pa /etc/pw.conf
3181dcc6ec7SPhilippe Charnier- normally
3191dcc6ec7SPhilippe Charnier.Pa /home
320137db389SSteve Pricewith the account name as a subdirectory.
321d6f907dcSJoerg Wunsch.It Fl e Ar date
3221dcc6ec7SPhilippe CharnierSet the account's expiration date.
323d6f907dcSJoerg WunschFormat of the date is either a UNIX time in decimal, or a date in
324137db389SSteve Price.Ql dd-mmm-yy[yy]
325d6f907dcSJoerg Wunschformat, where dd is the day, mmm is the month, either in numeric or alphabetic format
3261dcc6ec7SPhilippe Charnier('Jan', 'Feb', etc) and year is either a two or four digit year.
327d6f907dcSJoerg WunschThis option also accepts a relative date in the form
328d6f907dcSJoerg Wunsch.Ql \&+n[mhdwoy]
329d6f907dcSJoerg Wunschwhere
330d6f907dcSJoerg Wunsch.Ql \&n
331d6f907dcSJoerg Wunschis a decimal, octal (leading 0) or hexadecimal (leading 0x) digit followed by the
332053375e8SMike Pritchardnumber of Minutes, Hours, Days, Weeks, Months or Years from the current date at
333137db389SSteve Pricewhich the expiration date is to be set.
334d6f907dcSJoerg Wunsch.It Fl p Ar date
3351dcc6ec7SPhilippe CharnierSet the account's password expiration date.
336137db389SSteve PriceThis field is similar to the account expiration date option, except that it
337d6f907dcSJoerg Wunschapplies to forced password changes.
338137db389SSteve PriceThis is set in the same manner as the
339137db389SSteve Price.Ql Fl e
340137db389SSteve Priceoption.
341d6f907dcSJoerg Wunsch.It Fl g Ar group
3421dcc6ec7SPhilippe CharnierSet the account's primary group to the given group.
343d6f907dcSJoerg Wunsch.Ar group
344137db389SSteve Pricemay be defined by either its name or group number.
345d6f907dcSJoerg Wunsch.It Fl G Ar grouplist
346137db389SSteve PriceSets additional group memberships for an account.
347d6f907dcSJoerg Wunsch.Ar grouplist
348137db389SSteve Priceis a comma-separated list of group names or group numbers.
349137db389SSteve PriceThe user's name is added to the group lists in
350d6f907dcSJoerg Wunsch.Pa /etc/group ,
351137db389SSteve Priceand
352d6f907dcSJoerg Wunschremoved from any groups not specified in
353d6f907dcSJoerg Wunsch.Ar grouplist .
354137db389SSteve PriceNote: a user should not be added to their primary group with
355137db389SSteve Price.Ar grouplist .
356137db389SSteve PriceAlso, group membership changes do not take effect for current user login
357137db389SSteve Pricesessions, requiring the user to reconnect to be affected by the changes.
3589fd0dafcSJoerg Wunsch.It Fl L Ar class
3599fd0dafcSJoerg WunschThis option sets the login class for the user being created.
3609fd0dafcSJoerg WunschSee
3619fd0dafcSJoerg Wunsch.Xr login.conf 5
362137db389SSteve Pricefor more information on user login classes.
363d6f907dcSJoerg Wunsch.It Fl m
364d6f907dcSJoerg WunschThis option instructs
3651dcc6ec7SPhilippe Charnier.Nm
366d6f907dcSJoerg Wunschto attempt to create the user's home directory.
367d6f907dcSJoerg WunschWhile primarily useful when adding a new account with
368d6f907dcSJoerg Wunsch.Ar useradd ,
369d6f907dcSJoerg Wunschthis may also be of use when moving an existing user's home directory elsewhere on
370d6f907dcSJoerg Wunschthe filesystem.
371d6f907dcSJoerg WunschThe new home directory is populated with the contents of the
372d6f907dcSJoerg Wunsch.Ar skeleton
373d6f907dcSJoerg Wunschdirectory, which typically contains a set of shell configuration files that the
374053375e8SMike Pritcharduser may personalize to taste.
375d6f907dcSJoerg WunschWhen
376d6f907dcSJoerg Wunsch.Ql Fl m
377d6f907dcSJoerg Wunschis used on an account with
378d6f907dcSJoerg Wunsch.Ar usermod ,
379137db389SSteve Priceexisting configuration files in the user's home directory are
380d6f907dcSJoerg Wunsch.Em not
381137db389SSteve Priceoverwritten from the skeleton files.
382d6f907dcSJoerg Wunsch.Pp
383137db389SSteve PriceWhen a user's home directory is created, it will by default be a subdirectory of the
384d6f907dcSJoerg Wunsch.Ar basehome
385137db389SSteve Pricedirectory as specified by the
386137db389SSteve Price.Ql Fl b
387137db389SSteve Priceoption (see below), bearing the name of the new account.
388137db389SSteve PriceThis can be overridden by the
389137db389SSteve Price.Ql Fl d
390d6f907dcSJoerg Wunschoption on the command line, if desired.
391d6f907dcSJoerg Wunsch.It Fl k Ar dir
3921dcc6ec7SPhilippe CharnierSet the
393d6f907dcSJoerg Wunsch.Ar skeleton
394137db389SSteve Pricedirectory, from which basic startup and configuration files are copied when
395d6f907dcSJoerg Wunschthe user's home directory is created.
396137db389SSteve PriceThis option only has meaning when used with the
397137db389SSteve Price.Ql Fl d
398137db389SSteve Priceor
399137db389SSteve Price.Ql Fl m
400137db389SSteve Priceflags.
401d6f907dcSJoerg Wunsch.It Fl s Ar shell
4021dcc6ec7SPhilippe CharnierSet or changes the user's login shell to
403d6f907dcSJoerg Wunsch.Ar shell .
404d6f907dcSJoerg WunschIf the path to the shell program is omitted,
4051dcc6ec7SPhilippe Charnier.Nm
406d6f907dcSJoerg Wunschsearches the
407d6f907dcSJoerg Wunsch.Ar shellpath
408d6f907dcSJoerg Wunschspecified in
409d6f907dcSJoerg Wunsch.Pa /etc/pw.conf
410d6f907dcSJoerg Wunschand fills it in as appropriate.
411d6f907dcSJoerg WunschNote that unless you have a specific reason to do so, you should avoid
412d6f907dcSJoerg Wunschspecifying the path - this will allow
4131dcc6ec7SPhilippe Charnier.Nm
414d6f907dcSJoerg Wunschto validate that the program exists and is executable.
415d6f907dcSJoerg WunschSpecifying a full path (or supplying a blank "" shell) avoids this check
416d6f907dcSJoerg Wunschand allows for such entries as
4171dcc6ec7SPhilippe Charnier.Pa /nonexistent
418d6f907dcSJoerg Wunschthat should be set for accounts not intended for interactive login.
419d6f907dcSJoerg Wunsch.It Fl L Ar class
4201dcc6ec7SPhilippe CharnierSet the
421d6f907dcSJoerg Wunsch.Em class
422d6f907dcSJoerg Wunschfield in the user's passwd record.
423137db389SSteve PriceThis field is not currently used, but will be used in the future to specify a
424d6f907dcSJoerg Wunsch.Em termcap
425137db389SSteve Priceentry like tag. See
426d6f907dcSJoerg Wunsch.Xr passwd 5
427137db389SSteve Pricefor details.
428d6f907dcSJoerg Wunsch.It Fl h Ar fd
429d6f907dcSJoerg WunschThis option provides a special interface by which interactive scripts can
430d6f907dcSJoerg Wunschset an account password using
431d6f907dcSJoerg Wunsch.Nm pw .
432137db389SSteve PriceBecause the command line and environment are fundamentally insecure mechanisms
433d6f907dcSJoerg Wunschby which programs can accept information,
4341dcc6ec7SPhilippe Charnier.Nm
435d6f907dcSJoerg Wunschwill only allow setting of account and group passwords via a file descriptor
436d6f907dcSJoerg Wunsch(usually a pipe between an interactive script and the program).
437d6f907dcSJoerg Wunsch.Ar sh ,
438d6f907dcSJoerg Wunsch.Ar bash ,
439d6f907dcSJoerg Wunsch.Ar ksh
440d6f907dcSJoerg Wunschand
441d6f907dcSJoerg Wunsch.Ar perl
442137db389SSteve Priceall possess mechanisms by which this can be done.
443d6f907dcSJoerg WunschAlternatively,
444d6f907dcSJoerg Wunsch.Nm pw
445d6f907dcSJoerg Wunschwill prompt for the user's password if
446d6f907dcSJoerg Wunsch.Ql Fl h Ar 0
447d6f907dcSJoerg Wunschis given, nominating
448d6f907dcSJoerg Wunsch.Em stdin
449d6f907dcSJoerg Wunschas the file descriptor on which to read the password.
450137db389SSteve PriceNote that this password will be read only once and is intended
451137db389SSteve Pricefor use by a script rather than for interactive use.
452d6f907dcSJoerg WunschIf you wish to have new password confirmation along the lines of
453d6f907dcSJoerg Wunsch.Xr passwd 1 ,
454137db389SSteve Pricethis must be implemented as part of an interactive script that calls
455d6f907dcSJoerg Wunsch.Nm pw .
456d6f907dcSJoerg Wunsch.Pp
457d6f907dcSJoerg WunschIf a value of
458d6f907dcSJoerg Wunsch.Ql \&-
459d6f907dcSJoerg Wunschis given as the argument
460d6f907dcSJoerg Wunsch.Ar fd ,
461d6f907dcSJoerg Wunschthen the password will be set to
462d6f907dcSJoerg Wunsch.Ql \&* ,
463137db389SSteve Pricerendering the account inaccessible via password-based login.
464d6f907dcSJoerg Wunsch.El
465d6f907dcSJoerg Wunsch.Pp
466d6f907dcSJoerg WunschIt is possible to use
467d6f907dcSJoerg Wunsch.Ar useradd
468d6f907dcSJoerg Wunschto create a new account that duplicates an existing user id.
469d6f907dcSJoerg WunschWhile this is normally considered an error and will be rejected, the
470d6f907dcSJoerg Wunsch.Ql Fl o
4719fd0dafcSJoerg Wunschoption overrides the check for duplicates and allows the duplication of
4729fd0dafcSJoerg Wunschthe user id.
4739fd0dafcSJoerg WunschThis may be useful if you allow the same user to login under
4749fd0dafcSJoerg Wunschdifferent contexts (different group allocations, different home
4759fd0dafcSJoerg Wunschdirectory, different shell) while providing basically the same
4769fd0dafcSJoerg Wunschpermissions for access to the user's files in each account.
477d6f907dcSJoerg Wunsch.Pp
478d6f907dcSJoerg WunschThe
479d6f907dcSJoerg Wunsch.Ar useradd
480d6f907dcSJoerg Wunschcommand also has the ability to set new user and group defaults by using the
481d6f907dcSJoerg Wunsch.Ql Fl D
4829fd0dafcSJoerg Wunschoption.
483d6f907dcSJoerg WunschInstead of adding a new user,
4841dcc6ec7SPhilippe Charnier.Nm
485d6f907dcSJoerg Wunschwrites a new set of defaults to its configuration file,
486d6f907dcSJoerg Wunsch.Pa /etc/pw.conf .
487d6f907dcSJoerg WunschWhen using the
488d6f907dcSJoerg Wunsch.Ql Fl D
4899fd0dafcSJoerg Wunschoption, you must not use either
490d6f907dcSJoerg Wunsch.Ql Fl n Ar name
491d6f907dcSJoerg Wunschor
492d6f907dcSJoerg Wunsch.Ql Fl u Ar uid
493d6f907dcSJoerg Wunschor an error will result.
494d6f907dcSJoerg WunschUse of
495d6f907dcSJoerg Wunsch.Ql Fl D
4969fd0dafcSJoerg Wunschchanges the meaning of several command line switches in the
497d6f907dcSJoerg Wunsch.Ar useradd
498d6f907dcSJoerg Wunschcommand.
499d6f907dcSJoerg WunschThese are:
500d6f907dcSJoerg Wunsch.Bl -tag -width "-G grouplist"
501d6f907dcSJoerg Wunsch.It Fl D
502d6f907dcSJoerg WunschSet default values in
503d6f907dcSJoerg Wunsch.Pa /etc/pw.conf
504d6f907dcSJoerg Wunschconfiguration file, or a different named configuration file if the
505d6f907dcSJoerg Wunsch.Ql Fl C Ar config
5069fd0dafcSJoerg Wunschoption is used.
507d6f907dcSJoerg Wunsch.It Fl b Ar dir
5081dcc6ec7SPhilippe CharnierSet the root directory in which user home directories are created.
509d6f907dcSJoerg WunschThe default value for this is
5101dcc6ec7SPhilippe Charnier.Pa /home ,
511d6f907dcSJoerg Wunschbut it may be set elsewhere as desired.
512d6f907dcSJoerg Wunsch.It Fl e Ar days
5131dcc6ec7SPhilippe CharnierSet the default account expiration period in days.
514d6f907dcSJoerg WunschUnlike use without
515d6f907dcSJoerg Wunsch.Ql Fl D ,
516d6f907dcSJoerg Wunschthe argument must be numeric, which specifies the number of days after creation when
517d6f907dcSJoerg Wunschthe account is to expire.
518d6f907dcSJoerg WunschA value of 0 suppresses automatic calculation of the expiry date.
519d6f907dcSJoerg Wunsch.It Fl p Ar days
5201dcc6ec7SPhilippe CharnierSet the default password expiration period in days.
521d6f907dcSJoerg Wunsch.It Fl g Ar group
5221dcc6ec7SPhilippe CharnierSet the default group for new users.
523d6f907dcSJoerg WunschIf a blank group is specified using
524d6f907dcSJoerg Wunsch.Ql Fl g Ar \&"" ,
525137db389SSteve Pricethen new users will be allocated their own private primary group
526137db389SSteve Pricewith the same name as their login name.
527d6f907dcSJoerg WunschIf a group is supplied, either its name or uid may be given as an argument.
528d6f907dcSJoerg Wunsch.It Fl G Ar grouplist
529137db389SSteve PriceSet the default groups in which new users are granted membership.
530d6f907dcSJoerg WunschThis is a separate set of groups from the primary group, and you should avoid
531137db389SSteve Pricenominating the same group as both primary and extra groups.
532d6f907dcSJoerg WunschIn other words, these extra groups determine membership in groups
533d6f907dcSJoerg Wunsch.Em other than
534d6f907dcSJoerg Wunschthe primary group.
535d6f907dcSJoerg Wunsch.Ar grouplist
536137db389SSteve Priceis a comma-separated list of group names or ids, and are always
537d6f907dcSJoerg Wunschstored in
538d6f907dcSJoerg Wunsch.Pa /etc/pw.conf
539d6f907dcSJoerg Wunschby their symbolic names.
5409fd0dafcSJoerg Wunsch.It Fl L Ar class
5419fd0dafcSJoerg WunschThis option sets the default login class for new users.
542d6f907dcSJoerg Wunsch.It Fl k Ar dir
5431dcc6ec7SPhilippe CharnierSet the default
544d6f907dcSJoerg Wunsch.Em skeleton
545053375e8SMike Pritcharddirectory, from which prototype shell and other initialization files are copied when
5461dcc6ec7SPhilippe Charnier.Nm
547d6f907dcSJoerg Wunschcreates a user's home directory.
5489fd0dafcSJoerg Wunsch.It Fl u Ar min,max , Fl i Ar min,max
5499fd0dafcSJoerg WunschThese options set the minimum and maximum user and group ids allocated for new accounts
550d6f907dcSJoerg Wunschand groups created by
551d6f907dcSJoerg Wunsch.Nm pw .
552d6f907dcSJoerg WunschThe default values for each is 1000 minimum and 32000 maximum.
553d6f907dcSJoerg Wunsch.Ar min
554d6f907dcSJoerg Wunschand
555d6f907dcSJoerg Wunsch.Ar max
556d6f907dcSJoerg Wunschare both numbers, where max must be greater than min, and both must be between 0
557d6f907dcSJoerg Wunschand 32767.
558d6f907dcSJoerg WunschIn general, user and group ids less than 100 are reserved for use by the system,
559d6f907dcSJoerg Wunschand numbers greater than 32000 may also be reserved for special purposes (used by
560d6f907dcSJoerg Wunschsome system daemons).
561d6f907dcSJoerg Wunsch.It Fl w Ar method
562d6f907dcSJoerg WunschThe
563d6f907dcSJoerg Wunsch.Ql Fl w
5649fd0dafcSJoerg Wunschoption sets the default method used to set passwords for newly created user accounts.
565d6f907dcSJoerg Wunsch.Ar method
566d6f907dcSJoerg Wunschis one of:
567d6f907dcSJoerg Wunsch.Pp
568d6f907dcSJoerg Wunsch.Bl -tag -width random -offset indent -compact
569d6f907dcSJoerg Wunsch.It no
5701dcc6ec7SPhilippe Charnierdisable login on newly created accounts
571d6f907dcSJoerg Wunsch.It yes
5721dcc6ec7SPhilippe Charnierforce the password to be the account name
573d6f907dcSJoerg Wunsch.It none
5741dcc6ec7SPhilippe Charnierforce a blank password
575d6f907dcSJoerg Wunsch.It random
5761dcc6ec7SPhilippe Charniergenerate a random password
577d6f907dcSJoerg Wunsch.El
578d6f907dcSJoerg Wunsch.Pp
579d6f907dcSJoerg WunschThe
580d6f907dcSJoerg Wunsch.Ql \&random
581d6f907dcSJoerg Wunschor
582d6f907dcSJoerg Wunsch.Ql \&no
583d6f907dcSJoerg Wunschmethods are the most secure; in the former case,
5841dcc6ec7SPhilippe Charnier.Nm
585d6f907dcSJoerg Wunschgenerates a password and prints it to stdout, which is suitable where you issue
586d6f907dcSJoerg Wunschusers with passwords to access their accounts rather than having the user nominate
587d6f907dcSJoerg Wunschtheir own (possibly poorly chosen) password.
588d6f907dcSJoerg WunschThe
589d6f907dcSJoerg Wunsch.Ql \&no
590d6f907dcSJoerg Wunschmethod requires that the superuser use
591d6f907dcSJoerg Wunsch.Xr passwd 1
592d6f907dcSJoerg Wunschto render the account accessible with a password.
593f1d684faSDavid Nugent.It Fl y Ar path
594f1d684faSDavid NugentThis sets the pathname of the database used by NIS if you are not sharing
595f1d684faSDavid Nugentthe information from
596f1d684faSDavid Nugent.Pa /etc/master.passwd
597f1d684faSDavid Nugentdirectly with NIS.
598137db389SSteve PriceYou should only set this option for NIS servers.
599d6f907dcSJoerg Wunsch.El
600d6f907dcSJoerg Wunsch.Pp
601d6f907dcSJoerg WunschThe
602d6f907dcSJoerg Wunsch.Ar userdel
6039fd0dafcSJoerg Wunschcommand has only three valid options. The
604d6f907dcSJoerg Wunsch.Ql Fl n Ar name
605d6f907dcSJoerg Wunschand
606d6f907dcSJoerg Wunsch.Ql Fl u Ar uid
6079fd0dafcSJoerg Wunschoptions have already been covered above.
6089fd0dafcSJoerg WunschThe additional option is:
6099fd0dafcSJoerg Wunsch.Bl -tag -width "-G grouplist"
610d6f907dcSJoerg Wunsch.It Fl r
611d6f907dcSJoerg WunschThis tells
6121dcc6ec7SPhilippe Charnier.Nm
613d6f907dcSJoerg Wunschto remove the user's home directory and all of its contents.
6141dcc6ec7SPhilippe Charnier.Nm Pw
615d6f907dcSJoerg Wunscherrs on the side of caution when removing files from the system.
616d6f907dcSJoerg WunschFirstly, it will not do so if the uid of the account being removed is also used by
617d6f907dcSJoerg Wunschanother account on the system, and the 'home' directory in the password file is
618d6f907dcSJoerg Wunscha valid path that commences with the character
619d6f907dcSJoerg Wunsch.Ql \&/ .
620d6f907dcSJoerg WunschSecondly, it will only remove files and directories that are actually owned by
621d6f907dcSJoerg Wunschthe user, or symbolic links owned by anyone under the user's home directory.
622d6f907dcSJoerg WunschFinally, after deleting all contents owned by the user only empty directories
623d6f907dcSJoerg Wunschwill be removed.
624053375e8SMike PritchardIf any additional cleanup work is required, this is left to the administrator.
625d6f907dcSJoerg Wunsch.El
626d6f907dcSJoerg Wunsch.Pp
627d6f907dcSJoerg WunschMail spool files and crontabs are always removed when an account is deleted as these
628d6f907dcSJoerg Wunschare unconditionally attached to the user name.
629d6f907dcSJoerg WunschJobs queued for processing by
630d6f907dcSJoerg Wunsch.Ar at
631137db389SSteve Priceare also removed if the user's uid is unique and not also used by another account on the
632137db389SSteve Pricesystem.
633d6f907dcSJoerg Wunsch.Pp
634d6f907dcSJoerg WunschThe
635d6f907dcSJoerg Wunsch.Ar usershow
636d6f907dcSJoerg Wunschcommand allows viewing of an account in one of two formats.
637d6f907dcSJoerg WunschBy default, the format is identical to the format used in
638d6f907dcSJoerg Wunsch.Pa /etc/master.passwd
639d6f907dcSJoerg Wunschwith the password field replaced with a
640d6f907dcSJoerg Wunsch.Ql \&* .
641d6f907dcSJoerg WunschIf the
6429fd0dafcSJoerg Wunsch.Ql Fl P
6439fd0dafcSJoerg Wunschoption is used, then
6441dcc6ec7SPhilippe Charnier.Nm
645d6f907dcSJoerg Wunschoutputs the account details in a more human readable form.
646d6f907dcSJoerg WunschThe
647d6f907dcSJoerg Wunsch.Ql Fl a
6489fd0dafcSJoerg Wunschoption lists all users currently on file.
6499fd0dafcSJoerg Wunsch.Pp
6509fd0dafcSJoerg WunschThe command
6519fd0dafcSJoerg Wunsch.Ar usernext
6529fd0dafcSJoerg Wunschreturns the next available user and group ids separated by a colon.
6539fd0dafcSJoerg WunschThis is normally of interest only to interactive scripts or front-ends
6549fd0dafcSJoerg Wunschthat use
6559fd0dafcSJoerg Wunsch.Nm pw .
656d6f907dcSJoerg Wunsch.Pp
657d6f907dcSJoerg Wunsch.Sh GROUP OPTIONS
658d6f907dcSJoerg WunschThe
659137db389SSteve Price.Ql Fl C
660d6f907dcSJoerg Wunschand
661d6f907dcSJoerg Wunsch.Ql Fl q
6629fd0dafcSJoerg Wunschoptions (explained at the start of the previous section) are available
6639fd0dafcSJoerg Wunschwith the group manipulation commands.
664d6f907dcSJoerg WunschOther common options to all group-related commands are:
6659fd0dafcSJoerg Wunsch.Bl -tag -width "-m newmembers"
666d6f907dcSJoerg Wunsch.It Fl n Ar name
6671dcc6ec7SPhilippe CharnierSpecify the group name.
668d6f907dcSJoerg Wunsch.It Fl g Ar gid
6691dcc6ec7SPhilippe CharnierSpecify the group numeric id.
670d6f907dcSJoerg Wunsch.Pp
6719fd0dafcSJoerg WunschAs with the account name and id fields, you will usually only need
6729fd0dafcSJoerg Wunschto supply one of these, as the group name implies the uid and vice
6739fd0dafcSJoerg Wunschversa.
6749fd0dafcSJoerg WunschYou will only need to use both when setting a specific group id
6759fd0dafcSJoerg Wunschagainst a new group or when changing the uid of an existing group.
676137db389SSteve Price.Ql Fl M Ar memberlist
6779fd0dafcSJoerg WunschThis option provides an alternative way to add existing users to a
6789fd0dafcSJoerg Wunschnew group (in groupadd) or replace an existing membership list (in
6799fd0dafcSJoerg Wunschgroupmod).
6809fd0dafcSJoerg Wunsch.Ar memberlist
6819fd0dafcSJoerg Wunschis a comma separated list of valid and existing user names or uids.
6829fd0dafcSJoerg Wunsch.It Fl m Ar newmembers
6839fd0dafcSJoerg WunschSimilar to
684137db389SSteve Price.Ql Fl M ,
6859fd0dafcSJoerg Wunschthis option allows the
6869fd0dafcSJoerg Wunsch.Em addition
687137db389SSteve Priceof existing users to a group without replacing the existing list of
6889fd0dafcSJoerg Wunschmembers.
689137db389SSteve PriceLogin names or user ids may be used, and duplicate users are
690137db389SSteve Pricesilently eliminated.
691d6f907dcSJoerg Wunsch.El
692d6f907dcSJoerg Wunsch.Pp
693d6f907dcSJoerg Wunsch.Ar groupadd
694d6f907dcSJoerg Wunschalso has a
695d6f907dcSJoerg Wunsch.Ql Fl o
696137db389SSteve Priceoption that allows allocation of an existing group id to a new group.
697d6f907dcSJoerg WunschThe default action is to reject an attempt to add a group, and this option overrides
698d6f907dcSJoerg Wunschthe check for duplicate group ids.
699d6f907dcSJoerg WunschThere is rarely any need to duplicate a group id.
700d6f907dcSJoerg Wunsch.Pp
701d6f907dcSJoerg WunschThe
702d6f907dcSJoerg Wunsch.Ar groupmod
703137db389SSteve Pricecommand adds one additional option:
704d6f907dcSJoerg Wunsch.Pp
7059fd0dafcSJoerg Wunsch.Bl -tag -width "-m newmembers"
706d6f907dcSJoerg Wunsch.It Fl l Ar name
707d6f907dcSJoerg WunschThis option allows changing of an existing group name to
708d6f907dcSJoerg Wunsch.Ql \&name .
709d6f907dcSJoerg WunschThe new name must not already exist, and any attempt to duplicate an existing group
710d6f907dcSJoerg Wunschname will be rejected.
711d6f907dcSJoerg Wunsch.El
712d6f907dcSJoerg Wunsch.Pp
713d6f907dcSJoerg WunschOptions for
714d6f907dcSJoerg Wunsch.Ar groupshow
715d6f907dcSJoerg Wunschare the same as for
716d6f907dcSJoerg Wunsch.Ar usershow ,
717d6f907dcSJoerg Wunschwith the
718d6f907dcSJoerg Wunsch.Ql Fl g Ar gid
719d6f907dcSJoerg Wunschreplacing
720d6f907dcSJoerg Wunsch.Ql Fl u Ar uid
721d6f907dcSJoerg Wunschto specify the group id.
722d6f907dcSJoerg Wunsch.Pp
7239fd0dafcSJoerg WunschThe command
7249fd0dafcSJoerg Wunsch.Ar groupnext
7259fd0dafcSJoerg Wunschreturns the next available group id on standard output.
7269fd0dafcSJoerg Wunsch.Sh DIAGNOSTICS
7271dcc6ec7SPhilippe Charnier.Nm Pw
728137db389SSteve Pricereturns EXIT_SUCCESS on successful operation, otherwise
729137db389SSteve Price.Nm
730137db389SSteve Pricereturns one of the
7319fd0dafcSJoerg Wunschfollowing exit codes defined by
7329fd0dafcSJoerg Wunsch.Xr sysexits 3
7339fd0dafcSJoerg Wunschas follows:
7349fd0dafcSJoerg Wunsch.Bl -tag -width xxxx
7359fd0dafcSJoerg Wunsch.It EX_USAGE
7369fd0dafcSJoerg Wunsch.Bl -bullet -compact
7379fd0dafcSJoerg Wunsch.It
7381dcc6ec7SPhilippe CharnierCommand line syntax errors (invalid keyword, unknown option).
7399fd0dafcSJoerg Wunsch.El
7409fd0dafcSJoerg Wunsch.It EX_NOPERM
7419fd0dafcSJoerg Wunsch.Bl -bullet -compact
7429fd0dafcSJoerg Wunsch.It
7439fd0dafcSJoerg WunschAttempting to run one of the update modes as non-root.
7449fd0dafcSJoerg Wunsch.El
7459fd0dafcSJoerg Wunsch.It EX_OSERR
7469fd0dafcSJoerg Wunsch.Bl -bullet -compact
7479fd0dafcSJoerg Wunsch.It
7489fd0dafcSJoerg WunschMemory allocation error.
7499fd0dafcSJoerg Wunsch.It
7509fd0dafcSJoerg WunschRead error from password file descriptor.
7519fd0dafcSJoerg Wunsch.El
7529fd0dafcSJoerg Wunsch.It EX_DATAERR
7539fd0dafcSJoerg Wunsch.Bl -bullet -compact
7549fd0dafcSJoerg Wunsch.It
7559fd0dafcSJoerg WunschBad or invalid data provided or missing on the command line or
756137db389SSteve Pricevia the password file descriptor.
7579fd0dafcSJoerg Wunsch.It
7589fd0dafcSJoerg WunschAttempted to remove, rename root account or change its uid.
7599fd0dafcSJoerg Wunsch.El
7609fd0dafcSJoerg Wunsch.It EX_OSFILE
7619fd0dafcSJoerg Wunsch.Bl -bullet -compact
7629fd0dafcSJoerg Wunsch.It
7639fd0dafcSJoerg WunschSkeleton directory is invalid or does not exist.
7649fd0dafcSJoerg Wunsch.It
7659fd0dafcSJoerg WunschBase home directory is invalid or does not exist.
7669fd0dafcSJoerg Wunsch.It
767137db389SSteve PriceInvalid or non-existent shell specified.
7689fd0dafcSJoerg Wunsch.El
7699fd0dafcSJoerg Wunsch.It EX_NOUSER
7709fd0dafcSJoerg Wunsch.Bl -bullet -compact
7719fd0dafcSJoerg Wunsch.It
7729fd0dafcSJoerg WunschUser, user id, group or group id specified does not exist.
7739fd0dafcSJoerg Wunsch.It
774137db389SSteve PriceUser or group recorded, added, or modified unexpectedly disappeared.
7759fd0dafcSJoerg Wunsch.El
7769fd0dafcSJoerg Wunsch.It EX_SOFTWARE
7779fd0dafcSJoerg Wunsch.Bl -bullet -compact
7789fd0dafcSJoerg Wunsch.It
7799fd0dafcSJoerg WunschNo more group or user ids available within specified range.
7809fd0dafcSJoerg Wunsch.El
7819fd0dafcSJoerg Wunsch.It EX_IOERR
7829fd0dafcSJoerg Wunsch.Bl -bullet -compact
7839fd0dafcSJoerg Wunsch.It
7849fd0dafcSJoerg WunschUnable to rewrite configuration file.
7859fd0dafcSJoerg Wunsch.It
7869fd0dafcSJoerg WunschError updating group or user database files.
7879fd0dafcSJoerg Wunsch.It
7889fd0dafcSJoerg WunschUpdate error for passwd or group database files.
7899fd0dafcSJoerg Wunsch.El
7909fd0dafcSJoerg Wunsch.It EX_CONFIG
7919fd0dafcSJoerg Wunsch.Bl -bullet -compact
7929fd0dafcSJoerg Wunsch.It
7939fd0dafcSJoerg WunschNo base home directory configured.
7949fd0dafcSJoerg Wunsch.El
7959fd0dafcSJoerg Wunsch.El
7969fd0dafcSJoerg Wunsch.Pp
797d6f907dcSJoerg Wunsch.Sh NOTES
798d6f907dcSJoerg WunschFor a summary of options available with each command, you can use
799d6f907dcSJoerg Wunsch.Dl pw [command] help
800d6f907dcSJoerg WunschFor example,
801d6f907dcSJoerg Wunsch.Dl pw useradd help
802d6f907dcSJoerg Wunschlists all available options for the useradd operation.
803d9b711b7SDavid Nugent.Pp
8041dcc6ec7SPhilippe Charnier.Nm Pw
805137db389SSteve Priceallows 8-bit characters in the passwd GECOS field (user's full name,
806d9b711b7SDavid Nugentoffice, work and home phone number subfields), but disallows them in
807d9b711b7SDavid Nugentuser login and group names.
808137db389SSteve PriceUse 8-bit characters with caution, as connection to the Internet will
809d9b711b7SDavid Nugentrequire that your mail transport program supports 8BITMIME, and will
810d9b711b7SDavid Nugentconvert headers containing 8-bit characters to 7-bit quoted-printable
811d9b711b7SDavid Nugentformat.
812d9b711b7SDavid Nugent.Xr sendmail 8
813d9b711b7SDavid Nugentdoes support this.
814137db389SSteve PriceUse of 8-bit characters in the GECOS field should be used in
815d9b711b7SDavid Nugentconjunction with the user's default locale and character set
816d9b711b7SDavid Nugentand should not be implemented without their use.
817d9b711b7SDavid NugentUsing 8-bit characters may also affect other
818137db389SSteve Priceprograms that transmit the contents of the GECOS field over the
819137db389SSteve PriceInternet, such as
820d9b711b7SDavid Nugent.Xr fingerd 8 ,
821137db389SSteve Priceand a small number of TCP/IP clients, such as IRC, where full names
822d9b711b7SDavid Nugentspecified in the passwd file may be used by default.
823d6f907dcSJoerg Wunsch.Sh FILES
824d6f907dcSJoerg Wunsch.Bl -tag -width /etc/master.passwd.new -compact
825d6f907dcSJoerg Wunsch.It Pa /etc/master.passwd
826d6f907dcSJoerg WunschThe user database
827d6f907dcSJoerg Wunsch.It Pa /etc/passwd
828d6f907dcSJoerg WunschA Version 7 format password file
8299fd0dafcSJoerg Wunsch.It Pa /etc/login.conf
8309fd0dafcSJoerg WunschThe user capabilities database
831d6f907dcSJoerg Wunsch.It Pa /etc/group
832d6f907dcSJoerg WunschThe group database
833d6f907dcSJoerg Wunsch.It Pa /etc/master.passwd.new
834d6f907dcSJoerg WunschTemporary copy of the master password file
835d6f907dcSJoerg Wunsch.It Pa /etc/passwd.new
836d6f907dcSJoerg WunschTemporary copy of the Version 7 password file
837d6f907dcSJoerg Wunsch.It Pa /etc/group.new
838d6f907dcSJoerg WunschTemporary copy of the group file
839d6f907dcSJoerg Wunsch.It Pa /etc/pw.conf
840d6f907dcSJoerg WunschPw default options file
841d6f907dcSJoerg Wunsch.El
842d6f907dcSJoerg Wunsch.Sh SEE ALSO
843d6f907dcSJoerg Wunsch.Xr chpass 1 ,
844053375e8SMike Pritchard.Xr passwd 1 ,
845d6f907dcSJoerg Wunsch.Xr group 5 ,
846bfd34a4aSWolfram Schneider.Xr login.conf 5 ,
847053375e8SMike Pritchard.Xr passwd 5 ,
848053375e8SMike Pritchard.Xr pw.conf 5 ,
849d6f907dcSJoerg Wunsch.Xr pwd_mkdb 8 ,
850053375e8SMike Pritchard.Xr vipw 8
851d6f907dcSJoerg Wunsch.Sh HISTORY
8521dcc6ec7SPhilippe Charnier.Nm Pw
8539fd0dafcSJoerg Wunschwas written to mimic many of the options used in the SYSV
854d6f907dcSJoerg Wunsch.Em shadow
8559fd0dafcSJoerg Wunschsupport suite, but is modified for passwd and group fields specific to
856053375e8SMike Pritchardthe
857053375e8SMike Pritchard.Bx 4.4
8589fd0dafcSJoerg Wunschoperating system, and combines all of the major elements
8599fd0dafcSJoerg Wunschinto a single command.
860