795 lines
26 KiB
HTML
795 lines
26 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
|
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
|
|
|
|
<title>Debian GNU/Linux System Administrator's Manual (Obsolete Documentation) - Managing User Accounts</title>
|
|
|
|
<link href="index.html" rel="start">
|
|
<link href="ch-sysadmin-booting.html" rel="prev">
|
|
<link href="ch-sysadmin-sessions.html" rel="next">
|
|
<link href="index.html#contents" rel="contents">
|
|
<link href="index.html#copyright" rel="copyright">
|
|
<link href="ch-sysadmin-intro.html" rel="chapter" title="1 Introduction">
|
|
<link href="ch-sysadmin-overview.html" rel="chapter" title="2 Overview of a Debian GNU/Linux System">
|
|
<link href="ch-sysadmin-files.html" rel="chapter" title="3 Files and Devices">
|
|
<link href="ch4.html" rel="chapter" title="4 Programs and processes">
|
|
<link href="ch-sysadmin-directories.html" rel="chapter" title="5 Directory Structure">
|
|
<link href="ch-sysadmin-filesystems.html" rel="chapter" title="6 Filesystems and Storage Media">
|
|
<link href="ch-sysadmin-booting.html" rel="chapter" title="7 Boot and Shutdown">
|
|
<link href="ch-sysadmin-users.html" rel="chapter" title="8 Managing User Accounts">
|
|
<link href="ch-sysadmin-sessions.html" rel="chapter" title="9 Logging In and Out">
|
|
<link href="ch-sysadmin-printing.html" rel="chapter" title="10 Printing">
|
|
<link href="ch-sysadmin-accounting.html" rel="chapter" title="11 Accounting">
|
|
<link href="ch-sysadmin-backup.html" rel="chapter" title="12 Backup and Restore">
|
|
<link href="ch-sysadmin-X.html" rel="chapter" title="13 X Windows">
|
|
<link href="ch-sysadmin-security.html" rel="chapter" title="14 Security">
|
|
<link href="ch-sysadmin-config.html" rel="chapter" title="15 System Configuration">
|
|
<link href="ch-sysadmin-time.html" rel="chapter" title="16 Time">
|
|
<link href="ch-sysadmin-localisation.html" rel="chapter" title="17 Localisation">
|
|
<link href="ch-sysadmin-index.html" rel="chapter" title="18 Index">
|
|
<link href="ch-sysadmin-intro.html#s1.1" rel="section" title="1.1 About this manual">
|
|
<link href="ch-sysadmin-intro.html#s1.2" rel="section" title="1.2 Where to find newer versions">
|
|
<link href="ch-sysadmin-intro.html#s1.3" rel="section" title="1.3 Comments">
|
|
<link href="ch-sysadmin-overview.html#s2.1" rel="section" title="2.1 The main components of a system">
|
|
<link href="ch-sysadmin-files.html#s3.1" rel="section" title="3.1 Files">
|
|
<link href="ch-sysadmin-files.html#s3.2" rel="section" title="3.2 Devices">
|
|
<link href="ch4.html#s4.1" rel="section" title="4.1 Programs">
|
|
<link href="ch4.html#s4.2" rel="section" title="4.2 Processes">
|
|
<link href="ch4.html#s4.3" rel="section" title="4.3 The /proc filesystem">
|
|
<link href="ch4.html#s4.4" rel="section" title="4.4 Tools for handling programs and processes">
|
|
<link href="ch-sysadmin-directories.html#s5.1" rel="section" title="5.1 Directories">
|
|
<link href="ch-sysadmin-directories.html#s5.2" rel="section" title="5.2 Permissions">
|
|
<link href="ch-sysadmin-directories.html#s5.3" rel="section" title="5.3 Links">
|
|
<link href="ch-sysadmin-directories.html#s5.4" rel="section" title="5.4 ACL - Access Control Lists">
|
|
<link href="ch-sysadmin-directories.html#s5.5" rel="section" title="5.5 Tools for managing directories">
|
|
<link href="ch-sysadmin-filesystems.html#s6.1" rel="section" title="6.1 Storage devices and media">
|
|
<link href="ch-sysadmin-filesystems.html#s6.2" rel="section" title="6.2 Types of filesystem">
|
|
<link href="ch-sysadmin-filesystems.html#s6.3" rel="section" title="6.3 Quotas">
|
|
<link href="ch-sysadmin-filesystems.html#s6.4" rel="section" title="6.4 Tools for managing filesystems">
|
|
<link href="ch-sysadmin-booting.html#s7.1" rel="section" title="7.1 Boot loaders">
|
|
<link href="ch-sysadmin-users.html#s8.1" rel="section" title="8.1 Concepts">
|
|
<link href="ch-sysadmin-users.html#s8.2" rel="section" title="8.2 Common tasks">
|
|
<link href="ch-sysadmin-users.html#s8.3" rel="section" title="8.3 Tools reference">
|
|
<link href="ch-sysadmin-users.html#s8.4" rel="section" title="8.4 Files reference">
|
|
<link href="ch-sysadmin-sessions.html#s9.1" rel="section" title="9.1 Starting a session - logging in">
|
|
<link href="ch-sysadmin-printing.html#s10.1" rel="section" title="10.1 Print devices">
|
|
<link href="ch-sysadmin-printing.html#s10.2" rel="section" title="10.2 Spooler">
|
|
<link href="ch-sysadmin-accounting.html#s11.1" rel="section" title="11.1 Concepts">
|
|
<link href="ch-sysadmin-backup.html#s12.1" rel="section" title="12.1 Why backup?">
|
|
<link href="ch-sysadmin-backup.html#s12.2" rel="section" title="12.2 What to backup?">
|
|
<link href="ch-sysadmin-backup.html#s12.3" rel="section" title="12.3 Backup devices and media">
|
|
<link href="ch-sysadmin-backup.html#s12.4" rel="section" title="12.4 Backup methods and software">
|
|
<link href="ch-sysadmin-backup.html#s12.5" rel="section" title="12.5 Types of backup">
|
|
<link href="ch-sysadmin-X.html#s13.1" rel="section" title="13.1 Overview of X">
|
|
<link href="ch-sysadmin-security.html#s14.1" rel="section" title="14.1 Threats">
|
|
<link href="ch-sysadmin-config.html#s15.1" rel="section" title="15.1 ???">
|
|
<link href="ch-sysadmin-time.html#s16.1" rel="section" title="16.1 Setting time, time zones and Daylight Saving">
|
|
<link href="ch-sysadmin-time.html#s16.2" rel="section" title="16.2 Setting and showing hardware clock">
|
|
<link href="ch-sysadmin-time.html#s-multiboot-with" rel="section" title="16.3 Multiboot with operating systems not understanding timezone">
|
|
<link href="ch-sysadmin-time.html#s-syncing-time" rel="section" title="16.4 Syncing time, rdate and NTP">
|
|
<link href="ch-sysadmin-time.html#s16.5" rel="section" title="16.5 Setting up an NTP server">
|
|
<link href="ch-sysadmin-time.html#s-radio-clocks" rel="section" title="16.6 Radio clocks">
|
|
<link href="ch-sysadmin-time.html#s16.7" rel="section" title="16.7 Timestamps">
|
|
<link href="ch-sysadmin-time.html#s16.8" rel="section" title="16.8 Time in cron">
|
|
<link href="ch-sysadmin-localisation.html#s17.1" rel="section" title="17.1 Environment variables">
|
|
<link href="ch-sysadmin-overview.html#s2.1.1" rel="subsection" title="2.1.1 The hardware">
|
|
<link href="ch-sysadmin-overview.html#s2.1.2" rel="subsection" title="2.1.2 The Linux kernel">
|
|
<link href="ch-sysadmin-overview.html#s2.1.3" rel="subsection" title="2.1.3 Devices">
|
|
<link href="ch-sysadmin-overview.html#s2.1.4" rel="subsection" title="2.1.4 Filesystems">
|
|
<link href="ch-sysadmin-files.html#s3.1.1" rel="subsection" title="3.1.1 Concepts">
|
|
<link href="ch-sysadmin-files.html#s3.1.2" rel="subsection" title="3.1.2 Inodes">
|
|
<link href="ch-sysadmin-files.html#s3.1.3" rel="subsection" title="3.1.3 Links">
|
|
<link href="ch-sysadmin-files.html#s3.1.4" rel="subsection" title="3.1.4 Permissions">
|
|
<link href="ch-sysadmin-files.html#s3.2.1" rel="subsection" title="3.2.1 Device drivers">
|
|
<link href="ch-sysadmin-files.html#s3.2.2" rel="subsection" title="3.2.2 Device nodes">
|
|
<link href="ch-sysadmin-files.html#s3.2.3" rel="subsection" title="3.2.3 Kernel modules">
|
|
<link href="ch-sysadmin-directories.html#s5.3.1" rel="subsection" title="5.3.1 Hard links">
|
|
<link href="ch-sysadmin-directories.html#s5.3.2" rel="subsection" title="5.3.2 Symbolic links">
|
|
<link href="ch-sysadmin-users.html#s8.1.1" rel="subsection" title="8.1.1 Usernames and User IDs">
|
|
<link href="ch-sysadmin-users.html#s8.1.2" rel="subsection" title="8.1.2 Groups and Group IDs">
|
|
<link href="ch-sysadmin-users.html#s8.1.3" rel="subsection" title="8.1.3 Passwords">
|
|
<link href="ch-sysadmin-users.html#s8.1.4" rel="subsection" title="8.1.4 Quotas">
|
|
<link href="ch-sysadmin-users.html#s8.2.1" rel="subsection" title="8.2.1 Adding new users">
|
|
<link href="ch-sysadmin-users.html#s8.2.2" rel="subsection" title="8.2.2 Changing or editing user information and settings">
|
|
<link href="ch-sysadmin-users.html#s8.2.3" rel="subsection" title="8.2.3 Removing user accounts">
|
|
<link href="ch-sysadmin-users.html#s8.2.4" rel="subsection" title="8.2.4 Changing user passwords">
|
|
<link href="ch-sysadmin-users.html#s8.2.5" rel="subsection" title="8.2.5 Setting and changing password expiry times">
|
|
<link href="ch-sysadmin-users.html#s8.2.6" rel="subsection" title="8.2.6 Creating groups">
|
|
<link href="ch-sysadmin-users.html#s8.2.7" rel="subsection" title="8.2.7 Editing groups">
|
|
<link href="ch-sysadmin-users.html#s8.2.8" rel="subsection" title="8.2.8 Deleting groups">
|
|
<link href="ch-sysadmin-users.html#s8.2.9" rel="subsection" title="8.2.9 Setting up quotas">
|
|
<link href="ch-sysadmin-users.html#s8.2.10" rel="subsection" title="8.2.10 Using shadow passwords">
|
|
<link href="ch-sysadmin-users.html#s8.3.1" rel="subsection" title="8.3.1 Command-line tools">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.1" rel="subsection" title="8.3.1.1 adduser, addgroup">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.2" rel="subsection" title="8.3.1.2 chage">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.3" rel="subsection" title="8.3.1.3 chfn">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.4" rel="subsection" title="8.3.1.4 chsh">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.5" rel="subsection" title="8.3.1.5 passwd">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.6" rel="subsection" title="8.3.1.6 userdel">
|
|
<link href="ch-sysadmin-users.html#s8.3.1.7" rel="subsection" title="8.3.1.7 vipw, vigr">
|
|
<link href="ch-sysadmin-users.html#s8.3.2" rel="subsection" title="8.3.2 Graphical tools">
|
|
<link href="ch-sysadmin-users.html#s8.4.1" rel="subsection" title="8.4.1 /etc/passwd">
|
|
<link href="ch-sysadmin-users.html#s8.4.2" rel="subsection" title="8.4.2 /etc/group">
|
|
<link href="ch-sysadmin-users.html#s8.4.3" rel="subsection" title="8.4.3 /etc/shadow">
|
|
<link href="ch-sysadmin-printing.html#s10.2.1" rel="subsection" title="10.2.1 Lp">
|
|
<link href="ch-sysadmin-printing.html#s10.2.2" rel="subsection" title="10.2.2 LPrng">
|
|
<link href="ch-sysadmin-backup.html#s-sect-floppy" rel="subsection" title="12.3.1 Floppy">
|
|
<link href="ch-sysadmin-backup.html#s12.3.1.1" rel="subsection" title="12.3.1.1 Backup example 1, suitable for disk media">
|
|
<link href="ch-sysadmin-backup.html#s12.3.1.2" rel="subsection" title="12.3.1.2 Backup example 2, suitable for tape media">
|
|
<link href="ch-sysadmin-backup.html#s12.3.1.3" rel="subsection" title="12.3.1.3 Backup example 3, suitable for disk media with DOS file system">
|
|
<link href="ch-sysadmin-backup.html#s12.3.2" rel="subsection" title="12.3.2 High Capacity Floppies">
|
|
<link href="ch-sysadmin-backup.html#s12.3.3" rel="subsection" title="12.3.3 CD-R and CD-RW">
|
|
<link href="ch-sysadmin-backup.html#s12.3.4" rel="subsection" title="12.3.4 Tapes">
|
|
<link href="ch-sysadmin-backup.html#s12.4.1" rel="subsection" title="12.4.1 Network backups">
|
|
<link href="ch-sysadmin-backup.html#s12.4.1.1" rel="subsection" title="12.4.1.1 Installing EMC NetWorker Client">
|
|
<link href="ch-sysadmin-backup.html#s12.4.1.2" rel="subsection" title="12.4.1.2 Setting up and Configuring">
|
|
<link href="ch-sysadmin-backup.html#s12.4.2" rel="subsection" title="12.4.2 Tar et al">
|
|
<link href="ch-sysadmin-backup.html#s12.4.3" rel="subsection" title="12.4.3 Backup software">
|
|
<link href="ch-sysadmin-time.html#s-tzconfig" rel="subsection" title="16.1.1 Changing the timezone after installation">
|
|
<link href="ch-sysadmin-time.html#s16.1.2" rel="subsection" title="16.1.2 Setting the TZ environment variable.">
|
|
<link href="ch-sysadmin-time.html#s16.4.1" rel="subsection" title="16.4.1 Setting time at system boot">
|
|
<link href="ch-sysadmin-time.html#s16.4.2" rel="subsection" title="16.4.2 Setting time using NTP">
|
|
<link href="ch-sysadmin-time.html#s16.4.3" rel="subsection" title="16.4.3 Other methods">
|
|
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<p><a name="ch-sysadmin-users"></a></p>
|
|
<hr>
|
|
|
|
<p>
|
|
[ <a href="ch-sysadmin-booting.html">previous</a> ]
|
|
[ <a href="index.html#contents">Contents</a> ]
|
|
[ <a href="ch-sysadmin-intro.html">1</a> ]
|
|
[ <a href="ch-sysadmin-overview.html">2</a> ]
|
|
[ <a href="ch-sysadmin-files.html">3</a> ]
|
|
[ <a href="ch4.html">4</a> ]
|
|
[ <a href="ch-sysadmin-directories.html">5</a> ]
|
|
[ <a href="ch-sysadmin-filesystems.html">6</a> ]
|
|
[ <a href="ch-sysadmin-booting.html">7</a> ]
|
|
[ 8 ]
|
|
[ <a href="ch-sysadmin-sessions.html">9</a> ]
|
|
[ <a href="ch-sysadmin-printing.html">10</a> ]
|
|
[ <a href="ch-sysadmin-accounting.html">11</a> ]
|
|
[ <a href="ch-sysadmin-backup.html">12</a> ]
|
|
[ <a href="ch-sysadmin-X.html">13</a> ]
|
|
[ <a href="ch-sysadmin-security.html">14</a> ]
|
|
[ <a href="ch-sysadmin-config.html">15</a> ]
|
|
[ <a href="ch-sysadmin-time.html">16</a> ]
|
|
[ <a href="ch-sysadmin-localisation.html">17</a> ]
|
|
[ <a href="ch-sysadmin-index.html">18</a> ]
|
|
[ <a href="ch-sysadmin-sessions.html">next</a> ]
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h1>
|
|
Debian GNU/Linux System Administrator's Manual (Obsolete Documentation)
|
|
<br>Chapter 8 - Managing User Accounts
|
|
</h1>
|
|
|
|
<hr>
|
|
|
|
<p>
|
|
author = ?
|
|
</p>
|
|
|
|
<p>
|
|
topics = ?
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h2><a name="s8.1"></a>8.1 Concepts</h2>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.1.1"></a>8.1.1 Usernames and User IDs</h3>
|
|
|
|
<p>
|
|
Each user of a UNIX system such as Debian has a username which uniquely
|
|
identifies them. Usernames are associated with user IDs (or UIDs), and in fact
|
|
it is the UID which the underlying system uses to identify users; usernames,
|
|
however, are more mnemonic and tend to be used for most day-to-day purposes.
|
|
</p>
|
|
|
|
<p>
|
|
Usernames are typically composed of alphanumeric characters, that is letters
|
|
and numbers. Most usernames are forms of the user's own name (for instance
|
|
"jane", "janedoe", or "jdoe") or relate to a role
|
|
or a pseudo-user created for the purpose of administering part of the system,
|
|
for instance "root" (for the superuser account) and
|
|
"www-data" (for the account which owns and runs web servers and
|
|
related services under Debian).
|
|
</p>
|
|
|
|
<p>
|
|
UIDs are numbers from zero to 65534. The numbers are grouped as follows:
|
|
</p>
|
|
|
|
<p>
|
|
UIDs 0-99 are globally allocated by the Debian project and are used for system
|
|
accounts. The "root" account, for instance, is UID 0.
|
|
</p>
|
|
|
|
<p>
|
|
UIDs 100-999 are for system users which have not been allocated by the Debian
|
|
project.
|
|
</p>
|
|
|
|
<p>
|
|
UIDs 1000-29999 are normal user accounts.
|
|
</p>
|
|
|
|
<p>
|
|
UID 65534 is user "nobody", an account with no rights or permissions.
|
|
</p>
|
|
|
|
<p>
|
|
For more information about the allocation of UIDs, see the Debian policy
|
|
manual.
|
|
</p>
|
|
|
|
<p>
|
|
Users may usually be referred to by either username or UID.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.1.2"></a>8.1.2 Groups and Group IDs</h3>
|
|
|
|
<p>
|
|
Groups are used to refer to logical groups of users on the system. Groups have
|
|
group IDs (GIDs) just as users have UIDs, and the numeric ranges for different
|
|
types of groups are the same as those for users.
|
|
</p>
|
|
|
|
<p>
|
|
A typical example of a group on the system might be "webadmin" where
|
|
people who administer a website might be grouped together. This would allow
|
|
users to create files and directories to which all of the "webadmin"
|
|
group had read or write access.
|
|
</p>
|
|
|
|
<p>
|
|
Groups may usually be referred to by either their name or GID.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.1.3"></a>8.1.3 Passwords</h3>
|
|
|
|
<p>
|
|
Each user on a Debian system has a password which they must use to login to the
|
|
system. This password is initially specified at the time of account creation,
|
|
and may be changed at any time by the user or by the system administrator.
|
|
</p>
|
|
|
|
<p>
|
|
Passwords are stored in an encrypted format on the system. The type of
|
|
encryption used is referred to as one-way or "trapdoor" encryption,
|
|
meaning that it cannot be reversed to find the original password. Instead, the
|
|
password typed by the user at login time is similarly encrypted, and the two
|
|
encrypted versions are compared to see if they are the same.
|
|
</p>
|
|
|
|
<p>
|
|
Passwords are typically composed of alphanumeric and punctuation characters.
|
|
It is considered good practice to choose a password which contains a mixture of
|
|
upper and lower case characters, numbers, and punctuation, as this makes it
|
|
harder to guess and less susceptible to a "dictionary" attack,
|
|
whereby each word in a dictionary is encrypted and the encrypted versions
|
|
compared to the encrypted passwords on the system.
|
|
</p>
|
|
|
|
<p>
|
|
Shadow passwords are used as a means of hiding even the encrypted form of
|
|
password from users. The normal password file is world-readable, however the
|
|
shadow password file is only readable by the superuser.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.1.4"></a>8.1.4 Quotas</h3>
|
|
|
|
<p>
|
|
A concept related to users, in that it is often part of the account creation
|
|
process, is that of quotas. Quotas allow the system administrator to restrict
|
|
the amount of disk space used by a user.
|
|
</p>
|
|
|
|
<p>
|
|
This subject is discussed in more detail in the filesystems chapter of this
|
|
manual. See <a href="ch-sysadmin-filesystems.html">Filesystems and Storage
|
|
Media, Chapter 6</a> for details.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h2><a name="s8.2"></a>8.2 Common tasks</h2>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.1"></a>8.2.1 Adding new users</h3>
|
|
|
|
<p>
|
|
New users are usually added using the <code>adduser</code> tool. Typical
|
|
syntax is <code>adduser <var>username</var></code>, which will prompt the
|
|
administrator for various information such as the user's full name, initial
|
|
home directory, et cetera.
|
|
</p>
|
|
|
|
<p>
|
|
There is also a <code>useradd</code> program, which predates
|
|
<code>adduser</code>. Using <code>useradd</code> is discouraged.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.2"></a>8.2.2 Changing or editing user information and settings</h3>
|
|
|
|
<p>
|
|
User information (such as the user's home directory location, real name, etc)
|
|
may be changed using the <code>usermod</code> program. The <code>chfn</code>
|
|
program is intended specifically for changing the "full name" and
|
|
other contact detail stored in the password file, while the <code>chsh</code>
|
|
command may be used to change a user's default shell.
|
|
</p>
|
|
|
|
<p>
|
|
You may also change user information by editing the <code>/etc/passwd</code>
|
|
file directly. The best tool for doing this is <code>vipw</code> program,
|
|
which locks the file and brings it up for editing in your favourite editor (as
|
|
found in the VISUAL or EDITOR environment variables).
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.3"></a>8.2.3 Removing user accounts</h3>
|
|
|
|
<p>
|
|
User accounts can be removed using the <code>userdel</code> command.
|
|
</p>
|
|
|
|
<p>
|
|
If you are running a large system, you might want to make a policy of not
|
|
deleting user accounts, instead just marking them disabled . You may have
|
|
files on disk or backup tapes belonging to the user to be deleted, and if you
|
|
later re-use the numeric UID those files change owner. Unix uses the UID to
|
|
determine who owns files, and can not know that the user is not the same.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.4"></a>8.2.4 Changing user passwords</h3>
|
|
|
|
<p>
|
|
The system administrator may change any user's password by typing <code>passwd
|
|
<var>username</var></code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.5"></a>8.2.5 Setting and changing password expiry times</h3>
|
|
|
|
<p>
|
|
If you are using shadow passwords, you can set up the system so that passwords
|
|
expire after a certain number of days. When a password is due for expiry, the
|
|
user is warned and must change their password to avoid having their account
|
|
locked or disabled.
|
|
</p>
|
|
|
|
<p>
|
|
The tool used to set password expiry times is <code>chage</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.6"></a>8.2.6 Creating groups</h3>
|
|
|
|
<p>
|
|
Groups may be created by using the <code>addgroup</code> tool. Typical syntax
|
|
for the <code>addgroup</code> command is <code>addgroup
|
|
<var>groupname</var></code>.
|
|
</p>
|
|
|
|
<p>
|
|
Administrators may also choose to add groups to the <code>/etc/group</code>
|
|
directly. The best tool for doing this is the <code>vigr</code> program, which
|
|
locks the file and brings it up for editing in your favourite editor (as found
|
|
in the VISUAL or EDITOR environment variables).
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.7"></a>8.2.7 Editing groups</h3>
|
|
|
|
<p>
|
|
Groups may be edited using the <code>groupmod</code> tool.
|
|
</p>
|
|
|
|
<p>
|
|
Administrators may also choose to edit the <code>/etc/group</code> directly.
|
|
The best tool for doing this is the <code>vigr</code> program, which locks the
|
|
file and brings it up for editing in your favourite editor (as found in the
|
|
VISUAL or EDITOR environment variables).
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.8"></a>8.2.8 Deleting groups</h3>
|
|
|
|
<p>
|
|
Groups may be deleted using the <code>groupdel</code> tool.
|
|
</p>
|
|
|
|
<p>
|
|
Administrators may also choose to delete groups from the
|
|
<code>/etc/group</code> directly. The best tool for doing this is the
|
|
<code>vigr</code> program, which locks the file and brings it up for editing in
|
|
your favourite editor (as found in the VISUAL or EDITOR environment variables).
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.9"></a>8.2.9 Setting up quotas</h3>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.2.10"></a>8.2.10 Using shadow passwords</h3>
|
|
|
|
<p>
|
|
Shadow passwords can be turned on and off using the <code>shadowconfig</code>
|
|
tool.
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>shadowconfig(8)</code>
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h2><a name="s8.3"></a>8.3 Tools reference</h2>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.3.1"></a>8.3.1 Command-line tools</h3>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.1"></a>8.3.1.1 adduser, addgroup</h4>
|
|
|
|
<p>
|
|
In the short form, these commands can be used by simply typing <samp>adduser
|
|
<var>username</var></samp> or <samp>addgroup <var>groupname</var></samp>. This
|
|
provides an interactive interface which will prompt the administrator for
|
|
various values, such as a user's home directory. There are also a number of
|
|
command line options which can be used to specify these values.
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>adduser(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.2"></a>8.3.1.2 chage</h4>
|
|
|
|
<p>
|
|
See also <code>chage(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.3"></a>8.3.1.3 chfn</h4>
|
|
|
|
<p>
|
|
The <code>chfn</code> command may be used to change a user's "full
|
|
name" or other information stored in the password file. If no command
|
|
line options are used, the command runs in an interactive fashion, prompting
|
|
for input for each field.
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>chfn(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.4"></a>8.3.1.4 chsh</h4>
|
|
|
|
<p>
|
|
The basic syntax of the <code>chsh</code> command is <samp>chsh -s
|
|
<var>shell</var> <var>username</var></samp>. However, if the <samp>-s</samp>
|
|
parameter is omitted, the administrator will be prompted for which shell to
|
|
use. The username is also optional: only the superuser may change other users'
|
|
shells; ordinary users may change their own shell simply by typing
|
|
<samp>chsh</samp>
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>chsh(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.5"></a>8.3.1.5 passwd</h4>
|
|
|
|
<p>
|
|
The basic form of the <code>passwd</code> command (as used by the system
|
|
administrator) is <samp>passwd <var>username</var></samp>, which will prompt
|
|
for the user's new password.
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>passwd(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.6"></a>8.3.1.6 userdel</h4>
|
|
|
|
<p>
|
|
The basic syntax of the <code>userdel</code> command is <samp>userdel
|
|
<var>username</var></samp>.
|
|
</p>
|
|
|
|
<p>
|
|
See also <code>userdel(8)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h4><a name="s8.3.1.7"></a>8.3.1.7 vipw, vigr</h4>
|
|
|
|
<p>
|
|
See also <code>vipw(1)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.3.2"></a>8.3.2 Graphical tools</h3>
|
|
|
|
<hr>
|
|
|
|
<h2><a name="s8.4"></a>8.4 Files reference</h2>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.4.1"></a>8.4.1 /etc/passwd</h3>
|
|
|
|
<p>
|
|
The <code>/etc/passwd</code> file consists of user records, one to a line.
|
|
Each record contains multiple fields, separated by colons (<samp>:</samp>).
|
|
The fields are:
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
username
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
encrypted password (or <samp>x</samp> if shadow passwords are in use)
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
UID
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
default GID
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
real name (also known as the GECOS field)
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
home directory
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
default shell
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
See also <code>passwd(5)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.4.2"></a>8.4.2 /etc/group</h3>
|
|
|
|
<p>
|
|
The <code>/etc/group</code> file consists of group records, one to a line.
|
|
Each record contains multiple fields, separated by colons (<samp>:</samp>).
|
|
The fields are:
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
group name
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
encrypted group password (or <samp>x</samp> if shadow passwords are in use)
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
GID
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
group members' usernames, comma-separated
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
See also <code>group(5)</code>.
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<h3><a name="s8.4.3"></a>8.4.3 /etc/shadow</h3>
|
|
|
|
<p>
|
|
If shadow passwords are being used, the <code>/etc/shadow</code> file contains
|
|
users' encrypted passwords and other information about the passwords. Its
|
|
fields are colon-separated as for <code>/etc/passwd</code>, and are as follows:
|
|
</p>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
username
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
encrypted password
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days since Jan 1, 1970 that password was last changed
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days before password may be changed
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days after which password must be changed
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days before password is to expire that user is warned
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days after password expires that account is disabled
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
Days since Jan 1, 1970 that account is disabled
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li>
|
|
<p>
|
|
A reserved field
|
|
</p>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
The password expiry related fields are modified by the <code>chage</code>
|
|
program.
|
|
</p>
|
|
|
|
<p>
|
|
See also: <code>shadow(5)</code>
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<p>
|
|
[ <a href="ch-sysadmin-booting.html">previous</a> ]
|
|
[ <a href="index.html#contents">Contents</a> ]
|
|
[ <a href="ch-sysadmin-intro.html">1</a> ]
|
|
[ <a href="ch-sysadmin-overview.html">2</a> ]
|
|
[ <a href="ch-sysadmin-files.html">3</a> ]
|
|
[ <a href="ch4.html">4</a> ]
|
|
[ <a href="ch-sysadmin-directories.html">5</a> ]
|
|
[ <a href="ch-sysadmin-filesystems.html">6</a> ]
|
|
[ <a href="ch-sysadmin-booting.html">7</a> ]
|
|
[ 8 ]
|
|
[ <a href="ch-sysadmin-sessions.html">9</a> ]
|
|
[ <a href="ch-sysadmin-printing.html">10</a> ]
|
|
[ <a href="ch-sysadmin-accounting.html">11</a> ]
|
|
[ <a href="ch-sysadmin-backup.html">12</a> ]
|
|
[ <a href="ch-sysadmin-X.html">13</a> ]
|
|
[ <a href="ch-sysadmin-security.html">14</a> ]
|
|
[ <a href="ch-sysadmin-config.html">15</a> ]
|
|
[ <a href="ch-sysadmin-time.html">16</a> ]
|
|
[ <a href="ch-sysadmin-localisation.html">17</a> ]
|
|
[ <a href="ch-sysadmin-index.html">18</a> ]
|
|
[ <a href="ch-sysadmin-sessions.html">next</a> ]
|
|
</p>
|
|
|
|
<hr>
|
|
|
|
<p>
|
|
Debian GNU/Linux System Administrator's Manual (Obsolete Documentation)
|
|
</p>
|
|
|
|
<address>
|
|
This manual is OBSOLETE and DEPRECATED since 2006, 29 Dezember 2009. Instead see http://www.de.debian.org/doc/user-manuals#quick-reference.<br>
|
|
<br>
|
|
Ardo van Rangelrooij <code><a href="mailto:ardo.van.rangelrooij@tip.nl">ardo.van.rangelrooij@tip.nl</a></code><br>
|
|
Tapio Lehtonen <code><a href="mailto:Tapio.Lehtonen@IKI.FI">Tapio.Lehtonen@IKI.FI</a></code><br>
|
|
Oliver Elphick - Previous maintainer<br>
|
|
<br>
|
|
</address>
|
|
<hr>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|