.\" extracted from adduser.sh by cmt2doc.pl .TH ADDUSER 8 "5 August 1999" "FreeWare" "MAINTENANCE COMMANDS" .PD .8v .SH NAME adduser.sh \- portable add user script .SH SYNOPSIS .nf \fBadduser.sh\fR [options] \fIfile\fR ... \fBadduser.sh\fR [options] [\fIusername\fR \fIfullname\fR] .fi .SH DESCRIPTION Adds users and their home directory to many different *nix. It can populate home directories with prototype files and initiate user or group quotas if desired (and suppored by the OS). If given one or more \fIfile\fRs (``-'' indicates stdin) users are added in batch mode. Each \fIfile\fR should contain records like: .nf var=value username full name or username:passwd:uid:gid:full name:home:shell .fi It does not matter whether the OS uses shadow passwd files or has extra fields, adduser\&.sh allways deals with v7 format passwd entries and converts them to the OS specific format. If your OS does not use a plain v7 passwd file, it is wise to set the \fB\-7\fR flag so that adduser will bail out if it does not know what to do for your OS. The \fIvar\fR=\fIvalue\fR records can be used to change defaults. They are evaluated as root \- so take care! If \fIusername\fR is given and contains several ``:'' chars it is assumed to be a complete passwd(5) entry ready to include. Note that regardless of the system, this argument should be in the old seven field format. If the user id is to duplicate an existing account (eg. \fIuid\fR is 0) \fB\-f\fR is required (see Options below). If \fIusername\fR is present but does not contain any ``:'' chars, then \fIusername\fR and \fIfullname\fR are used as described below, but no interaction is required. Only a single user can be added this way. If \fIusername\fR is not given it prompts for a \fIusername\fR and \fIfullname\fR which become part of the passwd file entry for the new user. It adds \fIusername\fR to \fIGroup\fR (creating it if necessary) and uses \fIuid\fR or the \fBgid\fR of \fIGroup\fR (\fIGroupId\fR) as a starting point for its search for an unused \fBuid\fR. By default it will prompt for a passwd after adding each user, but \fB\-p\fR can be used to set a pre-encrypted password or \fB\-P\fR can be used to give a clear text password which the script will encrypt and then use for each new \fIusername\fR. Most of the variables used are obvious. \fIHomes\fR is the parent directory of new users home directories. .TP Options: .TP \fB\-f\fR Force the nominated ids to be used. This is needed if duplicate uid's are wanted. .TP \fB\-u\fR \fIuid\fR If \fB\-f\fR is used, then the user(s) will be given this \fIuid\fR, otherwise it is used as the starting point in the search for an unused uid. .TP \fB\-g\fR \fIGroupId\fR Put users in the group with this gid. .PP -G \fIGroup\fR[:\fIGroupId\fR] Add users to \fIGroup\fR creating it if need be with \fIGroupId\fR. .TP \fB\-H\fR \fIHomes\fR Identifies the parent directory of users home .TP directory. .TP \fB\-S\fR \fIShell\fR Unless a passwd entry is used as input, the user will be given this shell. .TP \fB\-p\fR \fIcryptpw\fR A default encrypted passwd. .TP \fB\-P\fR \fIclearpw\fR A clear text passwd that adduser will encrypt \- needs .TP perl(1). .TP \fB\-Q\fR \fIQUOTA_PROTOTYPE\fR Nominate the prototype quota entry. This will cause disk quotas to be enabled for new users. .TP \fB\-7\fR OS does NOT use plain v7 passwd file. adduser\&.sh knows how to handle systems like 4\&.4BSD and Solaris, othewise it assumes that vipw(8) will know what to do with a v7 format enty. This option signifies that that assumption is false. .TP \fB\-A\fR \fIPW_AGE\fR Enable passwd ageing (see below). .TP \fB\-l\fR List all the defaults. .PP Most options can be set on a per machine basis by creating a file \fB\&.adduserrc\fR in the super users home directory, /etc or in the directory where \fBadduser\&.sh\fR is found. If \fIHomes\fR/\&.adduserrc exists it will be processed after any others, so can be used to set defaults on a per project basis. If the directory \fIHomes\fR/default exists, its contents are replicated in the new users home directory. .TP Quotas: .PP Using a prototype quota, is the most painless way of initializing quotas. If the \fIQUOTA_PROTOTYPE\fR variable is set and the \fIEDQUOTA\fR command exists, we run: .nf \fIEDQUOTA\fR \fIEDQUOTA_OPTS\fR \-p \fIQUOTA_PROTOTYPE\fR \fIusername\fR .fi For each new users. Passwd Aging: Depending on the OS, password aging is enabled if \fIPW_AGE\fR is set. Usually \fByes\fR or \fBimmediate\fR does the trick, and the script will do the right thing. On Solaris the following variables can be used to control the various fields in the shadow file: .TP \fIPW_MIN\fR Min number of days between passwd changes. (default is empty). .TP \fIPW_MAX\fR Max number of days between passwd changes. (default is 365). .TP \fIPW_WARN\fR Number of days before passwd expiration that user is warned when they login. (default 14). .TP \fIPW_INACTIVE\fR Number of days inactivity that will cause account to be dissabled. (default empty). .TP \fIPW_EXPIRE\fR Fixed date at which account will expire (default empty). .SH NOTES .PP The script handles shadow password files on Solaris 2\&.x, other machines may break. It has been tested on NetBSD, SunOS, Solaris and HP-UX. .SH AUTHOR Simon J. Gerraty