.\" Copyright (c) 1995-1996 Wolfram Schneider <wosch@FreeBSD.org>. Berlin.
.\" All rights reserved.
-.\" Copyright (c) 2002 Michael Telahun Makonnen <makonnen@pacbell.net>
+.\" Copyright (c) 2002-2004 Michael Telahun Makonnen <mtm@FreeBSD.org>
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\"
.\" $FreeBSD$
.\"
-.Dd August 14, 2002
+.Dd September 15, 2012
.Dt ADDUSER 8
.Os
.Sh NAME
.Nd command for adding new users
.Sh SYNOPSIS
.Nm
-.Op Fl CENhq
+.Op Fl CDENShq
.Op Fl G Ar groups
.Op Fl L Ar login_class
+.Op Fl M Ar mode
.Op Fl d Ar partition
.Op Fl f Ar file
.Op Fl g Ar login_group
.Xr pw 8
will accept.
Generally this means it
-may contain only lowercase characters or digits.
+may contain only lowercase characters or digits but cannot begin with the
+.Ql -
+character.
Maximum length
is 16 characters.
The reasons for this limit are historical.
and recompile the
world; people have done this and it works, but you will have problems
with any precompiled programs, or source that assumes the 8-character
-name limit and NIS.
+name limit, such as NIS.
The NIS protocol mandates an 8-character username.
If you need a longer login name for e-mail addresses,
you can define an alias in
.Ql \&:
character is not allowed.
.It shell
-Only valid shells from the shell database
+Unless the
+.Fl S
+argument is supplied only valid shells from the shell database
.Pq Pa /etc/shells
are allowed.
-In
-addition, only the base name of the shell is necessary, not the full path.
+In addition,
+either the base name or the full path of the shell may be supplied.
.It UID
Automatically generated or your choice.
It must be less than 32000.
and create files in their home directory
without worrying about others being able to change them.
.Pp
-For a shared area you create a separate UID/GID (like cvs or ncvs on freefall),
-you place each person that should be able to access this area into that new
-group.
+For a shared area you create a separate UID/GID, you place each person
+that should be able to access this area into that new group.
.Pp
This model of UID/GID administration allows far greater flexibility than lumping
users into groups and having to muck with the umask when working in a shared
Home partition.
Default partition, under which all user directories
will be located.
+The
+.Pa /nonexistent
+partition is considered special.
+The
+.Nm
+script will not create and populate a home directory by that name.
+Otherwise,
+by default it attempts to create a home directory.
+.It Fl D
+Do not attempt to create the home directory.
.It Fl E
Disable the account.
This option will lock the account by prepending the string
The format
of the input file is described below.
.It Fl g Ar login_group
-Normaly,
+Normally,
if no login group is specified,
it is assumed to be the same as the username.
This option makes
.Ar login_group
the default.
.It Fl G Ar groups
-Additional groups.
+Space-separated list of additional groups.
This option allows the user to specify additional groups to add users to.
The user is a member of these groups in addition to their login group.
.It Fl h
file can reference the internal variables of the
.Nm
script.
+.It Fl M Ar mode
+Create the home directory with permissions set to
+.Ar mode .
.It Fl N
Do not read the default configuration file.
.It Fl q
Default shell for new users.
The
.Ar shell
-argument must be the base name of the shell,
-.Em not
-the full path.
-It must exist in
+argument may be the base name of the shell or the full path.
+Unless the
+.Fl S
+argument is supplied the shell must exist in
.Pa /etc/shells
or be the special shell
.Em nologin
to be considered a valid shell.
+.It Fl S
+The existence or validity of the specified shell will not be checked.
.It Fl u Ar uid
Use UIDs from
.Ar uid
Home directory.
If this field is left empty, it will be automatically
created by appending the username to the home partition.
+The
+.Pa /nonexistent
+home directory is considered special and
+is understood to mean that no home directory is to be
+created for the user.
.It Ar shell
Login shell.
-This field should contain the full path to a valid login shell.
+This field should contain either the base name or
+the full path to a valid login shell.
.It Ar password
User password.
This field should contain a plaintext string, which will
empty, its contents will be used
as a password.
This field will be ignored if the
-.Fl p
+.Fl w
option is used with a
.Cm no
or
.Sh SEE ALSO
.Xr chpass 1 ,
.Xr passwd 1 ,
+.Xr adduser.conf 5 ,
.Xr aliases 5 ,
.Xr group 5 ,
.Xr login.conf 5 ,
.Xr passwd 5 ,
.Xr shells 5 ,
+.Xr adding_user 8 ,
.Xr pw 8 ,
.Xr pwd_mkdb 8 ,
.Xr rmuser 8 ,
.Sh AUTHORS
.An -nosplit
This manual page and the original script, in Perl, was written by
-.An Wolfram Schneider Aq wosch@FreeBSD.org .
+.An Wolfram Schneider Aq Mt wosch@FreeBSD.org .
The replacement script, written as a Bourne
shell script with some enhancements, and the man page modification that
came with it were done by
-.An Mike Makonnen Aq mtm@identd.net .
+.An Mike Makonnen Aq Mt mtm@identd.net .
.Sh BUGS
In order for
.Nm
The
.Nm
utility attempts to mitigate the possibility of an attacker using this
-feature by refusing to evaluate the file if it is not owned and writeable
+feature by refusing to evaluate the file if it is not owned and writable
only by the root user.
In addition, shell special characters and operators will have to be
escaped when used in the message file.
.Pp
-Also, password ageing and account expiry times are currently setable
-only in batch mode.
+Also, password ageing and account expiry times are currently settable
+only in batch mode or when specified in
+.Pa /etc/adduser.conf .
The user should be able to set them in interactive mode as well.
git.ckatri.com / pw-darwin.git / blobdiff