.\" $OpenBSD: adduser.8,v 1.6 1998/12/29 12:04:37 deraadt Exp $ .\" .\" Copyright (c) 1995-1996 Wolfram Schneider . Berlin. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $From: adduser.8,v 1.12 1996/08/28 17:54:13 adam Exp $ .Dd Jan, 9, 1995 .Dt ADDUSER 8 .Os OpenBSD .Sh NAME .Nm adduser .Nd command for adding new users .Sh SYNOPSIS .Nm adduser .Op Fl batch Ar username No [group[,group]...] [fullname] [password] .Op Fl check_only .Op Fl config_create .Op Fl dotdir Ar dotdir .Op Fl e | encrypt_method .Op Fl group Ar login_group .Op Fl h | help .Op Fl home Ar home .Op Fl message Ar message_file .Op Fl noconfig .Op Fl shell Ar shell .Op Fl s | silent | q | quiet .Op Fl uid_start Ar uid_start .Op Fl uid_end Ar uid_end .Op Fl v | verbose .Op Fl unencrypted .Sh DESCRIPTION .Nm adduser is a simple program for adding new users. .Nm adduser first performs consistency checks on the passwd, group, and shell databases. It creates passwd/group entries, a HOME directory, dotfiles for a new user, and sends him or her a welcome message at the discretion of the person creating the account. .Sh RESTRICTIONS .Bl -tag -width Ds .It Sy username Login names should contain only lowercase characters or digits. They should be no longer than 8 characters (see .Xr setlogin 2 BUGS section). .\" The reasons for this limit are "Historical". .\" Given that people have traditionally wanted to break this .\" limit for aesthetic reasons, it's never been of great importance to break .\" such a basic fundamental parameter in UNIX. .\" You can change UT_NAMESIZE in /usr/include/utmp.h and recompile the .\" world; people have done this and it works, but you will have problems .\" with any precompiled programs, or source that assumes the 8-character .\" name limit and NIS. The NIS protocol mandates an 8-character username. If you need a longer login name for e-mail addresses, you can define an alias in .Pa /etc/aliases . .It Sy fullname This should contain the user's firstname and surname. The .Dq \&: is not permitted. .It Sy shell Only valid entries from the .Xr shells 5 database or entries corresponding to .Xr sliplogin 8 and .Xr pppd 8 are permitted. .It Sy uid_start This value is the start of the range where free UID values are searched for. This value must be less than the value of uid_end. The default value is 1000 or as configured in the configuration file. .It Sy uid_end This value is the end of the range where free UID values are searched for. This value must be more than the value of uid_start. The default value is 32000 or as configured in the configuration file. .It Sy gid/login group This value is generated automatically, but can be specified at the discretion of the person invoking the program. .It Sy password If not empty, the password is encrypted according to .Xr passwd.conf 5 . If empty, the account will be automatically disabled to prevent spurious access to it. .El .\" .Sh UNIQUE GROUP .\" Perhaps you're missing what *can* be done with this scheme that falls apart .\" with most other schemes. With each user in his/her own group the user can .\" safely run with a umask of 002 and have files created in their home directory .\" and not worry about others being able to read them. .\" .\" For a shared area you create a separate uid/gid (like cvs or ncvs on freefall), .\" you place each person that should be able to access this area into that new .\" group. .\" .\" This model of uid/gid administration allows far greater flexibility than lumping .\" users into groups and having to muck with the umask when working in a shared .\" area. .\" .\" I have been using this model for almost 10 years and found that it works .\" for most situations, and has never gotten in the way. (Rod Grimes) .Sh CONFIGURATION .Nm adduser follows these steps to extract its configuration information: .Pp .Bl -tag -width Ds -compact .It Sy 1. Read internal variables. .It Sy 2. Read configuration file .Po Ns Pa /etc/adduser.conf .Pc . .It Sy 3. Parse command-line options. .El .Pp The adduser.conf format is explained within that file and is quite straightforward. .Sh OPTIONS .Bl -tag -width Ds .It Sy -batch username [group[,group]...] [fullname] [password] Enter batch mode in which multiple users are specified on the command-line in a compact format. By default the password is assumed to already be properly encrypted. .It Sy -check_only Check the passwd, group, and shells databases for consistency and problems then exit without performing any other operation. .It Sy -create_config Create or edit default configuration information and message file before proceeding with the normal interactive adduser procedure. .It Sy -dotdir Ar directory Copy files from .Ar directory into the HOME directory of new users. Files named in the fashion of .Dq Pa dot.foo will be renamed to .Dq Pa .foo . By default, all files are made writable and readable by their owner. .\" don't allow group or world to write files and allow only owner .\" to read/execute/write .rhost, .Xauthority, .kermrc, .netrc, Mail, .\" prv, iscreen, term. .It Sy -encrypt,-e Ar method Encrypt local passwords using .Ar method of encryption as described in .Xr passwd.conf 5 . .It Sy -group Ar login_group Specify the default login group. A value of .Ar USER means that the username is to be used as the login group. .It Sy -help,-h,-? Print a summary of options and exit. .It Sy -home Ar partition Specify the default home partition where all users' home directories are to be located. .It Sy -message Ar file Send new users a welcome message from .Ar file . Specifying a value of .Dq no for .Ar file causes no message to be sent to new users. .It Sy -noconfig Do not read the default configuration file. .It Sy -shell Ar shell Specify the default shell for new users. .It Sy -silent,-s,-quiet,-q Causes the program to print fewer warnings, questions, and bug reports. .It Sy -uid Ar uid Use UIDs from .Ar uid up when automatically generating UIDs. .It Sy -unencrypted Causes the program to assume that the password given in batch mode is unencrypted. The password will be encrypted before it's added to the password file. Use of this option will leave username and cleartext password displayable for any user. .It Sy -verbose,-v Causes the program to print many warnings and questions. This option is recommended for novice users. .\" .Sh FORMAT .\" .Bl -tag -width Ds -compact .\" .Ql Pa # .\" is a comment. .\" .P .\" .It Sy config file .\" .Nm adduser .\" reads and writes this file. .\" See /etc/adduser.conf for more details. .\" .It Sy message file .\" Eval variables in this file. See /etc/adduser.message for more .\" details. .\" .El .Sh EXAMPLES $ adduser .Pp Start .Nm adduser in interactive mode. .Pp $ adduser -unencrypted -batch falken guest,staff,beer 'Prof. Falken' joshua .Pp Create user .Dq falken and login group .Dq falken . Invite user .Dq falken into groups .Dq guest , .Dq staff , and .Dq beer . Realname (fullname) is .Dq Prof. Falken . Password is .Dq joshua (don't use such a password!). Create the HOME directory .Pa /home/falken and copy all files and directories from .Pa /usr/share/skel to .Pa /home/falken . Send user falken a welcome message. .Pp $ adduser -uid_start 5000 -group guest -message no -batch vehlefanz .Pp Create user .Dq vehlefanz in login group .Dq guest . Start the free UID search at 5000. No other groups, no realname, no password. Do not send a welcome message. .Sh FILES .Bl -tag -width /etc/master.passwdxx -compact .It Pa /etc/master.passwd user database .It Pa /etc/group group database .It Pa /etc/shells shell database .It Pa /etc/adduser.conf config file for adduser .It Pa /etc/adduser.message message file for adduser .It Pa /usr/share/skel skeletal login directory .It Pa /var/log/adduser logfile for adduser .El .Sh SEE ALSO .Xr chpass 1 , .Xr finger 1 , .Xr passwd 1 , .Xr setlogin 2 , .Xr aliases 5 , .Xr group 5 , .Xr passwd 5 , .Xr passwd.conf 5 , .Xr shells 5 , .Xr adduser_proc 8 , .Xr pwd_mkdb 8 , .Xr vipw 8 , .Xr yp 8 .\" .Sh BUGS .Sh HISTORY This .Nm program appeared in FreeBSD 2.1.