1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
.\" Hey, Emacs! This is an -*- nroff -*- source file.
.\" Adduser and this manpage are copyright 1995 by Ted Hajek
.\"
.\" This is free software; see the GNU General Public Lisence version 2
.\" or later for copying conditions. There is NO warranty.
.TH "adduser.conf" 5 "Version VERSION" "Debian GNU/Linux"
.SH NAME
/etc/adduser.conf \- configuration file for
.B adduser(8)
and
.BR addgroup(8) .
.SH DESCRIPTION
The file
.I /etc/adduser.conf
contains defaults for the programs
.B adduser(8)
,
.B addgroup(8)
,
.B deluser(8)
and
.BR delgroup(8) .
Each line holds a single value pair in the form
.IR option " = " value .
Double or single quotes are allowed around the value, as is whitespace
around the equals sign. Comment lines must have a hash sign (#) in the
first column.
The valid configuration options are:
.TP
\fBDSHELL\fP
The login shell to be used for all new users. Defaults to
.IR /bin/bash .
.TP
\fBDHOME\fP
The directory in which new home directories should be created.
Defaults to
.IR /home .
.TP
\fBGROUPHOMES\fP
If this is set to
.IR yes ,
the home directories will be created as
.IR /home/[groupname]/user .
Defaults to
.IR no .
.TP
\fBLETTERHOMES\fP
If this is set to
.IR yes ,
then the home directories created will have an
extra directory inserted which is the first letter of the loginname.
For example:
.IR /home/u/user .
Defaults to
.IR no .
.TP
\fBSKEL\fP
The directory from which skeletal user configuration files should be
copied. Defaults to
.IR /etc/skel .
.TP
.BR FIRST_SYSTEM_UID " and " LAST_SYSTEM_UID
specify an inclusive range of UIDs from which system UIDs can be
dynamically allocated. Default to
.IR 100 " - " 999 .
Please note that system software, such as the users allocated by the base-passwd
package, may assume that UIDs less than 100 are unallocated.
.TP
.BR FIRST_UID " and " LAST_UID
specify an inclusive range of UIDs from which normal user's UIDs can
be dynamically allocated. Default to
.IR 1000 " - " 59999 .
.TP
.BR FIRST_SYSTEM_GID " and " LAST_SYSTEM_GID
specify an inclusive range of GIDs from which system GIDs can be dynamically allocated.
Default to
.IR 100 " - " 999.
.TP
.BR FIRST_GID " and " LAST_GID
specify an inclusive range of GIDs from which normal group's GIDs can
be dynamically allocated. Default to
.IR 1000 " - " 59999 .
.TP
\fBUSERGROUPS\fP
If this is set to
.IR yes ,
then each created user will be given their own group to use. If this
is
.IR no ,
then each created user will be placed in the group whose GID is
\fBUSERS_GID\fP (see below). The default is
.IR yes .
.TP
\fBUSERS_GID\fP
If \fBUSERGROUPS\fP is
.IR no ,
then \fBUSERS_GID\fP is the GID given to all newly-created users. The
default value is
.IR 100 .
.TP
\fBDIR_MODE\fP
If set to a valid value (e.g. 0755 or 755), directories created will have
the specified permissions as umask. Otherwise 0755 is used as default.
.TP
\fBSETGID_HOME\fP
If this is set to
.IR yes ,
then home directories for users with their own group (
.IR USERGROUPS=yes
) will have the setgid bit set. This was the default setting for adduser
versions << 3.13. Unfortunately it has some bad side effects, so we no
longer do this per default. If you want it nevertheless you can still
activate it here.
.TP
\fBQUOTAUSER\fP
If set to a nonempty value, new users will have quotas copied from
that user. The default is empty.
.TP
\fBNAME_REGEX\fB
User and group names are checked against this regular expression. If the name
doesn't match this regexp, user and group creation in adduser is refused unless
--force-badname is set. With --force-badname set, only weak checks are
performed. The default is the most conservative ^[a-z][-a-z0-9]*$.
.TP
\fBSKEL_IGNORE_REGEX\fB
Files in /etc/skel/ are checked against this regex, and not copied to
the newly created home directory if they match. This is by default set
to the regular expression matching files left over from unmerged config
files (dpkg-(old|new|dist)).
.TP
\fBADD_EXTRA_GROUPS\fB
Setting this to something other than 0 (the default) will cause adduser
to add newly created non-system users to the list of groups defined by
EXTRA_GROUPS (below).
.TP
\fBEXTRA_GROUPS\fB
This is the list of groups that new non-system users will be added to.
By default, this list is 'dialout cdrom floppy audio video plugdev users games'.
.SH NOTES
.TP
\fBVALID NAMES\fB
adduser and addgroup enforce conformity to IEEE Std 1003.1-2001, which allows only the following characters to appear in group and user names: letters, digits, underscores, periods, at signs (@) and dashes. The name may no start with a dash. The "$" sign is allowed at the end of usernames (to conform to samba).
An additional check can be adjusted via the configuration parameter NAME_REGEX to enforce a local policy.
.SH FILES
.I /etc/adduser.conf
.SH SEE ALSO
.BR addgroup (8),
.BR adduser (8),
.BR delgroup (8),
.BR deluser (8),
.BR deluser.conf (5)
|
