diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 12:50:00 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 12:50:00 +0000 |
commit | 333f7ecfa3e040191c66b2b92f6c117ca2cbac1d (patch) | |
tree | 178a8f140927896970f47930dae9213161268f10 /man/zh_CN | |
parent | Initial commit. (diff) | |
download | shadow-333f7ecfa3e040191c66b2b92f6c117ca2cbac1d.tar.xz shadow-333f7ecfa3e040191c66b2b92f6c117ca2cbac1d.zip |
Adding upstream version 1:4.8.1.upstream/1%4.8.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man/zh_CN')
48 files changed, 10110 insertions, 0 deletions
diff --git a/man/zh_CN/Makefile.am b/man/zh_CN/Makefile.am new file mode 100644 index 0000000..e9d8f2c --- /dev/null +++ b/man/zh_CN/Makefile.am @@ -0,0 +1,66 @@ + +mandir = @mandir@/zh_CN + +man_MANS = \ + man1/chage.1 \ + man1/chfn.1 \ + man8/chgpasswd.8 \ + man8/chpasswd.8 \ + man1/chsh.1 \ + man1/expiry.1 \ + man5/faillog.5 \ + man8/faillog.8 \ + man3/getspnam.3 \ + man1/gpasswd.1 \ + man8/groupadd.8 \ + man8/groupdel.8 \ + man8/groupmems.8 \ + man8/groupmod.8 \ + man1/groups.1 \ + man8/grpck.8 \ + man8/grpconv.8 \ + man8/grpunconv.8 \ + man5/gshadow.5 \ + man8/lastlog.8 \ + man1/login.1 \ + man5/login.defs.5 \ + man8/logoutd.8 \ + man1/newgrp.1 \ + man8/newusers.8 \ + man8/nologin.8 \ + man1/passwd.1 \ + man5/passwd.5 \ + man8/pwck.8 \ + man8/pwconv.8 \ + man8/pwunconv.8 \ + man1/sg.1 \ + man3/shadow.3 \ + man5/shadow.5 \ + man1/su.1 \ + man5/suauth.5 \ + man8/useradd.8 \ + man8/userdel.8 \ + man8/usermod.8 \ + man8/vigr.8 \ + man8/vipw.8 + +man_nopam = \ + man5/limits.5 \ + man5/login.access.5 \ + man5/porttime.5 + +if !USE_PAM +man_MANS += $(man_nopam) +endif + +EXTRA_DIST = \ + $(man_MANS) \ + man1/id.1 \ + man8/sulogin.8 + +if USE_PAM +EXTRA_DIST += $(man_nopam) +endif + +include ../generate_translations.mak + diff --git a/man/zh_CN/Makefile.in b/man/zh_CN/Makefile.in new file mode 100644 index 0000000..432a593 --- /dev/null +++ b/man/zh_CN/Makefile.in @@ -0,0 +1,773 @@ +# Makefile.in generated by automake 1.16.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2018 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ +VPATH = @srcdir@ +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +@USE_PAM_FALSE@am__append_1 = $(man_nopam) +@USE_PAM_TRUE@am__append_2 = $(man_nopam) +subdir = man/zh_CN +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +SOURCES = +DIST_SOURCES = +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +man1dir = $(mandir)/man1 +am__installdirs = "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" \ + "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" +man3dir = $(mandir)/man3 +man5dir = $(mandir)/man5 +man8dir = $(mandir)/man8 +NROFF = nroff +MANS = $(man_MANS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +am__DIST_COMMON = $(srcdir)/../generate_mans.mak \ + $(srcdir)/../generate_translations.mak $(srcdir)/Makefile.in +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +ECONF_CPPFLAGS = @ECONF_CPPFLAGS@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ +GMSGFMT = @GMSGFMT@ +GMSGFMT_015 = @GMSGFMT_015@ +GREP = @GREP@ +GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +INTLLIBS = @INTLLIBS@ +INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBACL = @LIBACL@ +LIBATTR = @LIBATTR@ +LIBAUDIT = @LIBAUDIT@ +LIBCRACK = @LIBCRACK@ +LIBCRYPT = @LIBCRYPT@ +LIBECONF = @LIBECONF@ +LIBICONV = @LIBICONV@ +LIBINTL = @LIBINTL@ +LIBMD = @LIBMD@ +LIBOBJS = @LIBOBJS@ +LIBPAM = @LIBPAM@ +LIBS = @LIBS@ +LIBSELINUX = @LIBSELINUX@ +LIBSEMANAGE = @LIBSEMANAGE@ +LIBSKEY = @LIBSKEY@ +LIBTCB = @LIBTCB@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBICONV = @LTLIBICONV@ +LTLIBINTL = @LTLIBINTL@ +LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ +MAINT = @MAINT@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MSGFMT = @MSGFMT@ +MSGFMT_015 = @MSGFMT_015@ +MSGMERGE = @MSGMERGE@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +POSUB = @POSUB@ +RANLIB = @RANLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +USE_NLS = @USE_NLS@ +VENDORDIR = @VENDORDIR@ +VERSION = @VERSION@ +XGETTEXT = @XGETTEXT@ +XGETTEXT_015 = @XGETTEXT_015@ +XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ +XMLCATALOG = @XMLCATALOG@ +XML_CATALOG_FILE = @XML_CATALOG_FILE@ +XSLTPROC = @XSLTPROC@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +capcmd = @capcmd@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@/zh_CN +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +runstatedir = @runstatedir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +man_MANS = man1/chage.1 man1/chfn.1 man8/chgpasswd.8 man8/chpasswd.8 \ + man1/chsh.1 man1/expiry.1 man5/faillog.5 man8/faillog.8 \ + man3/getspnam.3 man1/gpasswd.1 man8/groupadd.8 man8/groupdel.8 \ + man8/groupmems.8 man8/groupmod.8 man1/groups.1 man8/grpck.8 \ + man8/grpconv.8 man8/grpunconv.8 man5/gshadow.5 man8/lastlog.8 \ + man1/login.1 man5/login.defs.5 man8/logoutd.8 man1/newgrp.1 \ + man8/newusers.8 man8/nologin.8 man1/passwd.1 man5/passwd.5 \ + man8/pwck.8 man8/pwconv.8 man8/pwunconv.8 man1/sg.1 \ + man3/shadow.3 man5/shadow.5 man1/su.1 man5/suauth.5 \ + man8/useradd.8 man8/userdel.8 man8/usermod.8 man8/vigr.8 \ + man8/vipw.8 $(am__append_1) +man_nopam = \ + man5/limits.5 \ + man5/login.access.5 \ + man5/porttime.5 + +EXTRA_DIST = $(man_MANS) man1/id.1 man8/sulogin.8 $(am__append_2) +LANG = $(notdir $(CURDIR)) +@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_FALSE@PAM_COND = no_pam +@ENABLE_REGENERATE_MAN_TRUE@@USE_PAM_TRUE@PAM_COND = pam +@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_FALSE@SHADOWGRP_COND = no_gshadow +@ENABLE_REGENERATE_MAN_TRUE@@SHADOWGRP_TRUE@SHADOWGRP_COND = gshadow +@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_FALSE@TCB_COND = no_tcb +@ENABLE_REGENERATE_MAN_TRUE@@WITH_TCB_TRUE@TCB_COND = tcb +@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_FALSE@SHA_CRYPT_COND = no_sha_crypt +@ENABLE_REGENERATE_MAN_TRUE@@USE_SHA_CRYPT_TRUE@SHA_CRYPT_COND = sha_crypt +@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_FALSE@SUBIDS_COND = no_subids +@ENABLE_REGENERATE_MAN_TRUE@@ENABLE_SUBIDS_TRUE@SUBIDS_COND = subids +CLEANFILES = messages.mo login.defs.d $(EXTRA_DIST) $(addsuffix .xml,$(EXTRA_DIST)) config.xml +all: all-am + +.SUFFIXES: +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign man/zh_CN/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign man/zh_CN/Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ + esac; +$(srcdir)/../generate_translations.mak $(srcdir)/../generate_mans.mak $(am__empty): + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man1: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man1dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.1[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ + done; } + +uninstall-man1: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man1dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.1[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) +install-man3: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man3dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man3dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man3dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.3[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man3dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man3dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man3dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man3dir)" || exit $$?; }; \ + done; } + +uninstall-man3: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man3dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.3[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^3][0-9a-z]*$$,3,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man3dir)'; $(am__uninstall_files_from_dir) +install-man5: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man5dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.5[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ + done; } + +uninstall-man5: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man5dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.5[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) +install-man8: $(man_MANS) + @$(NORMAL_INSTALL) + @list1=''; \ + list2='$(man_MANS)'; \ + test -n "$(man8dir)" \ + && test -n "`echo $$list1$$list2`" \ + || exit 0; \ + echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ + { for i in $$list1; do echo "$$i"; done; \ + if test -n "$$list2"; then \ + for i in $$list2; do echo "$$i"; done \ + | sed -n '/\.8[a-z]*$$/p'; \ + fi; \ + } | while read p; do \ + if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; echo "$$p"; \ + done | \ + sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ + sed 'N;N;s,\n, ,g' | { \ + list=; while read file base inst; do \ + if test "$$base" = "$$inst"; then list="$$list $$file"; else \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ + fi; \ + done; \ + for i in $$list; do echo "$$i"; done | $(am__base_list) | \ + while read files; do \ + test -z "$$files" || { \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ + done; } + +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list=''; test -n "$(man8dir)" || exit 0; \ + files=`{ for i in $$list; do echo "$$i"; done; \ + l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + sed -n '/\.8[a-z]*$$/p'; \ + } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ + -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ + dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) +tags TAGS: + +ctags CTAGS: + +cscope cscopelist: + + +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(MANS) +installdirs: + for dir in "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(man3dir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +@ENABLE_REGENERATE_MAN_FALSE@clean-local: +clean: clean-am + +clean-am: clean-generic clean-libtool clean-local mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-man + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: install-man1 install-man3 install-man5 install-man8 + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-man + +uninstall-man: uninstall-man1 uninstall-man3 uninstall-man5 \ + uninstall-man8 + +.MAKE: install-am install-strip + +.PHONY: all all-am check check-am clean clean-generic clean-libtool \ + clean-local cscopelist-am ctags-am distclean distclean-generic \ + distclean-libtool distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-man1 install-man3 install-man5 install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-strip installcheck installcheck-am installdirs \ + maintainer-clean maintainer-clean-generic mostlyclean \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags-am uninstall uninstall-am uninstall-man uninstall-man1 \ + uninstall-man3 uninstall-man5 uninstall-man8 + +.PRECIOUS: Makefile + + +@ENABLE_REGENERATE_MAN_TRUE@config.xml: ../config.xml.in +@ENABLE_REGENERATE_MAN_TRUE@ $(MAKE) -C .. config.xml +@ENABLE_REGENERATE_MAN_TRUE@ cp ../config.xml $@ + +@ENABLE_REGENERATE_MAN_TRUE@messages.mo: ../po/$(LANG).po +@ENABLE_REGENERATE_MAN_TRUE@ msgfmt ../po/$(LANG).po -o messages.mo + +@ENABLE_REGENERATE_MAN_TRUE@login.defs.d: +@ENABLE_REGENERATE_MAN_TRUE@ ln -sf ../login.defs.d login.defs.d + +@ENABLE_REGENERATE_MAN_TRUE@%.xml: ../%.xml messages.mo login.defs.d +@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $< ; then \ +@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \ +@ENABLE_REGENERATE_MAN_TRUE@ else \ +@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \ +@ENABLE_REGENERATE_MAN_TRUE@ fi +@ENABLE_REGENERATE_MAN_TRUE@ itstool -d -l $(LANG) -m messages.mo -o . $@ +@ENABLE_REGENERATE_MAN_TRUE@ sed -i 's:\(^<refentry .*\)>:\1 lang="$(LANG)">:' $@ + +@ENABLE_REGENERATE_MAN_TRUE@%.xml-config: %.xml +@ENABLE_REGENERATE_MAN_TRUE@ if grep -q SHADOW-CONFIG-HERE $<; then \ +@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^<!-- SHADOW-CONFIG-HERE -->/<!ENTITY % config SYSTEM "config.xml">%config;/' $< > $@; \ +@ENABLE_REGENERATE_MAN_TRUE@ else \ +@ENABLE_REGENERATE_MAN_TRUE@ sed -e 's/^\(<!DOCTYPE .*docbookx.dtd"\)>/\1 [<!ENTITY % config SYSTEM "config.xml">%config;]>/' $< > $@; \ +@ENABLE_REGENERATE_MAN_TRUE@ fi + +@ENABLE_REGENERATE_MAN_TRUE@man1/% man3/% man5/% man8/%: %.xml-config Makefile config.xml +@ENABLE_REGENERATE_MAN_TRUE@ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(TCB_COND);$(SHA_CRYPT_COND);$(SUBIDS_COND)" \ +@ENABLE_REGENERATE_MAN_TRUE@ --param "man.authors.section.enabled" "0" \ +@ENABLE_REGENERATE_MAN_TRUE@ --stringparam "man.output.base.dir" "" \ +@ENABLE_REGENERATE_MAN_TRUE@ --param "man.output.in.separate.dir" "1" \ +@ENABLE_REGENERATE_MAN_TRUE@ -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< + +@ENABLE_REGENERATE_MAN_TRUE@clean-local: +@ENABLE_REGENERATE_MAN_TRUE@ rm -rf man1 man3 man5 man8 + +#$(man_MANS): +# @echo you need to run configure with --enable-man to generate man pages + +@ENABLE_REGENERATE_MAN_TRUE@man8/grpconv.8 man8/grpunconv.8 man8/pwunconv.8: man8/pwconv.8 + +@ENABLE_REGENERATE_MAN_TRUE@man3/getspnam.3: man3/shadow.3 + +@ENABLE_REGENERATE_MAN_TRUE@man8/vigr.8: man8/vipw.8 + +@ENABLE_REGENERATE_MAN_FALSE@$(man_MANS): +@ENABLE_REGENERATE_MAN_FALSE@ @echo you need to run configure with --enable-man to generate man pages + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/man/zh_CN/man1/chage.1 b/man/zh_CN/man1/chage.1 new file mode 100644 index 0000000..0eae23d --- /dev/null +++ b/man/zh_CN/man1/chage.1 @@ -0,0 +1,189 @@ +'\" t +.\" Title: chage +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHAGE" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chage \- 更改用户密码过期信息 +.SH "大纲" +.HP \w'\fBchage\fR\ 'u +\fBchage\fR [\fI选项\fR] \fI登录\fR +.SH "描述" +.PP +The +\fBchage\fR +command changes the number of days between password changes and the date of the last password change\&. This information is used by the system to determine when a user must change their password\&. +.SH "选项" +.PP +The options which apply to the +\fBchage\fR +command are: +.PP +\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILAST_DAY\fR +.RS 4 +Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. +.RE +.PP +\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +Set the date or number of days since January 1, 1970 on which the user\*(Aqs account will no longer be accessible\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. +.sp +Passing the number +\fI\-1\fR +as the +\fIEXPIRE_DATE\fR +will remove an account expiration date\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-i\fR, \fB\-\-iso8601\fR +.RS 4 +When printing dates, use YYYY\-MM\-DD format\&. +.RE +.PP +\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +Set the number of days of inactivity after a password has expired before the account is locked\&. The +\fIINACTIVE\fR +option is the number of days of inactivity\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. +.sp +Passing the number +\fI\-1\fR +as the +\fIINACTIVE\fR +will remove an account\*(Aqs inactivity\&. +.RE +.PP +\fB\-l\fR, \fB\-\-list\fR +.RS 4 +现实账户年龄信息。 +.RE +.PP +\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR +.RS 4 +Set the minimum number of days between password changes to +\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change their password at any time\&. +.RE +.PP +\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR +.RS 4 +Set the maximum number of days during which a password is valid\&. When +\fIMAX_DAYS\fR +plus +\fILAST_DAY\fR +is less than the current day, the user will be required to change their password before being able to use their account\&. This occurrence can be planned for in advance by use of the +\fB\-W\fR +option, which provides the user with advance warning\&. +.sp +Passing the number +\fI\-1\fR +as +\fIMAX_DAYS\fR +will remove checking a password\*(Aqs validity\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR +.RS 4 +Set the number of days of warning before a password change is required\&. The +\fIWARN_DAYS\fR +option is the number of days prior to the password expiring that a user will be warned their password is about to expire\&. +.RE +.PP +If none of the options are selected, +\fBchage\fR +operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of +\fI[ ]\fR +marks\&. +.SH "注意" +.PP +The +\fBchage\fR +program requires a shadow password file to be available\&. +.PP +The +\fBchage\fR +command is restricted to the root user, except for the +\fB\-l\fR +option, which may be used by an unprivileged user to determine when their password or account is due to expire\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBchage\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +permission denied +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI15\fR +.RS 4 +can\*(Aqt find the shadow password file +.RE +.SH "参见" +.PP +\fBpasswd\fR(5), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/chfn.1 b/man/zh_CN/man1/chfn.1 new file mode 100644 index 0000000..c0a2f2e --- /dev/null +++ b/man/zh_CN/man1/chfn.1 @@ -0,0 +1,163 @@ +'\" t +.\" Title: chfn +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHFN" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chfn \- 更改真名和信息 +.SH "大纲" +.HP \w'\fBchfn\fR\ 'u +\fBchfn\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBchfn\fR +command changes user fullname, office room number, office phone number, and home phone number information for a user\*(Aqs account\&. This information is typically printed by +\fBfinger\fR(1) +and similar programs\&. A normal user may only change the fields for her own account, subject to the restrictions in +/etc/login\&.defs\&. (The default configuration is to prevent users from changing their fullname\&.) The superuser may change any field for any account\&. Additionally, only the superuser may use the +\fB\-o\fR +option to change the undefined portions of the GECOS field\&. +.PP +These fields must not contain any colons\&. Except for the +\fIother\fR +field, they should not contain any comma or equal sign\&. It is also recommended to avoid non\-US\-ASCII characters, but this is only enforced for the phone numbers\&. The +\fIother\fR +field is used to store accounting information used by other applications\&. +.SH "选项" +.PP +The options which apply to the +\fBchfn\fR +command are: +.PP +\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIFULL_NAME\fR +.RS 4 +更改用户的全名 +.RE +.PP +\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIHOME_PHONE\fR +.RS 4 +Change the user\*(Aqs home phone number\&. +.RE +.PP +\fB\-o\fR, \fB\-\-other\fR\ \&\fIOTHER\fR +.RS 4 +Change the user\*(Aqs other GECOS information\&. This field is used to store accounting information used by other applications, and can be changed only by a superuser\&. +.RE +.PP +\fB\-r\fR, \fB\-\-room\fR\ \&\fIROOM_NUMBER\fR +.RS 4 +Change the user\*(Aqs room number\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-u\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIWORK_PHONE\fR +.RS 4 +Change the user\*(Aqs office phone number\&. +.RE +.PP +If none of the options are selected, +\fBchfn\fR +operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of +\fB[ ]\fR +marks\&. Without options, +\fBchfn\fR +prompts for the current user account\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCHFN_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchfn\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBCHFN_RESTRICT\fR (string) +.RS 4 +This parameter specifies which values in the +\fIgecos\fR +field of the +/etc/passwd +file may be changed by regular users using the +\fBchfn\fR +program\&. It can be any combination of letters +\fIf\fR, +\fIr\fR, +\fIw\fR, +\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, +\fIyes\fR +is equivalent to +\fIrwh\fR +and +\fIno\fR +is equivalent to +\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing +\fBchfn\fR +SUID\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.SH "文件" +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "参见" +.PP +\fBchsh\fR(1), +\fBlogin.defs\fR(5), +\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/chsh.1 b/man/zh_CN/man1/chsh.1 new file mode 100644 index 0000000..e9147a7 --- /dev/null +++ b/man/zh_CN/man1/chsh.1 @@ -0,0 +1,121 @@ +'\" t +.\" Title: chsh +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHSH" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chsh \- 更改登录 shell +.SH "大纲" +.HP \w'\fBchsh\fR\ 'u +\fBchsh\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBchsh\fR +command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. +.SH "选项" +.PP +The options which apply to the +\fBchsh\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +用户的新登录 shell 的名称。将此字段设置为空会让系统选择默认的登录 shell。 +.RE +.PP +If the +\fB\-s\fR +option is not selected, +\fBchsh\fR +operates in an interactive fashion, prompting the user with the current login shell\&. Enter the new value to change the shell, or leave the line blank to use the current one\&. The current shell is displayed between a pair of +\fI[ ]\fR +marks\&. +.SH "注意" +.PP +The only restriction placed on the login shell is that the command name must be listed in +/etc/shells, unless the invoker is the superuser, and then any value may be added\&. An account with a restricted login shell may not change her login shell\&. For this reason, placing +/bin/rsh +in +/etc/shells +is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCHSH_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchsh\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shells +.RS 4 +可用的登录 shell 的列表。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBlogin.defs\fR(5), +\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/expiry.1 b/man/zh_CN/man1/expiry.1 new file mode 100644 index 0000000..afd3255 --- /dev/null +++ b/man/zh_CN/man1/expiry.1 @@ -0,0 +1,74 @@ +'\" t +.\" Title: expiry +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "EXPIRY" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +expiry \- check and enforce password expiration policy +.SH "大纲" +.HP \w'\fBexpiry\fR\ 'u +\fBexpiry\fR \fI选项\fR +.SH "描述" +.PP +The +\fBexpiry\fR +command checks (\fB\-c\fR) the current password expiration and forces (\fB\-f\fR) changes when required\&. It is callable as a normal user command\&. +.SH "选项" +.PP +The options which apply to the +\fBexpiry\fR +command are: +.PP +\fB\-c\fR, \fB\-\-check\fR +.RS 4 +Check the password expiration of the current user\&. +.RE +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +如果用户密码过期,则强制用户修改密码。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBpasswd\fR(5), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/gpasswd.1 b/man/zh_CN/man1/gpasswd.1 new file mode 100644 index 0000000..3b4f351 --- /dev/null +++ b/man/zh_CN/man1/gpasswd.1 @@ -0,0 +1,232 @@ +'\" t +.\" Title: gpasswd +.\" Author: Rafal Maszkowski +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GPASSWD" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +gpasswd \- administer /etc/group and /etc/gshadow +.SH "大纲" +.HP \w'\fBgpasswd\fR\ 'u +\fBgpasswd\fR [\fI选项\fR] \fIgroup\fR +.SH "描述" +.PP +The +\fBgpasswd\fR +command is used to administer +/etc/group, and /etc/gshadow\&. Every group can have +administrators, +members and a password\&. +.PP +System administrators can use the +\fB\-A\fR +option to define group administrator(s) and the +\fB\-M\fR +option to define members\&. They have all rights of group administrators and members\&. +.PP +\fBgpasswd\fR +called by +a group administrator +with a group name only prompts for the new password of the +\fIgroup\fR\&. +.PP +If a password is set the members can still use +\fBnewgrp\fR(1) +without a password, and non\-members must supply the password\&. +.SS "请注意组密码" +.PP +Group passwords are an inherent security problem since more than one person is permitted to know the password\&. However, groups are a useful tool for permitting co\-operation between different users\&. +.SH "选项" +.PP +Except for the +\fB\-A\fR +and +\fB\-M\fR +options, the options cannot be combined\&. +.PP +The options which apply to the +\fBgpasswd\fR +command are: +.PP +\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser\fR +.RS 4 +Add the +\fIuser\fR +to the named +\fIgroup\fR\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser\fR +.RS 4 +Remove the +\fIuser\fR +from the named +\fIgroup\fR\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-r\fR, \fB\-\-remove\-password\fR +.RS 4 +Remove the password from the named +\fIgroup\fR\&. The group password will be empty\&. Only group members will be allowed to use +\fBnewgrp\fR +to join the named +\fIgroup\fR\&. +.RE +.PP +\fB\-R\fR, \fB\-\-restrict\fR +.RS 4 +Restrict the access to the named +\fIgroup\fR\&. The group password is set to "!"\&. Only group members with a password will be allowed to use +\fBnewgrp\fR +to join the named +\fIgroup\fR\&. +.RE +.PP +\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIuser\fR,\&.\&.\&. +.RS 4 +设置有管理权限的用户列表。 +.RE +.PP +\fB\-M\fR, \fB\-\-members\fR\ \&\fIuser\fR,\&.\&.\&. +.RS 4 +设置组成员列表。 +.RE +.SH "CAVEATS" +.PP +This tool only operates on the +/etc/group +and /etc/gshadow files\&. +Thus you cannot change any NIS or LDAP group\&. This must be performed on the corresponding server\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBnewgrp\fR(1), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBgrpck\fR(8), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/groups.1 b/man/zh_CN/man1/groups.1 new file mode 100644 index 0000000..4b7982a --- /dev/null +++ b/man/zh_CN/man1/groups.1 @@ -0,0 +1,64 @@ +'\" t +.\" Title: groups +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPS" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groups \- 现实当前组名 +.SH "大纲" +.HP \w'\fBgroups\fR\ 'u +\fBgroups\fR [\fI用户\fR] +.SH "描述" +.PP +The +\fBgroups\fR +command displays the current group names or ID values\&. If the value does not have a corresponding entry in +/etc/group, the value will be displayed as the numerical group value\&. The optional +\fIuser\fR +parameter will display the groups for the named +\fIuser\fR\&. +.SH "注意" +.PP +Systems which do not support concurrent group sets will have the information from +/etc/group +reported\&. The user must use +\fBnewgrp\fR +or +\fBsg\fR +to change his current real and effective group ID\&. +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.SH "参见" +.PP +\fBnewgrp\fR(1), +\fBgetgid\fR(2), +\fBgetgroups\fR(2), +\fBgetuid\fR(2)\&. diff --git a/man/zh_CN/man1/id.1 b/man/zh_CN/man1/id.1 new file mode 100644 index 0000000..637c0d5 --- /dev/null +++ b/man/zh_CN/man1/id.1 @@ -0,0 +1,60 @@ +'\" t +.\" Title: id +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "ID" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +id \- display current user and group ID names +.SH "大纲" +.HP \w'\fBid\fR\ 'u +\fBid\fR [\-a] +.SH "描述" +.PP +The +\fBid\fR +command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in +/etc/passwd +or +/etc/group, the value will be displayed without the corresponding name\&. The optional +\fB\-a\fR +flag will display the group set on systems which support multiple concurrent group membership\&. +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "参见" +.PP +\fBgetgid\fR(2), +\fBgetgroups\fR(2), +\fBgetuid\fR(2) diff --git a/man/zh_CN/man1/login.1 b/man/zh_CN/man1/login.1 new file mode 100644 index 0000000..7ecfde7 --- /dev/null +++ b/man/zh_CN/man1/login.1 @@ -0,0 +1,487 @@ +'\" t +.\" Title: login +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGIN" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +login \- 在系统上启动回话 +.SH "大纲" +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] [\-h\ \fIhost\fR] [\fI用户名\fR] [\fIENV=VAR\fR...] +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] [\-h\ \fIhost\fR] \-f \fI用户名\fR +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] \-r\ \fIhost\fR +.SH "描述" +.PP +The +\fBlogin\fR +program is used to establish a new session with the system\&. It is normally invoked automatically by responding to the +\fIlogin:\fR +prompt on the user\*(Aqs terminal\&. +\fBlogin\fR +may be special to the shell and may not be invoked as a sub\-process\&. When called from a shell, +\fBlogin\fR +should be executed as +\fBexec login\fR +which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller)\&. Attempting to execute +\fBlogin\fR +from any shell but the login shell will produce an error message\&. +.PP +The user is then prompted for a password, where appropriate\&. Echoing is disabled to prevent revealing the password\&. Only a small number of password failures are permitted before +\fBlogin\fR +exits and the communications link is severed\&. +.PP +If password aging has been enabled for your account, you may be prompted for a new password before proceeding\&. You will be forced to provide your old password and the new password before continuing\&. Please refer to +\fBpasswd\fR(1) +for more information\&. +.PP +After a successful login, you will be informed of any system messages and the presence of mail\&. You may turn off the printing of the system message file, +/etc/motd, by creating a zero\-length file +\&.hushlogin +in your login directory\&. The mail message will be one of "\fIYou have new mail\&.\fR", "\fIYou have mail\&.\fR", or "\fINo Mail\&.\fR" according to the condition of your mailbox\&. +.PP +Your user and group ID will be set according to their values in the +/etc/passwd +file\&. The value for +\fB$HOME\fR, +\fB$SHELL\fR, +\fB$PATH\fR, +\fB$LOGNAME\fR, and +\fB$MAIL\fR +are set according to the appropriate fields in the password entry\&. Ulimit, umask and nice values may also be set according to entries in the GECOS field\&. +.PP +On some installations, the environmental variable +\fB$TERM\fR +will be initialized to the terminal type on your tty line, as specified in +/etc/ttytype\&. +.PP +命令解释器的初始化脚本也可能执行。请参考手册中相应的章节来获取关于此功能的更多信息。 +.PP +在登录 shell 中以第一个字符是\(lq*\(rq标注的是子系统登录。给定的主目录将被用于用户实际登录的新文件系统的根。 +.PP +The +\fBlogin\fR +program is NOT responsible for removing users from the utmp file\&. It is the responsibility of +\fBgetty\fR(8) +and +\fBinit\fR(8) +to clean up apparent ownership of a terminal session\&. If you use +\fBlogin\fR +from the shell prompt without +\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. +.SH "选项" +.PP +\fB\-f\fR +.RS 4 +不要执行认证,用户已经预认证过。 +.sp +Note: In that case, +\fIusername\fR +is mandatory\&. +.RE +.PP +\fB\-h\fR +.RS 4 +此登录的远程主机名。 +.RE +.PP +\fB\-p\fR +.RS 4 +保留环境。 +.RE +.PP +\fB\-r\fR +.RS 4 +为 rlogin (远程登录)执行 autologin (自动登录)协议。 +.RE +.PP +The +\fB\-r\fR, +\fB\-h\fR +and +\fB\-f\fR +options are only used when +\fBlogin\fR +is invoked by root\&. +.SH "CAVEATS" +.PP +This version of +\fBlogin\fR +has many compilation options, only some of which may be in use at any particular site\&. +.PP +文件的位置由系统配置决定。 +.PP +The +\fBlogin\fR +program is NOT responsible for removing users from the utmp file\&. It is the responsibility of +\fBgetty\fR(8) +and +\fBinit\fR(8) +to clean up apparent ownership of a terminal session\&. If you use +\fBlogin\fR +from the shell prompt without +\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. +.PP +As with any program, +\fBlogin\fR\*(Aqs appearance can be faked\&. If non\-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine\&. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCONSOLE\fR (string) +.RS 4 +如果定义了,或者是包含设备名(没行一个)的文件的完整路径名,或者是\(lq:\(rq分隔的设备名列表。将只会在这写设备上允许 root 登录。 +.sp +如果没有定义,可以在任何设备上使用 root。 +.sp +指定的设备时不带 /dev/ 前缀。 +.RE +.PP +\fBCONSOLE_GROUPS\fR (string) +.RS 4 +List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. + +Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. +.RE +.PP +\fBDEFAULT_HOME\fR (boolean) +.RS 4 +如果不能 cd 到主目录时,说明是否允许登录。默认是否。 +.sp +If set to +\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. +.RE +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENV_PATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example +\fI/bin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/bin:/usr/bin\fR\&. +.RE +.PP +\fBENV_SUPATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example +\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.PP +\fBENVIRON_FILE\fR (string) +.RS 4 +如果此文件存在,并且可读,将会从中读取登录环境。所有行都必须是 name=value 的格式。 +.sp +以 # 开头的行将视为注释,并被忽略。 +.RE +.PP +\fBERASECHAR\fR (number) +.RS 4 +Terminal ERASE character (\fI010\fR += backspace, +\fI0177\fR += DEL)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBFAIL_DELAY\fR (number) +.RS 4 +登录失败后,等待多少秒才再允许登录。 +.RE +.PP +\fBFAILLOG_ENAB\fR (boolean) +.RS 4 +Enable logging and display of +/var/log/faillog +login failure info\&. +.RE +.PP +\fBFAKE_SHELL\fR (string) +.RS 4 +If set, +\fBlogin\fR +will execute this shell instead of the users\*(Aq shell specified in +/etc/passwd\&. +.RE +.PP +\fBFTMP_FILE\fR (string) +.RS 4 +如果定义,登录失败会以 utmp 格式记录在此文件中。 +.RE +.PP +\fBHUSHLOGIN_FILE\fR (string) +.RS 4 +If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. +.RE +.PP +\fBISSUE_FILE\fR (string) +.RS 4 +如果定义了,此文件将在每次的登录提示之前现实。 +.RE +.PP +\fBKILLCHAR\fR (number) +.RS 4 +Terminal KILL character (\fI025\fR += CTRL/U)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBLASTLOG_ENAB\fR (boolean) +.RS 4 +允许记录和显示 /var/log/lastlog 登录时间信息。 +.RE +.PP +\fBLOGIN_RETRIES\fR (number) +.RS 4 +密码错误时,重试的最大次数。 +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.PP +\fBLOGIN_TIMEOUT\fR (number) +.RS 4 +最大登录时间(以秒为单位)。 +.RE +.PP +\fBLOG_OK_LOGINS\fR (boolean) +.RS 4 +允许记录成功登录。 +.RE +.PP +\fBLOG_UNKFAIL_ENAB\fR (boolean) +.RS 4 +在记录到登录失败时,允许记录未知用户名。 +.sp +注意:如果用户不小心将密码输入到了登录名中,记录未知用户名可能是一个安全隐患。 +.RE +.PP +\fBMAIL_CHECK_ENAB\fR (boolean) +.RS 4 +启用登录时检查和现实邮箱状态。 +.sp +如果 shell 的启动文件已经检查了邮件("mailx \-e" 或者其它同功能的工具),您应该禁用它。 +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMOTD_FILE\fR (string) +.RS 4 +If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. +.RE +.PP +\fBNOLOGINS_FILE\fR (string) +.RS 4 +If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. +.RE +.PP +\fBPORTTIME_CHECKS_ENAB\fR (boolean) +.RS 4 +Enable checking of time restrictions specified in +/etc/porttime\&. +.RE +.PP +\fBQUOTAS_ENAB\fR (boolean) +.RS 4 +Enable setting of resource limits from +/etc/limits +and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. +.RE +.PP +\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) +.RS 4 +The terminal permissions: the login tty will be owned by the +\fBTTYGROUP\fR +group, and the permissions will be set to +\fBTTYPERM\fR\&. +.sp +By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to +\fI0600\fR\&. +.sp +\fBTTYGROUP\fR +can be either the name of a group or a numeric group identifier\&. +.sp +If you have a +\fBwrite\fR +program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. +.RE +.PP +\fBTTYTYPE_FILE\fR (string) +.RS 4 +If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. +.RE +.PP +\fBULIMIT\fR (number) +.RS 4 +Default +\fBulimit\fR +value\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/var/run/utmp +.RS 4 +当前登录会话的列表。 +.RE +.PP +/var/log/wtmp +.RS 4 +先前的登录会话列表。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/motd +.RS 4 +System message of the day file\&. +.RE +.PP +/etc/nologin +.RS 4 +阻止非 root 用户登录。 +.RE +.PP +/etc/ttytype +.RS 4 +终端类型列表。 +.RE +.PP +$HOME/\&.hushlogin +.RS 4 +阻止现实系统信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBmail\fR(1), +\fBpasswd\fR(1), +\fBsh\fR(1), +\fBsu\fR(1), +\fBlogin.defs\fR(5), +\fBnologin\fR(5), +\fBpasswd\fR(5), +\fBsecuretty\fR(5), +\fBgetty\fR(8)\&. diff --git a/man/zh_CN/man1/newgrp.1 b/man/zh_CN/man1/newgrp.1 new file mode 100644 index 0000000..c696e0c --- /dev/null +++ b/man/zh_CN/man1/newgrp.1 @@ -0,0 +1,98 @@ +'\" t +.\" Title: newgrp +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NEWGRP" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +newgrp \- 登录到一个新组 +.SH "大纲" +.HP \w'\fBnewgrp\fR\ 'u +\fBnewgrp\fR [\-] [\fIgroup\fR] +.SH "描述" +.PP +The +\fBnewgrp\fR +command is used to change the current group ID during a login session\&. If the optional +\fB\-\fR +flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. +.PP +\fBnewgrp\fR +changes the current real group ID to the named group, or to the default group listed in +/etc/passwd +if no group name is given\&. +\fBnewgrp\fR +also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in +/etc/shadow +if this user has an entry in the shadowed password file, or in +/etc/passwd +otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. +.PP +If there is an entry for this group in +/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in +/etc/group +is considered\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBSYSLOG_SG_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsg\fR +activity\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBid\fR(1), +\fBlogin\fR(1), +\fBsu\fR(1), +\fBsg\fR(1), +\fBgpasswd\fR(1), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/passwd.1 b/man/zh_CN/man1/passwd.1 new file mode 100644 index 0000000..5d934a1 --- /dev/null +++ b/man/zh_CN/man1/passwd.1 @@ -0,0 +1,365 @@ +'\" t +.\" Title: passwd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PASSWD" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +passwd \- 更改用户密码 +.SH "大纲" +.HP \w'\fBpasswd\fR\ 'u +\fBpasswd\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBpasswd\fR +command changes passwords for user accounts\&. A normal user may only change the password for their own account, while the superuser may change the password for any account\&. +\fBpasswd\fR +also changes the account or associated password validity period\&. +.SS "密码更改" +.PP +如果有旧密码,首先提示用户输入旧密码。加密这个密码然后和存储的密码进行比较。用户只有一次机会输入正确密码。允许超级用户略过这个步骤,以便更改忘记了的密码。 +.PP +After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time\&. If not, +\fBpasswd\fR +refuses to change the password and exits\&. +.PP +提示用户输入两次新密码。第二次和第一次进行比较,并且需要相同才能更改密码。 +.PP +然后,测试密码的负责程度。一般来讲,密码应该包含 6 到 8 位字符,从下边的一个或多个集合中选择: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +小写字母 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +数字 0 到 9 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +标点符号 +.RE +.PP +Care must be taken not to include the system default erase or kill characters\&. +\fBpasswd\fR +will reject any password which is not suitably complex\&. +.SS "关于用户密码的提示" +.PP +The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy +\fIUNIX\fR +System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see +\fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&. +.PP +由于粗心地或处理选择密码,会危及密码的安全。由于这个原因,您不应该选择出现在词典中或者必须要写下来才能记住的密码。密码也不应该是一个名字、许可证号、生日或者街道号。所有这些可以用于猜测来损害系统安全。 +.PP +You can find advice on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength +.SH "选项" +.PP +The options which apply to the +\fBpasswd\fR +command are: +.PP +\fB\-a\fR, \fB\-\-all\fR +.RS 4 +This option can be used only with +\fB\-S\fR +and causes show status for all users\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR +.RS 4 +删除用户密码(让它为空)。这是禁用一个用户密码的快速方法。它将设置给出名称的账户。 +.RE +.PP +\fB\-e\fR, \fB\-\-expire\fR +.RS 4 +让一个账户的密码立即过期。这可以强制一个用户下次登录时更改密码。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +This option is used to disable an account after the password has been expired for a number of days\&. After a user account has had an expired password for +\fIINACTIVE\fR +days, the user may no longer sign on to the account\&. +.RE +.PP +\fB\-k\fR, \fB\-\-keep\-tokens\fR +.RS 4 +表示密码更改只应该因为认证口令(密码)过期更改。用户希望保持他们尚未过期的口令。 +.RE +.PP +\fB\-l\fR, \fB\-\-lock\fR +.RS 4 +锁定指定账户的密码。此选项通过将密码更改为一个不可能与加密值匹配的值来禁用(它在密码开头添加一个\(lq!\(rq)。 +.sp +Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use +\fBusermod \-\-expiredate 1\fR +(this set the account\*(Aqs expire date to Jan 2, 1970)\&. +.sp +被锁定了密码的用户不允许更改密码。 +.RE +.PP +\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR +.RS 4 +Set the minimum number of days between password changes to +\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change their password at any time\&. +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +安静模式。 +.RE +.PP +\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR +.RS 4 +change password in +\fIREPOSITORY\fR +repository +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-S\fR, \fB\-\-status\fR +.RS 4 +显示账户状态信息。状态信息包含 7 个字段。首个字段是用户的登录名,第二个字段表示用户账户是否已经锁定密码(L)、没有密码 (NP)或者密码可用(P),第三个字段给出最后一次更改密码的日期。接下来的四个字段分别是密码的最小年龄、最大年龄、警告期和禁用期。这些年龄以天为单位计算。 +.RE +.PP +\fB\-u\fR, \fB\-\-unlock\fR +.RS 4 +Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the +\fB\-l\fR +option)\&. +.RE +.PP +\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR +.RS 4 +Set the number of days of warning before a password change is required\&. The +\fIWARN_DAYS\fR +option is the number of days prior to the password expiring that a user will be warned that their password is about to expire\&. +.RE +.PP +\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR +.RS 4 +Set the maximum number of days a password remains valid\&. After +\fIMAX_DAYS\fR, the password is required to be changed\&. +.sp +Passing the number +\fI\-1\fR +as +\fIMAX_DAYS\fR +will remove checking a password\*(Aqs validity\&. +.RE +.SH "CAVEATS" +.PP +密码复杂性检查在每台机器间不同。用户应该选择适合的尽量复杂的密码。 +.PP +在启动了 NIS 的系统上,如果没有登录 NIS 服务器,用户或许不能更改自己的密码。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBOBSCURE_CHECKS_ENAB\fR (boolean) +.RS 4 +对密码更改启用附加检查。 +.RE +.PP +\fBPASS_ALWAYS_WARN\fR (boolean) +.RS 4 +如果是 root,警告弱密码,但是仍然允许使用。 +.RE +.PP +\fBPASS_CHANGE_TRIES\fR (number) +.RS 4 +可以尝试更改密码的最大次数(太容易)。 +.RE +.PP +\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) +.RS 4 +Number of significant characters in the password for crypt()\&. +\fBPASS_MAX_LEN\fR +is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if +\fBMD5_CRYPT_ENAB\fR +set to +\fIyes\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +The +\fBpasswd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +permission denied +.RE +.PP +\fI2\fR +.RS 4 +invalid combination of options +.RE +.PP +\fI3\fR +.RS 4 +unexpected failure, nothing done +.RE +.PP +\fI4\fR +.RS 4 +unexpected failure, +passwd +file missing +.RE +.PP +\fI5\fR +.RS 4 +passwd +file busy, try again +.RE +.PP +\fI6\fR +.RS 4 +invalid argument to option +.RE +.SH "参见" +.PP +\fBchpasswd\fR(8), +\fBpasswd\fR(5), +\fBshadow\fR(5), +\fBlogin.defs\fR(5), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man1/sg.1 b/man/zh_CN/man1/sg.1 new file mode 100644 index 0000000..bda6a5e --- /dev/null +++ b/man/zh_CN/man1/sg.1 @@ -0,0 +1,97 @@ +'\" t +.\" Title: sg +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SG" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +sg \- 以不同的组 ID 执行命令 +.SH "大纲" +.HP \w'\fBsg\fR\ 'u +\fBsg\fR [\-] [group\ [\-c\ ]\ command] +.SH "描述" +.PP +The +\fBsg\fR +command works similar to +\fBnewgrp\fR +but accepts a command\&. The command will be executed with the +/bin/sh +shell\&. With most shells you may run +\fBsg\fR +from, you need to enclose multi\-word commands in quotes\&. Another difference between +\fBnewgrp\fR +and +\fBsg\fR +is that some shells treat +\fBnewgrp\fR +specially, replacing themselves with a new instance of a shell that +\fBnewgrp\fR +creates\&. This doesn\*(Aqt happen with +\fBsg\fR, so upon exit from a +\fBsg\fR +command you are returned to your previous group ID\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBSYSLOG_SG_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsg\fR +activity\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBid\fR(1), +\fBlogin\fR(1), +\fBnewgrp\fR(1), +\fBsu\fR(1), +\fBgpasswd\fR(1), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/su.1 b/man/zh_CN/man1/su.1 new file mode 100644 index 0000000..c4d29c1 --- /dev/null +++ b/man/zh_CN/man1/su.1 @@ -0,0 +1,448 @@ +'\" t +.\" Title: su +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SU" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +su \- 更改用户 ID 或成为超级用户 +.SH "大纲" +.HP \w'\fBsu\fR\ 'u +\fBsu\fR [\fI选项\fR] [\fI\-\fR] [\fI用户名\fR\ [\ \fIargs\fR\ ]] +.SH "描述" +.PP +The +\fBsu\fR +command is used to become another user during a login session\&. Invoked without a +\fBusername\fR, +\fBsu\fR +defaults to becoming the superuser\&. The +\fB\-\fR +option may be used to provide an environment similar to what the user would expect had the user logged in directly\&. The +\fB\-c\fR +option may be used to treat the next argument as a command by most shells\&. +.PP +Options are recognized everywhere in the argument list\&. You can use the +\fB\-\-\fR +argument to stop option parsing\&. The +\fB\-\fR +option is special: it is also recognized after +\fB\-\-\fR, but has to be placed before +\fBusername\fR\&. +.PP +如果合适,将提示用户输入一个密码。输入无效的密码会产生一个错误消息。所有的尝试,无论成功还是失败,都会被记录,以检测对系统的滥用。 +.PP +The current environment is passed to the new shell\&. The value of +\fB$PATH\fR +is reset to +/bin:/usr/bin +for normal users, or +/sbin:/bin:/usr/sbin:/usr/bin +for the superuser\&. This may be changed with the +\fBENV_PATH\fR +and +\fBENV_SUPATH\fR +definitions in +/etc/login\&.defs\&. +.PP +在登录 shell 中以第一个字符是\(lq*\(rq标注的是子系统登录。给定的主目录将被用于用户实际登录的新文件系统的根。 +.SH "选项" +.PP +The options which apply to the +\fBsu\fR +command are: +.PP +\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMMAND\fR +.RS 4 +Specify a command that will be invoked by the shell using its +\fB\-c\fR\&. +.sp +The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. +.RE +.PP +\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR +.RS 4 +提供一个类似于用户直接登录的环境,用户可能会希望这样。 +.sp +When +\fB\-\fR +is used, it must be specified before any +\fBusername\fR\&. For portability it is recommended to use it as last option, before any +\fBusername\fR\&. The other forms (\fB\-l\fR +and +\fB\-\-login\fR) do not have this restriction\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +将使用的 shell。 +.sp +The invoked shell is chosen from (highest priority first): +.PP +.RS 4 +The shell specified with \-\-shell\&. +.RE +.PP +.RS 4 +If +\fB\-\-preserve\-environment\fR +is used, the shell specified by the +\fB$SHELL\fR +environment variable\&. +.RE +.PP +.RS 4 +The shell indicated in the +/etc/passwd +entry for the target user\&. +.RE +.PP +.RS 4 +/bin/sh +if a shell could not be found by any above method\&. +.RE +.sp +If the target user has a restricted shell (i\&.e\&. the shell field of this user\*(Aqs entry in +/etc/passwd +is not listed in +/etc/shells), then the +\fB\-\-shell\fR +option or the +\fB$SHELL\fR +environment variable won\*(Aqt be taken into account, unless +\fBsu\fR +is called by root\&. +.RE +.PP +\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR +.RS 4 +Preserve the current environment, except for: +.PP +\fB$PATH\fR +.RS 4 +reset according to the +/etc/login\&.defs +options +\fBENV_PATH\fR +or +\fBENV_SUPATH\fR +(see below); +.RE +.PP +\fB$IFS\fR +.RS 4 +reset to +\(lq<space><tab><newline>\(rq, if it was set\&. +.RE +.sp +If the target user has a restricted shell, this option has no effect (unless +\fBsu\fR +is called by root)\&. +.sp +Note that the default behavior for the environment is the following: +.PP +.RS 4 +The +\fB$HOME\fR, +\fB$SHELL\fR, +\fB$USER\fR, +\fB$LOGNAME\fR, +\fB$PATH\fR, and +\fB$IFS\fR +environment variables are reset\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is not used, the environment is copied, except for the variables above\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, the +\fB$TERM\fR, +\fB$COLORTERM\fR, +\fB$DISPLAY\fR, and +\fB$XAUTHORITY\fR +environment variables are copied if they were set\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, the +\fB$TZ\fR, +\fB$HZ\fR, and +\fB$MAIL\fR +environment variables are set according to the +/etc/login\&.defs +options +\fBENV_TZ\fR, +\fBENV_HZ\fR, +\fBMAIL_DIR\fR, and +\fBMAIL_FILE\fR +(see below)\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, other environment variables might be set by the +\fBENVIRON_FILE\fR +file (see below)\&. +.RE +.sp +.RE +.SH "CAVEATS" +.PP +This version of +\fBsu\fR +has many compilation options, only some of which may be in use at any particular site\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCONSOLE\fR (string) +.RS 4 +如果定义了,或者是包含设备名(没行一个)的文件的完整路径名,或者是\(lq:\(rq分隔的设备名列表。将只会在这写设备上允许 root 登录。 +.sp +如果没有定义,可以在任何设备上使用 root。 +.sp +指定的设备时不带 /dev/ 前缀。 +.RE +.PP +\fBCONSOLE_GROUPS\fR (string) +.RS 4 +List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. + +Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. +.RE +.PP +\fBDEFAULT_HOME\fR (boolean) +.RS 4 +如果不能 cd 到主目录时,说明是否允许登录。默认是否。 +.sp +If set to +\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. +.RE +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENVIRON_FILE\fR (string) +.RS 4 +如果此文件存在,并且可读,将会从中读取登录环境。所有行都必须是 name=value 的格式。 +.sp +以 # 开头的行将视为注释,并被忽略。 +.RE +.PP +\fBENV_PATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example +\fI/bin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/bin:/usr/bin\fR\&. +.RE +.PP +\fBENV_SUPATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example +\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.PP +\fBMAIL_CHECK_ENAB\fR (boolean) +.RS 4 +启用登录时检查和现实邮箱状态。 +.sp +如果 shell 的启动文件已经检查了邮件("mailx \-e" 或者其它同功能的工具),您应该禁用它。 +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBQUOTAS_ENAB\fR (boolean) +.RS 4 +Enable setting of resource limits from +/etc/limits +and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. +.RE +.PP +\fBSULOG_FILE\fR (string) +.RS 4 +如果定义了,所有的 su 活动都会记录到此文件。 +.RE +.PP +\fBSU_NAME\fR (string) +.RS 4 +如果定义了,就是运行\(lqsu \-\(rq时显示的命令名称。例如,如果定义为\(lqsu\(rq,那么\(lqps\(rq会显示此命令为\(lq\-su\(rq。如果没有定义,\(lqps\(rq将会显示实际执行的 shell,例如类似于\(lq\-sh\(rq。 +.RE +.PP +\fBSU_WHEEL_ONLY\fR (boolean) +.RS 4 +If +\fIyes\fR, the user must be listed as a member of the first gid 0 group in +/etc/group +(called +\fIroot\fR +on most Linux systems) to be able to +\fBsu\fR +to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to +\fBsu\fR +to uid 0\&. +.RE +.PP +\fBSYSLOG_SU_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsu\fR +activity \- in addition to sulog file logging\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +On success, +\fBsu\fR +returns the exit value of the command it executed\&. +.PP +If this command was terminated by a signal, +\fBsu\fR +returns the number of this signal plus 128\&. +.PP +If su has to kill the command (because it was asked to terminate, and the command did not terminate in time), +\fBsu\fR +returns 255\&. +.PP +Some exit values from +\fBsu\fR +are independent from the executed command: +.PP +\fI0\fR +.RS 4 +success (\fB\-\-help\fR +only) +.RE +.PP +\fI1\fR +.RS 4 +System or authentication failure +.RE +.PP +\fI126\fR +.RS 4 +The requested command was not found +.RE +.PP +\fI127\fR +.RS 4 +The requested command could not be executed +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBlogin.defs\fR(5), +\fBsg\fR(1), +\fBsh\fR(1)\&. diff --git a/man/zh_CN/man3/getspnam.3 b/man/zh_CN/man3/getspnam.3 new file mode 100644 index 0000000..cd473da --- /dev/null +++ b/man/zh_CN/man3/getspnam.3 @@ -0,0 +1 @@ +.so man3/shadow.3 diff --git a/man/zh_CN/man3/shadow.3 b/man/zh_CN/man3/shadow.3 new file mode 100644 index 0000000..cb8e8b6 --- /dev/null +++ b/man/zh_CN/man3/shadow.3 @@ -0,0 +1,245 @@ +'\" t +.\" Title: shadow +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 库函数调用 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SHADOW" "3" "2020-01-23" "shadow\-utils 4\&.8\&.1" "库函数调用" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +shadow, getspnam \- 加密密码文件工具函数 +.SH "SYNTAX" +.PP +\fI#include <shadow\&.h>\fR +.PP +\fIstruct spwd *getspent();\fR +.PP +\fIstruct spwd *getspnam(char\fR +\fI*name\fR\fI);\fR +.PP +\fIvoid setspent();\fR +.PP +\fIvoid endspent();\fR +.PP +\fIstruct spwd *fgetspent(FILE\fR +\fI*fp\fR\fI);\fR +.PP +\fIstruct spwd *sgetspent(char\fR +\fI*cp\fR\fI);\fR +.PP +\fIint putspent(struct spwd\fR +\fI*p,\fR +\fIFILE\fR +\fI*fp\fR\fI);\fR +.PP +\fIint lckpwdf();\fR +.PP +\fIint ulckpwdf();\fR +.SH "描述" +.PP +\fIshadow\fR +manipulates the contents of the shadow password file, +/etc/shadow\&. The structure in the +\fI#include\fR +file is: +.sp +.if n \{\ +.RS 4 +.\} +.nf +struct spwd { + char *sp_namp; /* user login name */ + char *sp_pwdp; /* encrypted password */ + long int sp_lstchg; /* last password change */ + long int sp_min; /* days until change allowed\&. */ + long int sp_max; /* days before change required */ + long int sp_warn; /* days warning for expiration */ + long int sp_inact; /* days before account inactive */ + long int sp_expire; /* date when account expires */ + unsigned long int sp_flag; /* reserved for future use */ +} + +.fi +.if n \{\ +.RE +.\} +.PP +每个字段的含义是: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_namp \- 指向以 null 结束的用户名的指针 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_pwdp \- 指向 null 结束的密码的指针 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_lstchg \- 最近更改密码的日期(日期计算方法是从1970年1月1日开始的天数) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_min \- days before which password may not be changed +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_max \- days after which password must be changed +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_warn \- days before password is to expire that user is warned of pending password expiration +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_inact \- days after password expires that account is considered inactive and disabled +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_expire \- days since Jan 1, 1970 when account will be disabled +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +sp_flag \- reserved for future use +.RE +.SH "描述" +.PP +\fIgetspent\fR, +\fIgetspname\fR, +\fIfgetspent\fR, and +\fIsgetspent\fR +each return a pointer to a +\fIstruct spwd\fR\&. +\fIgetspent\fR +returns the next entry from the file, and +\fIfgetspent\fR +returns the next entry from the given stream, which is assumed to be a file of the proper format\&. +\fIsgetspent\fR +returns a pointer to a +\fIstruct spwd\fR +using the provided string as input\&. +\fIgetspnam\fR +searches from the current position in the file for an entry matching +\fIname\fR\&. +.PP +\fIsetspent\fR +and +\fIendspent\fR +may be used to begin and end, respectively, access to the shadow password file\&. +.PP +The +\fIlckpwdf\fR +and +\fIulckpwdf\fR +routines should be used to insure exclusive access to the +/etc/shadow +file\&. +\fIlckpwdf\fR +attempts to acquire a lock using +\fIpw_lock\fR +for up to 15 seconds\&. It continues by attempting to acquire a second lock using +\fIspw_lock\fR +for the remainder of the initial 15 seconds\&. Should either attempt fail after a total of 15 seconds, +\fIlckpwdf\fR +returns \-1\&. When both locks are acquired 0 is returned\&. +.SH "DIAGNOSTICS" +.PP +Routines return NULL if no more entries are available or if an error occurs during processing\&. Routines which have +\fIint\fR +as the return value return 0 for success and \-1 for failure\&. +.SH "CAVEATS" +.PP +这些函数只能由超级用户使用,因为对影子密码文件的访问是受限的。 +.SH "文件" +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBgetpwent\fR(3), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man5/faillog.5 b/man/zh_CN/man5/faillog.5 new file mode 100644 index 0000000..39a982f --- /dev/null +++ b/man/zh_CN/man5/faillog.5 @@ -0,0 +1,64 @@ +'\" t +.\" Title: faillog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "FAILLOG" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +faillog \- 登录失败的日志文件 +.SH "描述" +.PP +/var/log/faillog +maintains a count of login failures and the limits for each account\&. +.PP +The file contains fixed length records, indexed by numerical UID\&. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line on which the last login failure occurred; the date of the last login failure; and the duration (in seconds) during which the account will be locked after a failure\&. +.PP +文件的结构是: +.sp +.if n \{\ +.RS 4 +.\} +.nf +struct faillog { + short fail_cnt; + short fail_max; + char fail_line[12]; + time_t fail_time; + long fail_locktime; +}; +.fi +.if n \{\ +.RE +.\} +.SH "文件" +.PP +/var/log/faillog +.RS 4 +Failure logging file\&. +.RE +.SH "参见" +.PP +\fBfaillog\fR(8) diff --git a/man/zh_CN/man5/gshadow.5 b/man/zh_CN/man5/gshadow.5 new file mode 100644 index 0000000..ac163c8 --- /dev/null +++ b/man/zh_CN/man5/gshadow.5 @@ -0,0 +1,101 @@ +'\" t +.\" Title: gshadow +.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GSHADOW" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +gshadow \- 影子化了的组文件 +.SH "描述" +.PP +/etc/gshadow +contains the shadowed information for group accounts\&. +.PP +如果没有维护好密码安全,此文件绝对不能让普通用户可读。 +.PP +此文件的每行包含逗号分隔的如下字段: +.PP +\fB组名\fR +.RS 4 +必须是系统中已经存在的有效组。 +.RE +.PP +\fB加密了的密码\fR +.RS 4 +Refer to +\fBcrypt\fR(3) +for details on how this string is interpreted\&. +.sp +If the password field contains some string that is not a valid result of +\fBcrypt\fR(3), for instance ! or *, users will not be able to use a unix password to access the group (but group members do not need the password)\&. +.sp +The password is used when a user who is not a member of the group wants to gain the permissions of this group (see +\fBnewgrp\fR(1))\&. +.sp +此字段可以为空,此时,只有组成员可以获取组权限。 +.sp +A password field which starts with an exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. +.sp +This password supersedes any password specified in +/etc/group\&. +.RE +.PP +\fB管理员\fR +.RS 4 +必须是一个逗号分隔的用户名列表。 +.sp +管理员可以更改组密码和成员。 +.sp +管理员也有成员一样的权限(请看下边)。 +.RE +.PP +\fB成员\fR +.RS 4 +必须是一个逗号分隔的用户名列表。 +.sp +成员可以免密码访问组。 +.sp +You should use the same list of users as in +/etc/group\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBgpasswd\fR(5), +\fBgroup\fR(5), +\fBgrpck\fR(8), +\fBgrpconv\fR(8), +\fBnewgrp\fR(1)\&. diff --git a/man/zh_CN/man5/limits.5 b/man/zh_CN/man5/limits.5 new file mode 100644 index 0000000..1328a85 --- /dev/null +++ b/man/zh_CN/man5/limits.5 @@ -0,0 +1,274 @@ +'\" t +.\" Title: limits +.\" Author: Luca Berra +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LIMITS" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +limits \- 资源限制描述 +.SH "描述" +.PP +The +\fIlimits\fR +file (/etc/limits +by default or LIMITS_FILE defined +config\&.h) describes the resource limits you wish to impose\&. It should be owned by root and readable by root account only\&. +.PP +By default no quota is imposed on \*(Aqroot\*(Aq\&. In fact, there is no way to impose limits via this procedure to root\-equiv accounts (accounts with UID 0)\&. +.PP +每行以如下格式对一个用户描述限制: +.PP +\fIuser LIMITS_STRING\fR +.PP +或如下格式: +.PP +\fI@group LIMITS_STRING\fR +.PP +The +\fILIMITS_STRING\fR +is a string of a concatenated list of resource limits\&. Each limit consists of a letter identifier followed by a numerical limit\&. +.PP +可用的指示符有: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +A:最大地址空间 (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +C:最大转储文件大小 (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +D:最大数据大小 (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +F: maximum file size (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +K: file creation mask, set by +\fBumask\fR(2)\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +I:最高 nice 级别,(0\&.\&.\&.39 对应 20\&.\&.\&.\-19) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +L:此用户的最大登录数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +M: max locked\-in\-memory address space (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +N:最大的文件打开数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +O:最大实时优先级 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +P: process priority, set by +\fBsetpriority\fR(2)\&. +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +R: max resident set size (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +S:最大栈尺寸 (KB) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +T:最大 CPU 时间 (分钟) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +U:最大处理器数目 +.RE +.PP +For example, +\fIL2D2048N5\fR +is a valid +\fILIMITS_STRING\fR\&. For reading convenience, the following entries are equivalent: +.sp +.if n \{\ +.RS 4 +.\} +.nf + username L2D2048N5 + username L2 D2048 N5 + +.fi +.if n \{\ +.RE +.\} +.PP +Be aware that after +\fIusername\fR +the rest of the line is considered a limit string, thus comments are not allowed\&. An invalid limits string will be rejected (not considered) by the +\fBlogin\fR +program\&. +.PP +The default entry is denoted by username "\fI*\fR"\&. If you have multiple +\fIdefault\fR +entries in your +\fILIMITS_FILE\fR, then the last one will be used as the default entry\&. +.PP +The limits specified in the form "\fI@group\fR" apply to the members of the specified +\fIgroup\fR\&. +.PP +If more than one line with limits for a user exist, only the first line for this user will be considered\&. +.PP +If no lines are specified for a user, the last +\fI@group\fR +line matching a group whose the user is a member of will be considered, or the last line with default limits if no groups contain the user\&. +.PP +To completely disable limits for a user, a single dash "\fI\-\fR" will do\&. +.PP +To disable a limit for a user, a single dash "\fI\-\fR" can be used instead of the numerical value for this limit\&. +.PP +Also, please note that all limit settings are set PER LOGIN\&. They are not global, nor are they permanent\&. Perhaps global limits will come, but for now this will have to do ;) +.SH "文件" +.PP +/etc/limits +.RS 4 +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBsetpriority\fR(2), +\fBsetrlimit\fR(2)\&. diff --git a/man/zh_CN/man5/login.access.5 b/man/zh_CN/man5/login.access.5 new file mode 100644 index 0000000..1e91af4 --- /dev/null +++ b/man/zh_CN/man5/login.access.5 @@ -0,0 +1,67 @@ +'\" t +.\" Title: login.access +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGIN\&.ACCESS" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +login.access \- 登录访问控制表 +.SH "描述" +.PP +The +\fIlogin\&.access\fR +file specifies (user, host) combinations and/or (user, tty) combinations for which a login will be either accepted or refused\&. +.PP +When someone logs in, the +\fIlogin\&.access\fR +is scanned for the first entry that matches the (user, host) combination, or, in case of non\-networked logins, the first entry that matches the (user, tty) combination\&. The permissions field of that table entry determines whether the login will be accepted or refused\&. +.PP +登录访问控制表的每一行有\(lq:\(rq分隔的三个字段: +.PP +\fIpermission\fR:\fIusers\fR:\fIorigins\fR +.PP +The first field should be a "\fI+\fR" (access granted) or "\fI\-\fR" (access denied) character\&. The second field should be a list of one or more login names, group names, or +\fIALL\fR +(always matches)\&. The third field should be a list of one or more tty names (for non\-networked logins), host names, domain names (begin with "\&."), host addresses, internet network numbers (end with "\&."), +\fIALL\fR +(always matches) or +\fILOCAL\fR +(matches any string that does not contain a "\&." character)\&. If you run NIS you can use @netgroupname in host or user patterns\&. +.PP +The +\fIEXCEPT\fR +operator makes it possible to write very compact rules\&. +.PP +The group file is searched only when a name does not match that of the logged\-in user\&. Only groups are matched in which users are explicitly listed: the program does not look at a user\*(Aqs primary group id value\&. +.SH "文件" +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBlogin\fR(1)\&. diff --git a/man/zh_CN/man5/login.defs.5 b/man/zh_CN/man5/login.defs.5 new file mode 100644 index 0000000..6267e1f --- /dev/null +++ b/man/zh_CN/man5/login.defs.5 @@ -0,0 +1,854 @@ +'\" t +.\" Title: login.defs +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGIN\&.DEFS" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +login.defs \- 影子密码套件配置 +.SH "描述" +.PP +The +/etc/login\&.defs +file defines the site\-specific configuration for the shadow password suite\&. This file is required\&. Absence of this file will not prevent system operation, but will probably result in undesirable operation\&. +.PP +This file is a readable text file, each line of the file describing one configuration parameter\&. The lines consist of a configuration name and value, separated by whitespace\&. Blank lines and comment lines are ignored\&. Comments are introduced with a "#" pound sign and the pound sign must be the first non\-white character of the line\&. +.PP +Parameter values may be of four types: strings, booleans, numbers, and long numbers\&. A string is comprised of any printable characters\&. A boolean should be either the value +\fIyes\fR +or +\fIno\fR\&. An undefined boolean parameter or one with a value other than these will be given a +\fIno\fR +value\&. Numbers (both regular and long) may be either decimal values, octal values (precede the value with +\fI0\fR) or hexadecimal values (precede the value with +\fI0x\fR)\&. The maximum value of the regular and long numeric parameters is machine\-dependent\&. +.PP +提供如下配置项: +.PP +\fBCHFN_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchfn\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBCHFN_RESTRICT\fR (string) +.RS 4 +This parameter specifies which values in the +\fIgecos\fR +field of the +/etc/passwd +file may be changed by regular users using the +\fBchfn\fR +program\&. It can be any combination of letters +\fIf\fR, +\fIr\fR, +\fIw\fR, +\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, +\fIyes\fR +is equivalent to +\fIrwh\fR +and +\fIno\fR +is equivalent to +\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing +\fBchfn\fR +SUID\&. +.RE +.PP +\fBCHSH_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchsh\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBCONSOLE\fR (string) +.RS 4 +如果定义了,或者是包含设备名(没行一个)的文件的完整路径名,或者是\(lq:\(rq分隔的设备名列表。将只会在这写设备上允许 root 登录。 +.sp +如果没有定义,可以在任何设备上使用 root。 +.sp +指定的设备时不带 /dev/ 前缀。 +.RE +.PP +\fBCONSOLE_GROUPS\fR (string) +.RS 4 +List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. + +Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. +.RE +.PP +\fBCREATE_HOME\fR (boolean) +.RS 4 +指示是否应该为新用户默认创建主目录。 +.sp +此设置并不应用到系统用户,并且可以使用命令行覆盖。 +.RE +.PP +\fBDEFAULT_HOME\fR (boolean) +.RS 4 +如果不能 cd 到主目录时,说明是否允许登录。默认是否。 +.sp +If set to +\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. +.RE +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENV_PATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example +\fI/bin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/bin:/usr/bin\fR\&. +.RE +.PP +\fBENV_SUPATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example +\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.PP +\fBENVIRON_FILE\fR (string) +.RS 4 +如果此文件存在,并且可读,将会从中读取登录环境。所有行都必须是 name=value 的格式。 +.sp +以 # 开头的行将视为注释,并被忽略。 +.RE +.PP +\fBERASECHAR\fR (number) +.RS 4 +Terminal ERASE character (\fI010\fR += backspace, +\fI0177\fR += DEL)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBFAIL_DELAY\fR (number) +.RS 4 +登录失败后,等待多少秒才再允许登录。 +.RE +.PP +\fBFAILLOG_ENAB\fR (boolean) +.RS 4 +Enable logging and display of +/var/log/faillog +login failure info\&. +.RE +.PP +\fBFAKE_SHELL\fR (string) +.RS 4 +If set, +\fBlogin\fR +will execute this shell instead of the users\*(Aq shell specified in +/etc/passwd\&. +.RE +.PP +\fBFTMP_FILE\fR (string) +.RS 4 +如果定义,登录失败会以 utmp 格式记录在此文件中。 +.RE +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBHOME_MODE\fR (number) +.RS 4 +The mode for new home directories\&. If not specified, the +\fBUMASK\fR +is used to create the mode\&. +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this to set the mode of the home directory they create\&. +.RE +.PP +\fBHUSHLOGIN_FILE\fR (string) +.RS 4 +If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. +.RE +.PP +\fBISSUE_FILE\fR (string) +.RS 4 +如果定义了,此文件将在每次的登录提示之前现实。 +.RE +.PP +\fBKILLCHAR\fR (number) +.RS 4 +Terminal KILL character (\fI025\fR += CTRL/U)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBLASTLOG_ENAB\fR (boolean) +.RS 4 +允许记录和显示 /var/log/lastlog 登录时间信息。 +.RE +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.PP +\fBLOG_OK_LOGINS\fR (boolean) +.RS 4 +允许记录成功登录。 +.RE +.PP +\fBLOG_UNKFAIL_ENAB\fR (boolean) +.RS 4 +在记录到登录失败时,允许记录未知用户名。 +.sp +注意:如果用户不小心将密码输入到了登录名中,记录未知用户名可能是一个安全隐患。 +.RE +.PP +\fBLOGIN_RETRIES\fR (number) +.RS 4 +密码错误时,重试的最大次数。 +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.PP +\fBLOGIN_TIMEOUT\fR (number) +.RS 4 +最大登录时间(以秒为单位)。 +.RE +.PP +\fBMAIL_CHECK_ENAB\fR (boolean) +.RS 4 +启用登录时检查和现实邮箱状态。 +.sp +如果 shell 的启动文件已经检查了邮件("mailx \-e" 或者其它同功能的工具),您应该禁用它。 +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBMOTD_FILE\fR (string) +.RS 4 +If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. +.RE +.PP +\fBNOLOGINS_FILE\fR (string) +.RS 4 +If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. +.RE +.PP +\fBOBSCURE_CHECKS_ENAB\fR (boolean) +.RS 4 +对密码更改启用附加检查。 +.RE +.PP +\fBPASS_ALWAYS_WARN\fR (boolean) +.RS 4 +如果是 root,警告弱密码,但是仍然允许使用。 +.RE +.PP +\fBPASS_CHANGE_TRIES\fR (number) +.RS 4 +可以尝试更改密码的最大次数(太容易)。 +.RE +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.PP +\fBPASS_MAX_DAYS\fR, +\fBPASS_MIN_DAYS\fR +and +\fBPASS_WARN_AGE\fR +are only used at the time of account creation\&. Any changes to these settings won\*(Aqt affect existing accounts\&. +.PP +\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) +.RS 4 +Number of significant characters in the password for crypt()\&. +\fBPASS_MAX_LEN\fR +is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if +\fBMD5_CRYPT_ENAB\fR +set to +\fIyes\fR\&. +.RE +.PP +\fBPORTTIME_CHECKS_ENAB\fR (boolean) +.RS 4 +Enable checking of time restrictions specified in +/etc/porttime\&. +.RE +.PP +\fBQUOTAS_ENAB\fR (boolean) +.RS 4 +Enable setting of resource limits from +/etc/limits +and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.PP +\fBSULOG_FILE\fR (string) +.RS 4 +如果定义了,所有的 su 活动都会记录到此文件。 +.RE +.PP +\fBSU_NAME\fR (string) +.RS 4 +如果定义了,就是运行\(lqsu \-\(rq时显示的命令名称。例如,如果定义为\(lqsu\(rq,那么\(lqps\(rq会显示此命令为\(lq\-su\(rq。如果没有定义,\(lqps\(rq将会显示实际执行的 shell,例如类似于\(lq\-sh\(rq。 +.RE +.PP +\fBSU_WHEEL_ONLY\fR (boolean) +.RS 4 +If +\fIyes\fR, the user must be listed as a member of the first gid 0 group in +/etc/group +(called +\fIroot\fR +on most Linux systems) to be able to +\fBsu\fR +to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to +\fBsu\fR +to uid 0\&. +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.PP +\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of system users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_UID_MIN\fR +(resp\&. +\fBSYS_UID_MAX\fR) is 101 (resp\&. +\fBUID_MIN\fR\-1)\&. +.RE +.PP +\fBSYSLOG_SG_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsg\fR +activity\&. +.RE +.PP +\fBSYSLOG_SU_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsu\fR +activity \- in addition to sulog file logging\&. +.RE +.PP +\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) +.RS 4 +The terminal permissions: the login tty will be owned by the +\fBTTYGROUP\fR +group, and the permissions will be set to +\fBTTYPERM\fR\&. +.sp +By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to +\fI0600\fR\&. +.sp +\fBTTYGROUP\fR +can be either the name of a group or a numeric group identifier\&. +.sp +If you have a +\fBwrite\fR +program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. +.RE +.PP +\fBTTYTYPE_FILE\fR (string) +.RS 4 +If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. +.RE +.PP +\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of regular users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBUID_MIN\fR +(resp\&. +\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBULIMIT\fR (number) +.RS 4 +Default +\fBulimit\fR +value\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.PP +\fBUSERDEL_CMD\fR (string) +.RS 4 +如果定义了,这是删除账户时执行的命令。它应该移除所有属于此用户的的 at/cron/print 等作业(作为第一个参数传递)。 +.sp +这个脚本的返回值并不被带到账户中去。 +.sp +Here is an example script, which removes the user\*(Aqs cron, at and print jobs: +.sp +.if n \{\ +.RS 4 +.\} +.nf +#! /bin/sh + +# Check for the required argument\&. +if [ $# != 1 ]; then + echo "Usage: $0 username" + exit 1 +fi + +# Remove cron jobs\&. +crontab \-r \-u $1 + +# Remove at jobs\&. +# Note that it will remove any jobs owned by the same UID, +# even if it was shared by a different username\&. +AT_SPOOL_DIR=/var/spool/cron/atjobs +find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; + +# Remove print jobs\&. +lprm $1 + +# All done\&. +exit 0 + +.fi +.if n \{\ +.RE +.\} +.sp +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "交叉引用" +.PP +如下交叉引用显示影子密码套件哪个程序使用哪个参数。 +.PP +chfn +.RS 4 +CHFN_AUTH +CHFN_RESTRICT +LOGIN_STRING +.RE +.PP +chgpasswd +.RS 4 +ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB +SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS +.RE +.PP +chpasswd +.RS 4 +ENCRYPT_METHOD MD5_CRYPT_ENAB +SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS +.RE +.PP +chsh +.RS 4 +CHSH_AUTH LOGIN_STRING +.RE +.PP +gpasswd +.RS 4 +ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB +SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS +.RE +.PP +groupadd +.RS 4 +GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP SYS_GID_MAX SYS_GID_MIN +.RE +.PP +groupdel +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +groupmems +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +groupmod +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +grpck +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +grpconv +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +grpunconv +.RS 4 +MAX_MEMBERS_PER_GROUP +.RE +.PP +lastlog +.RS 4 +LASTLOG_UID_MAX +.RE +.PP +login +.RS 4 +CONSOLE +CONSOLE_GROUPS DEFAULT_HOME +ENV_HZ ENV_PATH ENV_SUPATH ENV_TZ ENVIRON_FILE +ERASECHAR FAIL_DELAY +FAILLOG_ENAB +FAKE_SHELL +FTMP_FILE +HUSHLOGIN_FILE +ISSUE_FILE +KILLCHAR +LASTLOG_ENAB LASTLOG_UID_MAX +LOGIN_RETRIES +LOGIN_STRING +LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB +MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB QUOTAS_ENAB +TTYGROUP TTYPERM TTYTYPE_FILE +ULIMIT UMASK +USERGROUPS_ENAB +.RE +.PP +newgrp / sg +.RS 4 +SYSLOG_SG_ENAB +.RE +.PP +newusers +.RS 4 +ENCRYPT_METHOD GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB HOME_MODE PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE +SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS +SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK +.RE +.PP +passwd +.RS 4 +ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN +SHA_CRYPT_MAX_ROUNDS SHA_CRYPT_MIN_ROUNDS +.RE +.PP +pwck +.RS 4 +PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE +.RE +.PP +pwconv +.RS 4 +PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE +.RE +.PP +su +.RS 4 +CONSOLE +CONSOLE_GROUPS DEFAULT_HOME +ENV_HZ ENVIRON_FILE +ENV_PATH ENV_SUPATH +ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE QUOTAS_ENAB +SULOG_FILE SU_NAME +SU_WHEEL_ONLY +SYSLOG_SU_ENAB +USERGROUPS_ENAB +.RE +.PP +sulogin +.RS 4 +ENV_HZ +ENV_TZ +.RE +.PP +useradd +.RS 4 +CREATE_HOME GID_MAX GID_MIN HOME_MODE LASTLOG_UID_MAX MAIL_DIR MAX_MEMBERS_PER_GROUP PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN UMASK +.RE +.PP +userdel +.RS 4 +MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD USERGROUPS_ENAB +.RE +.PP +usermod +.RS 4 +LASTLOG_UID_MAX MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBpasswd\fR(1), +\fBsu\fR(1), +\fBpasswd\fR(5), +\fBshadow\fR(5), +\fBpam\fR(8)\&. diff --git a/man/zh_CN/man5/passwd.5 b/man/zh_CN/man5/passwd.5 new file mode 100644 index 0000000..6bd853b --- /dev/null +++ b/man/zh_CN/man5/passwd.5 @@ -0,0 +1,193 @@ +'\" t +.\" Title: passwd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PASSWD" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +passwd \- 密码文件 +.SH "描述" +.PP +/etc/passwd +contains one line for each user account, with seven fields delimited by colons (\(lq:\(rq)\&. These fields are: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +登录名 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +可选的加密后的密码 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +数字用户 ID +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +数字组 ID +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +用户名和注释字段 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +用户主目录 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +可选的用户命令解释器 +.RE +.PP +If the +\fIpassword\fR +field is a lower\-case +\(lqx\(rq, then the encrypted password is actually stored in the +\fBshadow\fR(5) +file instead; there +\fImust\fR +be a corresponding line in the +/etc/shadow +file, or else the user account is invalid\&. +.PP +The encrypted +\fIpassword\fR +field may be empty, in which case no password is required to authenticate as the specified login name\&. However, some applications which read the +/etc/passwd +file may decide not to permit +\fIany\fR +access at all if the +\fIpassword\fR +field is blank\&. +.PP +A +\fIpassword\fR +field which starts with an exclamation mark means that the password is locked\&. The remaining characters on the line represent the +\fIpassword\fR +field before the password was locked\&. +.PP +Refer to +\fBcrypt\fR(3) +for details on how this string is interpreted\&. +.PP +If the password field contains some string that is not a valid result of +\fBcrypt\fR(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)\&. +.PP +The comment field is used by various system utilities, such as +\fBfinger\fR(1)\&. +.PP +The home directory field provides the name of the initial working directory\&. The +\fBlogin\fR +program uses this information to set the value of the +\fB$HOME\fR +environmental variable\&. +.PP +The command interpreter field provides the name of the user\*(Aqs command language interpreter, or the name of the initial program to execute\&. The +\fBlogin\fR +program uses this information to set the value of the +\fB$SHELL\fR +environmental variable\&. If this field is empty, it defaults to the value +/bin/sh\&. +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +可选的加密后的密码文件 +.RE +.PP +/etc/passwd\- +.RS 4 +/etc/passwd 的备份文件。 +.sp +注意,此文件由 shadow 工具集使用,而不是所有的用户和密码管理工具都会使用。 +.RE +.SH "参见" +.PP +\fBcrypt\fR(3), +\fBgetent\fR(1), +\fBgetpwnam\fR(3), +\fBlogin\fR(1), +\fBpasswd\fR(1), +\fBpwck\fR(8), +\fBpwconv\fR(8), +\fBpwunconv\fR(8), +\fBshadow\fR(5), +\fBsu\fR(1), +\fBsulogin\fR(8)\&. diff --git a/man/zh_CN/man5/porttime.5 b/man/zh_CN/man5/porttime.5 new file mode 100644 index 0000000..3fcc951 --- /dev/null +++ b/man/zh_CN/man5/porttime.5 @@ -0,0 +1,96 @@ +'\" t +.\" Title: porttime +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PORTTIME" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +porttime \- 端口访问时间文件 +.SH "描述" +.PP +\fIporttime\fR +contains a list of tty devices, user names, and permitted login times\&. +.PP +每项包含三个由冒号分隔的字段。第一个字段是逗号分隔的 tty 设备列表,或者星号表示匹配所有终端。第二个字段是逗号分隔的用户名列表,或者星号表示匹配所有用户名。第三个字段是逗号分隔的访问许可时间。 +.PP +Each access time entry consists of zero or more days of the week, abbreviated +\fISu\fR, +\fIMo\fR, +\fITu\fR, +\fIWe\fR, +\fITh\fR, +\fIFr\fR, and +\fISa\fR, followed by a pair of times separated by a hyphen\&. The abbreviation +\fIWk\fR +may be used to represent Monday thru Friday, and +\fIAl\fR +may be used to indicate every day\&. If no days are given, +\fIAl\fR +is assumed\&. +.SH "示例" +.PP +The following entry allows access to user +\fBjfh\fR +on every port during weekdays from 9am to 5pm\&. +.PP +*:jfh:Wk0900\-1700 +.PP +The following entries allow access only to the users +\fIroot\fR +and +\fIoper\fR +on +/dev/console +at any time\&. This illustrates how the +/etc/porttime +file is an ordered list of access times\&. Any other user would match the second entry which does not permit access at any time\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf + console:root,oper:Al0000\-2400 + console:*: + +.fi +.if n \{\ +.RE +.\} +.PP +The following entry allows access for the user +\fIgames\fR +on any port during non\-working hours\&. +.PP +*:games:Wk1700\-0900,SaSu0000\-2400 +.SH "文件" +.PP +/etc/porttime +.RS 4 +包含了端口访问信息的文件。 +.RE +.SH "参见" +.PP +\fBlogin\fR(1)\&. diff --git a/man/zh_CN/man5/shadow.5 b/man/zh_CN/man5/shadow.5 new file mode 100644 index 0000000..4c9fe5c --- /dev/null +++ b/man/zh_CN/man5/shadow.5 @@ -0,0 +1,148 @@ +'\" t +.\" Title: shadow +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SHADOW" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +shadow \- 影子化了的密码文件 +.SH "描述" +.PP +shadow +is a file which contains the password information for the system\*(Aqs accounts and optional aging information\&. +.PP +如果没有维护好密码安全,此文件绝对不能让普通用户可读。 +.PP +Each line of this file contains 9 fields, separated by colons (\(lq:\(rq), in the following order: +.PP +\fB登录名\fR +.RS 4 +必须是有效的账户名,且已经存在于系统中。 +.RE +.PP +\fB加密了的密码\fR +.RS 4 +This field may be empty, in which case no passwords are required to authenticate as the specified login name\&. However, some applications which read the +/etc/shadow +file may decide not to permit any access at all if the password field is empty\&. +.sp +A password field which starts with an exclamation mark means that the password is locked\&. The remaining characters on the line represent the password field before the password was locked\&. +.sp +Refer to +\fBcrypt\fR(3) +for details on how this string is interpreted\&. +.sp +If the password field contains some string that is not a valid result of +\fBcrypt\fR(3), for instance ! or *, the user will not be able to use a unix password to log in (but the user may log in the system by other means)\&. +.RE +.PP +\fB最后一次更改密码的日期\fR +.RS 4 +最近一次更改密码的时间,表示从1970年1月1日开始的天数。 +.sp +The value 0 has a special meaning, which is that the user should change her password the next time she will log in the system\&. +.sp +空字段表示密码年龄功能被禁用。 +.RE +.PP +\fB密码的最小年龄\fR +.RS 4 +最小密码年龄是指,用户一次更改密码之后,要等多长时间才再次被允许更改密码。 +.sp +空字段或 0 表示没有最小密码年龄。 +.RE +.PP +\fB最大密码年龄\fR +.RS 4 +最大密码年龄是指,这写天之后,用户必须更改密码。 +.sp +这写天之后,密码仍然可用。用户将会在下次登录的时候被要求更改密码。 +.sp +空字段表示没有最大密码年龄,没有密码警告时间段,没有密码禁用时间段(请看下边)。 +.sp +如果最大密码年龄小于最小密码年龄,用户将会不能更改密码。 +.RE +.PP +\fB密码警告时间段\fR +.RS 4 +密码过期之前,提前警告用户的的天数(请参考上边的密码的最大年龄)。 +.sp +空字段或者 0 表示没有密码警告期。 +.RE +.PP +\fB密码禁用期\fR +.RS 4 +密码过期(查看上边的密码最大年龄)后,仍然接受此密码的天数(在此期间,用户应该在下次登录时修改密码)。 +.sp +密码到期并且过了这个宽限期之后,使用用户的当前的密码将会不能登录。用户需要联系系统管理员。 +.sp +空字段表示没有强制密码过期。 +.RE +.PP +\fB账户过期日期\fR +.RS 4 +账户过期的日期,表示从1970年1月1日开始的天数。 +.sp +Note that an account expiration differs from a password expiration\&. In case of an account expiration, the user shall not be allowed to login\&. In case of a password expiration, the user is not allowed to login using her password\&. +.sp +空字段表示账户永不过期。 +.sp +应该避免使用 0,因为它既能理解成永不过期也能理解成在1970年1月1日过期。 +.RE +.PP +\fB保留字段\fR +.RS 4 +此字段保留作将来使用。 +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/shadow\- +.RS 4 +/etc/shadow 的备份文件。 +.sp +注意,此文件由 shadow 工具集使用,而不是所有的用户和密码管理工具都会使用。 +.RE +.SH "参见" +.PP +\fBchage\fR(1), +\fBlogin\fR(1), +\fBpasswd\fR(1), +\fBpasswd\fR(5), +\fBpwck\fR(8), +\fBpwconv\fR(8), +\fBpwunconv\fR(8), +\fBsu\fR(1), +\fBsulogin\fR(8)\&. diff --git a/man/zh_CN/man5/suauth.5 b/man/zh_CN/man5/suauth.5 new file mode 100644 index 0000000..1a1de53 --- /dev/null +++ b/man/zh_CN/man5/suauth.5 @@ -0,0 +1,146 @@ +'\" t +.\" Title: suauth +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 文件格式和转化 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SUAUTH" "5" "2020-01-23" "shadow\-utils 4\&.8\&.1" "文件格式和转化" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +suauth \- 详细的 su 控制文件 +.SH "大纲" +.HP \w'\fB/etc/suauth\fR\ 'u +\fB/etc/suauth\fR +.SH "描述" +.PP +The file +/etc/suauth +is referenced whenever the su command is called\&. It can change the behaviour of the su command, based upon: +.sp +.if n \{\ +.RS 4 +.\} +.nf + 1) the user su is targeting + +.fi +.if n \{\ +.RE +.\} +.PP +2) 执行 su 命令的用户 (或者他可能属于的组) +.PP +文件格式为:以 # 开头的行视为注视,并被忽略; +.sp +.if n \{\ +.RS 4 +.\} +.nf + to\-id:from\-id:ACTION + +.fi +.if n \{\ +.RE +.\} +.PP +Where to\-id is either the word +\fIALL\fR, a list of usernames delimited by "," or the words +\fIALL EXCEPT\fR +followed by a list of usernames delimited by ","\&. +.PP +from\-id is formatted the same as to\-id except the extra word +\fIGROUP\fR +is recognized\&. +\fIALL EXCEPT GROUP\fR +is perfectly valid too\&. Following +\fIGROUP\fR +appears one or more group names, delimited by ","\&. It is not sufficient to have primary group id of the relevant group, an entry in +\fB/etc/group\fR(5) +is necessary\&. +.PP +动作只可以使用如下当前支持的选项。 +.PP +\fIDENY\fR +.RS 4 +su 的尝试在询问密码之前就被拒绝。 +.RE +.PP +\fINOPASS\fR +.RS 4 +su 尝试自动成功,而且不询问密码。 +.RE +.PP +\fIOWNPASS\fR +.RS 4 +为了成功执行 su,用户必须提供自己的密码。将会提示他们这样。 +.RE +.PP +注意,有三个用冒号分割的字段。冒号旁边不能有空格。也请注意,这个文件会被一行一行地依次检查,会使用第一个可用的规则,而不会继续检查文件。这可以让系统管理员使系统尽量符合其期望。 +.SH "示例" +.sp +.if n \{\ +.RS 4 +.\} +.nf + # sample /etc/suauth file + # + # A couple of privileged usernames may + # su to root with their own password\&. + # + root:chris,birddog:OWNPASS + # + # Anyone else may not su to root unless in + # group wheel\&. This is how BSD does things\&. + # + root:ALL EXCEPT GROUP wheel:DENY + # + # Perhaps terry and birddog are accounts + # owned by the same person\&. + # Access can be arranged between them + # with no password\&. + # + terry:birddog:NOPASS + birddog:terry:NOPASS + # + +.fi +.if n \{\ +.RE +.\} +.SH "文件" +.PP +/etc/suauth +.RS 4 +.RE +.SH "缺陷" +.PP +可能会有很多潜在问题。文件解析器尤其不能容忍语法错误,不能有无意义的空白符(除了行首和行尾),并且使用特定的标记分割不同的事情。 +.SH "DIAGNOSTICS" +.PP +An error parsing the file is reported using +\fBsyslogd\fR(8) +as level ERR on facility AUTH\&. +.SH "参见" +.PP +\fBsu\fR(1)\&. diff --git a/man/zh_CN/man8/chgpasswd.8 b/man/zh_CN/man8/chgpasswd.8 new file mode 100644 index 0000000..ff0204e --- /dev/null +++ b/man/zh_CN/man8/chgpasswd.8 @@ -0,0 +1,208 @@ +'\" t +.\" Title: chgpasswd +.\" Author: Thomas K\(/loczko <kloczek@pld.org.pl> +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHGPASSWD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chgpasswd \- 批量更新组密码 +.SH "大纲" +.HP \w'\fBchgpasswd\fR\ 'u +\fBchgpasswd\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBchgpasswd\fR +command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups\&. Each line is of the format: +.PP +\fIgroup_name\fR:\fIpassword\fR +.PP +By default the supplied password must be in clear\-text, and is encrypted by +\fBchgpasswd\fR\&. +.PP +The default encryption algorithm can be defined for the system with the +\fBENCRYPT_METHOD\fR +variable of +/etc/login\&.defs, and can be overwritten with the +\fB\-e\fR, +\fB\-m\fR, or +\fB\-c\fR +options\&. +.PP +此命令一般用于需要一次创建很多用户的大型系统。 +.SH "选项" +.PP +The options which apply to the +\fBchgpasswd\fR +command are: +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.RE +.PP +\fB\-e\fR, \fB\-\-encrypted\fR +.RS 4 +提供的密码是已经加密了的 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-m\fR, \fB\-\-md5\fR +.RS 4 +如果提供的密码没有加密,则使用 MD5 加密而不是 DES。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +记住要设置权限或者掩码来阻止其它用户对未加密文件的读取。 +.PP +您需要确保你吗和加密方法符合系统的密码策略。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBgpasswd\fR(1), +\fBgroupadd\fR(8), +\fBlogin.defs\fR(5)\&. diff --git a/man/zh_CN/man8/chpasswd.8 b/man/zh_CN/man8/chpasswd.8 new file mode 100644 index 0000000..b26ed56 --- /dev/null +++ b/man/zh_CN/man8/chpasswd.8 @@ -0,0 +1,212 @@ +'\" t +.\" Title: chpasswd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHPASSWD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chpasswd \- 批量更新密码 +.SH "大纲" +.HP \w'\fBchpasswd\fR\ 'u +\fBchpasswd\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBchpasswd\fR +command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users\&. Each line is of the format: +.PP +\fIuser_name\fR:\fIpassword\fR +.PP +By default the passwords must be supplied in clear\-text, and are encrypted by +\fBchpasswd\fR\&. Also the password age will be updated, if present\&. +.PP +The default encryption algorithm can be defined for the system with the +\fBENCRYPT_METHOD\fR +or +\fBMD5_CRYPT_ENAB\fR +variables of +/etc/login\&.defs, and can be overwritten with the +\fB\-e\fR, +\fB\-m\fR, or +\fB\-c\fR +options\&. +.PP +\fBchpasswd\fR +first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user\&. +.PP +此命令一般用于需要一次创建很多用户的大型系统。 +.SH "选项" +.PP +The options which apply to the +\fBchpasswd\fR +command are: +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHOD\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.sp +By default (if none of the +\fB\-c\fR, +\fB\-m\fR, or +\fB\-e\fR +options are specified), the encryption method is defined by the +\fBENCRYPT_METHOD\fR +or +\fBMD5_CRYPT_ENAB\fR +variables of +/etc/login\&.defs\&. +.RE +.PP +\fB\-e\fR, \fB\-\-encrypted\fR +.RS 4 +提供的密码是已经加密了的 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-m\fR, \fB\-\-md5\fR +.RS 4 +如果提供的密码没有加密,则使用 MD5 加密而不是 DES。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the +\fBSHA_CRYPT_MIN_ROUNDS\fR +and +\fBSHA_CRYPT_MAX_ROUNDS\fR +variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +记住要设置权限或者掩码来阻止其它用户对未加密文件的读取。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBpasswd\fR(1), +\fBnewusers\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/faillog.8 b/man/zh_CN/man8/faillog.8 new file mode 100644 index 0000000..50b154b --- /dev/null +++ b/man/zh_CN/man8/faillog.8 @@ -0,0 +1,165 @@ +'\" t +.\" Title: faillog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "FAILLOG" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +faillog \- 显示登录失败记录或设置登录失败限制 +.SH "大纲" +.HP \w'\fBfaillog\fR\ 'u +\fBfaillog\fR [\fI选项\fR] +.SH "描述" +.PP +\fBfaillog\fR +displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When +\fBfaillog\fR +is run without arguments, it only displays the faillog records of the users who had a login failure\&. +.SH "选项" +.PP +The options which apply to the +\fBfaillog\fR +command are: +.PP +\fB\-a\fR, \fB\-\-all\fR +.RS 4 +Display (or act on) faillog records for all users having an entry in the +faillog +database\&. +.sp +The range of users can be restricted with the +\fB\-u\fR +option\&. +.sp +In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. +.sp +With the +\fB\-l\fR, +\fB\-m\fR, +\fB\-r\fR, +\fB\-t\fR +options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR +.RS 4 +Lock account for +\fISEC\fR +seconds after failed login\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR +.RS 4 +Set the maximum number of login failures after the account is disabled to +\fIMAX\fR\&. +.sp +Selecting a +\fIMAX\fR +value of 0 has the effect of not placing a limit on the number of failed logins\&. +.sp +The maximum failure count should always be 0 for +\fIroot\fR +to prevent a denial of services attack against the system\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-r\fR, \fB\-\-reset\fR +.RS 4 +重置登录失败计数。 +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR +.RS 4 +Display faillog records more recent than +\fIDAYS\fR\&. +.RE +.PP +\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR +.RS 4 +Display faillog record or maintains failure counters and limits (if used with +\fB\-l\fR, +\fB\-m\fR +or +\fB\-r\fR +options) only for the specified user(s)\&. +.sp +The users can be specified by a login name, a numerical user ID, or a +\fIRANGE\fR +of users\&. This +\fIRANGE\fR +of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. +.RE +.PP +When none of the +\fB\-l\fR, +\fB\-m\fR, or +\fB\-r\fR +options are used, +\fBfaillog\fR +displays the faillog record of the specified user(s)\&. +.SH "CAVEATS" +.PP +\fBfaillog\fR +only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the +\fB\-u\fR +flag, or print out all users with the +\fB\-a\fR +flag\&. +.SH "文件" +.PP +/var/log/faillog +.RS 4 +Failure logging file\&. +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBfaillog\fR(5)\&. diff --git a/man/zh_CN/man8/groupadd.8 b/man/zh_CN/man8/groupadd.8 new file mode 100644 index 0000000..f150550 --- /dev/null +++ b/man/zh_CN/man8/groupadd.8 @@ -0,0 +1,257 @@ +'\" t +.\" Title: groupadd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPADD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupadd \- 创建一个新组 +.SH "大纲" +.HP \w'\fBgroupadd\fR\ 'u +\fBgroupadd\fR [\fI选项\fR] \fIgroup\fR +.SH "描述" +.PP +The +\fBgroupadd\fR +command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupadd\fR +command are: +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +This option causes the command to simply exit with success status if the specified group already exists\&. When used with +\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. +\fB\-g\fR +is turned off)\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR +.RS 4 +The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to +\fBGID_MIN\fR +and greater than every other group\&. +.sp +See also the +\fB\-r\fR +option and the +\fBGID_MAX\fR +description\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR +.RS 4 +Overrides +/etc/login\&.defs +defaults (GID_MIN, GID_MAX and others)\&. Multiple +\fB\-K\fR +options can be specified\&. +.sp +Example: +\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& +\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR +.sp +Note: +\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR +doesn\*(Aqt work yet\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +此选项允许添加一个使用非唯一 GID 的组。 +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. The default is to disable the password\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统组。 +.sp +The numeric identifiers of new system groups are chosen in the +\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR +range, defined in +login\&.defs, instead of +\fBGID_MIN\fR\-\fBGID_MAX\fR\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "CAVEATS" +.PP +组名必须以小写字母或者下划线开头,跟随小写字母、下划线或短横线。可以由美元符号结束。用正则表达式就是:[a\-z_][a\-z0\-9_\-]*[$]? +.PP +Groupnames may only be up to 16 characters long\&. +.PP +You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. +.PP +If the groupname already exists in an external group database such as NIS or LDAP, +\fBgroupadd\fR +will deny the group creation request\&. +.SH "退出值" +.PP +The +\fBgroupadd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +GID not unique (when +\fB\-o\fR +not used) +.RE +.PP +\fI9\fR +.RS 4 +group name not unique +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupdel.8 b/man/zh_CN/man8/groupdel.8 new file mode 100644 index 0000000..dd5804d --- /dev/null +++ b/man/zh_CN/man8/groupdel.8 @@ -0,0 +1,145 @@ +'\" t +.\" Title: groupdel +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPDEL" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupdel \- 删除一个组 +.SH "大纲" +.HP \w'\fBgroupdel\fR\ 'u +\fBgroupdel\fR [\fI选项\fR] \fIGROUP\fR +.SH "描述" +.PP +The +\fBgroupdel\fR +command modifies the system account files, deleting all entries that refer to +\fIGROUP\fR\&. The named group must exist\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupdel\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "CAVEATS" +.PP +您不能移除现有用户的主组。在移除此组之前,必须先移除此用户。 +.PP +您需要手动检查所有文件系统,以确保没有遗留的属于此组的文件。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgroupdel\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI6\fR +.RS 4 +specified group doesn\*(Aqt exist +.RE +.PP +\fI8\fR +.RS 4 +can\*(Aqt remove user\*(Aqs primary group +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupmod\fR(8), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmems.8 b/man/zh_CN/man8/groupmems.8 new file mode 100644 index 0000000..fdfe2c3 --- /dev/null +++ b/man/zh_CN/man8/groupmems.8 @@ -0,0 +1,180 @@ +'\" t +.\" Title: groupmems +.\" Author: George Kraft, IV +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPMEMS" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupmems \- 用户主组的管理员成员 +.SH "大纲" +.HP \w'\fBgroupmems\fR\ 'u +\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p +.SH "描述" +.PP +The +\fBgroupmems\fR +command allows a user to administer their own group membership list without the requirement of superuser privileges\&. The +\fBgroupmems\fR +utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. +.PP +Only the superuser, as administrator, can use +\fBgroupmems\fR +to alter the memberships of other groups\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupmems\fR +command are: +.PP +\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR +.RS 4 +Add a user to the group membership list\&. +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR +.RS 4 +从组成员列表中删除用户。 +.sp +If the +/etc/gshadow +file exist, the user will be removed from the list of members and administrators of the group\&. +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR +.RS 4 +超级用户可以指定修改哪个组的组成员列表。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-l\fR, \fB\-\-list\fR +.RS 4 +列出组成员。 +.RE +.PP +\fB\-p\fR, \fB\-\-purge\fR +.RS 4 +从组成员列表中删除所有用户。 +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.SH "SETUP" +.PP +The +\fBgroupmems\fR +executable should be in mode +2710 +as user +\fIroot\fR +and in group +\fIgroups\fR\&. The system administrator can add users to group +\fIgroups\fR +to allow or disallow them using the +\fBgroupmems\fR +utility to manage their own group membership list\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf + $ groupadd \-r groups + $ chmod 2710 groupmems + $ chown root\&.groups groupmems + $ groupmems \-g groups \-a gk4 + +.fi +.if n \{\ +.RE +.\} +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息 +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmod.8 b/man/zh_CN/man8/groupmod.8 new file mode 100644 index 0000000..9701a5e --- /dev/null +++ b/man/zh_CN/man8/groupmod.8 @@ -0,0 +1,233 @@ +'\" t +.\" Title: groupmod +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPMOD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupmod \- modify a group definition on the system +.SH "大纲" +.HP \w'\fBgroupmod\fR\ 'u +\fBgroupmod\fR [\fI选项\fR] \fIGROUP\fR +.SH "描述" +.PP +The +\fBgroupmod\fR +command modifies the definition of the specified +\fIGROUP\fR +by modifying the appropriate entry in the group database\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupmod\fR +command are: +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR +.RS 4 +The group ID of the given +\fIGROUP\fR +will be changed to +\fIGID\fR\&. +.sp +The value of +\fIGID\fR +must be a non\-negative decimal integer\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. +.sp +Users who use the group as primary group will be updated to keep the group as their primary group\&. +.sp +Any files that have the old group ID and must continue to belong to +\fIGROUP\fR, must have their group ID changed manually\&. +.sp +No checks will be performed with regard to the +\fBGID_MIN\fR, +\fBGID_MAX\fR, +\fBSYS_GID_MIN\fR, or +\fBSYS_GID_MAX\fR +from +/etc/login\&.defs\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEW_GROUP\fR +.RS 4 +The name of the group will be changed from +\fIGROUP\fR +to +\fINEW_GROUP\fR +name\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +When used with the +\fB\-g\fR +option, allow to change the group +\fIGID\fR +to a non\-unique value\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgroupmod\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +E_SUCCESS: success +.RE +.PP +\fI2\fR +.RS 4 +E_USAGE: invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +E_BAD_ARG: invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +E_GID_IN_USE: specified group doesn\*(Aqt exist +.RE +.PP +\fI6\fR +.RS 4 +E_NOTFOUND: specified group doesn\*(Aqt exist +.RE +.PP +\fI9\fR +.RS 4 +E_NAME_IN_USE: group name already in use +.RE +.PP +\fI10\fR +.RS 4 +E_GRP_UPDATE: can\*(Aqt update group file +.RE +.PP +\fI11\fR +.RS 4 +E_CLEANUP_SERVICE: can\*(Aqt setup cleanup service +.RE +.PP +\fI12\fR +.RS 4 +E_PAM_USERNAME: can\*(Aqt determine your username for use with pam +.RE +.PP +\fI13\fR +.RS 4 +E_PAM_ERROR: pam returned an error, see syslog facility id groupmod for the PAM error message +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/grpck.8 b/man/zh_CN/man8/grpck.8 new file mode 100644 index 0000000..eb8f146 --- /dev/null +++ b/man/zh_CN/man8/grpck.8 @@ -0,0 +1,247 @@ +'\" t +.\" Title: grpck +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GRPCK" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +grpck \- 检查组文件的完整性 +.SH "大纲" +.HP \w'\fBgrpck\fR\ 'u +\fBgrpck\fR [选项] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] +.SH "描述" +.PP +The +\fBgrpck\fR +command verifies the integrity of the groups information\&. It checks that all entries in +/etc/group +and /etc/gshadow +have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. +.PP +检查的项目有: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +正确的字段数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个唯一且有效的组名 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a valid group identifier +(/etc/group only) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a valid list of members +and administrators +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a corresponding entry in the +/etc/gshadow +file (respectively +/etc/group +for the +gshadow +checks) +.RE +.PP +The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the +\fBgroupmod\fR +command to correct the error\&. +.PP +The commands which operate on the +/etc/group +and /etc/gshadow files +are not able to alter corrupted or duplicated entries\&. +\fBgrpck\fR +should be used in those circumstances to remove the offending entries\&. +.SH "选项" +.PP +The +\fB\-r\fR +and +\fB\-s\fR +options cannot be combined\&. +.PP +The options which apply to the +\fBgrpck\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-read\-only\fR +.RS 4 +Execute the +\fBgrpck\fR +command in read\-only mode\&. This causes all questions regarding changes to be answered +\fIno\fR +without user intervention\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sort\fR +.RS 4 +Sort entries in +/etc/group +and /etc/gshadow +by GID\&. +.RE +.PP +By default, +\fBgrpck\fR +operates on +/etc/group +and /etc/gshadow\&. The user may select alternate files with the +\fIgroup\fR +and \fIshadow\fR parameters\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgrpck\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI2\fR +.RS 4 +one or more bad group entries +.RE +.PP +\fI3\fR +.RS 4 +can\*(Aqt open group files +.RE +.PP +\fI4\fR +.RS 4 +can\*(Aqt lock group files +.RE +.PP +\fI5\fR +.RS 4 +can\*(Aqt update group files +.RE +.SH "参见" +.PP +\fBgroup\fR(5), +\fBgroupmod\fR(8), +\fBgshadow\fR(5), +\fBpasswd\fR(5), +\fBpwck\fR(8), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man8/grpconv.8 b/man/zh_CN/man8/grpconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/grpconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/grpunconv.8 b/man/zh_CN/man8/grpunconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/grpunconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/lastlog.8 b/man/zh_CN/man8/lastlog.8 new file mode 100644 index 0000000..52dcc9c --- /dev/null +++ b/man/zh_CN/man8/lastlog.8 @@ -0,0 +1,137 @@ +'\" t +.\" Title: lastlog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LASTLOG" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +lastlog \- 报告所有用户的最近登录情况,或者指定用户的最近登录情况 +.SH "大纲" +.HP \w'\fBlastlog\fR\ 'u +\fBlastlog\fR [\fI选项\fR] +.SH "描述" +.PP +\fBlastlog\fR +formats and prints the contents of the last login log +/var/log/lastlog +file\&. The +\fIlogin\-name\fR, +\fIport\fR, and +\fIlast login time\fR +will be printed\&. The default (no flags) causes lastlog entries to be printed, sorted by their order in +/etc/passwd\&. +.SH "选项" +.PP +The options which apply to the +\fBlastlog\fR +command are: +.PP +\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAYS\fR +.RS 4 +Print only lastlog records older than +\fIDAYS\fR\&. +.RE +.PP +\fB\-C\fR, \fB\-\-clear\fR +.RS 4 +Clear lastlog record of a user\&. This option can be used only together with +\fB\-u\fR +(\fB\-\-user\fR))\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-S\fR, \fB\-\-set\fR +.RS 4 +Set lastlog record of a user to the current time\&. This option can be used only together with +\fB\-u\fR +(\fB\-\-user\fR))\&. +.RE +.PP +\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR +.RS 4 +Print the lastlog records more recent than +\fIDAYS\fR\&. +.RE +.PP +\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR +.RS 4 +现实指定用户的最近登录记录。 +.sp +The users can be specified by a login name, a numerical user ID, or a +\fIRANGE\fR +of users\&. This +\fIRANGE\fR +of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. +.RE +.PP +If the user has never logged in the message +\fI** Never logged in**\fR +will be displayed instead of the port and time\&. +.PP +Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. +.SH "注意" +.PP +The +lastlog +file is a database which contains info on the last login of each user\&. You should not rotate it\&. It is a sparse file, so its size on the disk is usually much smaller than the one shown by "\fBls \-l\fR" (which can indicate a really big file if you have in +passwd +users with a high UID)\&. You can display its real size with "\fBls \-s\fR"\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.SH "文件" +.PP +/var/log/lastlog +.RS 4 +Database times of previous user logins\&. +.RE +.SH "CAVEATS" +.PP +Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i\&.e\&. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171\-799)\&. diff --git a/man/zh_CN/man8/logoutd.8 b/man/zh_CN/man8/logoutd.8 new file mode 100644 index 0000000..d9c36e7 --- /dev/null +++ b/man/zh_CN/man8/logoutd.8 @@ -0,0 +1,57 @@ +'\" t +.\" Title: logoutd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGOUTD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +logoutd \- 强制登录时间限制 +.SH "大纲" +.HP \w'\fBlogoutd\fR\ 'u +\fBlogoutd\fR +.SH "描述" +.PP +\fBlogoutd\fR +enforces the login time and port restrictions specified in +/etc/porttime\&. +\fBlogoutd\fR +should be started from +/etc/rc\&. The +/var/run/utmp +file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in +/etc/porttime +is terminated\&. +.SH "文件" +.PP +/etc/porttime +.RS 4 +包含了端口访问信息的文件。 +.RE +.PP +/var/run/utmp +.RS 4 +当前登录会话的列表。 +.RE diff --git a/man/zh_CN/man8/newusers.8 b/man/zh_CN/man8/newusers.8 new file mode 100644 index 0000000..190defa --- /dev/null +++ b/man/zh_CN/man8/newusers.8 @@ -0,0 +1,449 @@ +'\" t +.\" Title: newusers +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NEWUSERS" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +newusers \- 批量更新和创建新用户 +.SH "大纲" +.HP \w'\fBnewusers\fR\ 'u +\fBnewusers\fR [\fI选项\fR] [\fI文件\fR] +.SH "描述" +.PP +The +\fBnewusers\fR +command reads a +\fIfile\fR +(or the standard input by default) and uses this information to update a set of existing users or to create new users\&. Each line is in the same format as the standard password file (see +\fBpasswd\fR(5)) with the exceptions explained below: +.PP +pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell +.PP +\fIpw_name\fR +.RS 4 +这是用户的用户名。 +.sp +It can be the name of a new user or the name of an existing user (or a user created before by +\fBnewusers\fR)\&. In case of an existing user, the user\*(Aqs information will be changed, otherwise a new user will be created\&. +.RE +.PP +\fIpw_passwd\fR +.RS 4 +此字段将被加密然后用于加密后密码的新值。 +.RE +.PP +\fIpw_uid\fR +.RS 4 +此字段用于定义用户的 UID。 +.sp +If the field is empty, a new (unused) UID will be defined automatically by +\fBnewusers\fR\&. +.sp +如果此字段包含一个数字,此数字会用于 UID。 +.sp +If this field contains the name of an existing user (or the name of a user created before by +\fBnewusers\fR), the UID of the specified user will be used\&. +.sp +如果一个现有用户更改了 UID,此用户的文件所有权需要手动修复。 +.RE +.PP +\fIpw_gid\fR +.RS 4 +此字段用于定义用户的主组 ID。 +.sp +If this field contains the name of an existing group (or a group created before by +\fBnewusers\fR), the GID of this group will be used as the primary group ID for the user\&. +.sp +如果此字段是一个数字,此数字会被用作此用户的主组 ID。如果没有对应此 GID 的现有组,将会使用此 GID 创建一个新组,名称和用户名相同。 +.sp +If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by +\fBnewusers\fR +to be used as the primary group ID for the user and as the GID for the new group\&. +.sp +If this field contains the name of a group which does not exist (and was not created before by +\fBnewusers\fR), a new group will be created with the specified name and a GID will be automatically defined by +\fBnewusers\fR +to be used as the primary group ID for the user and GID for the new group\&. +.RE +.PP +\fIpw_gecos\fR +.RS 4 +此字段复制到用户的 GECOS 字段。 +.RE +.PP +\fIpw_dir\fR +.RS 4 +此字段用于定义用户的主目录。 +.sp +如果此字段指定的不是现有的目录,将会创建指定的目录,所有权设置为创建或更新的用户及其主组。 +.sp +If the home directory of an existing user is changed, +\fBnewusers\fR +does not move or copy the content of the old directory to the new location\&. This should be done manually\&. +.RE +.PP +\fIpw_shell\fR +.RS 4 +此字段定义了用户的 shell。对此字段不进行任何检查。 +.RE +.PP +\fBnewusers\fR +first tries to create or change all the specified users, and then write these changes to the user or group databases\&. If an error occurs (except in the final writes to the databases), no changes are committed to the databases\&. +.PP +此命令一般用于在大型的应用环境中,对大量账户进行一次性更新。 +.SH "选项" +.PP +The options which apply to the +\fBnewusers\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统账户。 +.sp +System users will be created with no aging information in +/etc/shadow, and their numeric identifiers are chosen in the +\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR +range, defined in +login\&.defs, instead of +\fBUID_MIN\fR\-\fBUID_MAX\fR +(and their +\fBGID\fR +counterparts for the creation of groups)\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +输入文件必须受到保护,因为它包含未加密的密码。 +.PP +您需要确保你吗和加密方法符合系统的密码策略。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBHOME_MODE\fR (number) +.RS 4 +The mode for new home directories\&. If not specified, the +\fBUMASK\fR +is used to create the mode\&. +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this to set the mode of the home directory they create\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.PP +\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of system users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_UID_MIN\fR +(resp\&. +\fBSYS_UID_MAX\fR) is 101 (resp\&. +\fBUID_MIN\fR\-1)\&. +.RE +.PP +\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of regular users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBUID_MIN\fR +(resp\&. +\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "参见" +.PP +\fBlogin.defs\fR(5), +\fBpasswd\fR(1), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/nologin.8 b/man/zh_CN/man8/nologin.8 new file mode 100644 index 0000000..d07348f --- /dev/null +++ b/man/zh_CN/man8/nologin.8 @@ -0,0 +1,55 @@ +'\" t +.\" Title: nologin +.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NOLOGIN" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +nologin \- 礼貌地拒绝登录 +.SH "大纲" +.HP \w'\fBnologin\fR\ 'u +\fBnologin\fR +.SH "描述" +.PP +The +\fBnologin\fR +command displays a message that an account is not available and exits non\-zero\&. It is intended as a replacement shell field for accounts that have been disabled\&. +.PP +To disable all logins, investigate +\fBnologin\fR(5)\&. +.PP +If +\fBSSH_ORIGINAL_COMMAND\fR +is populated it will be logged\&. +.SH "参见" +.PP +\fBlogin\fR(1), +\fBnologin\fR(5)\&. +.SH "历史" +.PP +The +\fBnologin\fR +command appeared in BSD 4\&.4\&. diff --git a/man/zh_CN/man8/pwck.8 b/man/zh_CN/man8/pwck.8 new file mode 100644 index 0000000..8544184 --- /dev/null +++ b/man/zh_CN/man8/pwck.8 @@ -0,0 +1,328 @@ +'\" t +.\" Title: pwck +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PWCK" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +pwck \- 检查密码文件的完整性 +.SH "大纲" +.HP \w'\fBpwck\fR\ 'u +\fBpwck\fR [选项] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] +.SH "描述" +.PP +The +\fBpwck\fR +command verifies the integrity of the users and authentication information\&. It checks that all entries in +/etc/passwd +and +/etc/shadow +have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. +.PP +检查的项目有: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +正确的字段数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个唯一且有效的用户名 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个有效的用户和组标识符 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的主组 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的主目录 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的登录 shell +.RE +.PP +shadow +checks are enabled when a second file parameter is specified or when +/etc/shadow +exists on the system\&. +.PP +这些检查是: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +每个密码项都有对应的影子相,反之亦然。 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +密码在影子化了的文件中指定 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +影子项有正确的字段数。 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +影子项在影子文件中是唯一的 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +最后一次的密码更改时间不是被设成了一个将来的时间。 +.RE +.PP +The checks for correct number of fields and unique user name are fatal\&. If the entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warning and the user is encouraged to run the +\fBusermod\fR +command to correct the error\&. +.PP +The commands which operate on the +/etc/passwd +file are not able to alter corrupted or duplicated entries\&. +\fBpwck\fR +should be used in those circumstances to remove the offending entry\&. +.SH "选项" +.PP +The +\fB\-r\fR +and +\fB\-s\fR +options cannot be combined\&. +.PP +The options which apply to the +\fBpwck\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +只报告错误。不显示那些不需要用户操作的警告。 +.RE +.PP +\fB\-r\fR, \fB\-\-read\-only\fR +.RS 4 +Execute the +\fBpwck\fR +command in read\-only mode\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sort\fR +.RS 4 +Sort entries in +/etc/passwd +and +/etc/shadow +by UID\&. +.RE +.PP +By default, +\fBpwck\fR +operates on the files +/etc/passwd +and +/etc/shadow\&. The user may select alternate files with the +\fIpasswd\fR +and +\fIshadow\fR +parameters\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBpwck\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI2\fR +.RS 4 +one or more bad password entries +.RE +.PP +\fI3\fR +.RS 4 +can\*(Aqt open password files +.RE +.PP +\fI4\fR +.RS 4 +can\*(Aqt lock password files +.RE +.PP +\fI5\fR +.RS 4 +can\*(Aqt update password files +.RE +.PP +\fI6\fR +.RS 4 +can\*(Aqt sort password files +.RE +.SH "参见" +.PP +\fBgroup\fR(5), +\fBgrpck\fR(8), +\fBpasswd\fR(5), +\fBshadow\fR(5), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/pwconv.8 b/man/zh_CN/man8/pwconv.8 new file mode 100644 index 0000000..0b6f41e --- /dev/null +++ b/man/zh_CN/man8/pwconv.8 @@ -0,0 +1,193 @@ +'\" t +.\" Title: pwconv +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PWCONV" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +pwconv, pwunconv, grpconv, grpunconv \- 在影子密码和组以及其它直接转换 +.SH "大纲" +.HP \w'\fBpwconv\fR\ 'u +\fBpwconv\fR [\fI选项\fR] +.HP \w'\fBpwunconv\fR\ 'u +\fBpwunconv\fR [\fI选项\fR] +.HP \w'\fBgrpconv\fR\ 'u +\fBgrpconv\fR [\fI选项\fR] +.HP \w'\fBgrpunconv\fR\ 'u +\fBgrpunconv\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBpwconv\fR +command creates +\fIshadow\fR +from +\fIpasswd\fR +and an optionally existing +\fIshadow\fR\&. +.PP +The +\fBpwunconv\fR +command creates +\fIpasswd\fR +from +\fIpasswd\fR +and +\fIshadow\fR +and then removes +\fIshadow\fR\&. +.PP +The +\fBgrpconv\fR +command creates +\fIgshadow\fR +from +\fIgroup\fR +and an optionally existing +\fIgshadow\fR\&. +.PP +The +\fBgrpunconv\fR +command creates +\fIgroup\fR +from +\fIgroup\fR +and +\fIgshadow\fR +and then removes +\fIgshadow\fR\&. +.PP +These four programs all operate on the normal and shadow password and group files: +/etc/passwd, +/etc/group, +/etc/shadow, and +/etc/gshadow\&. +.PP +Each program acquires the necessary locks before conversion\&. +\fBpwconv\fR +and +\fBgrpconv\fR +are similar\&. First, entries in the shadowed file which don\*(Aqt exist in the main file are removed\&. Then, shadowed entries which don\*(Aqt have `x\*(Aq as the password in the main file are updated\&. Any missing shadowed entries are added\&. Finally, passwords in the main file are replaced with `x\*(Aq\&. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand\&. +.PP +\fBpwconv\fR +will use the values of +\fIPASS_MIN_DAYS\fR, +\fIPASS_MAX_DAYS\fR, and +\fIPASS_WARN_AGE\fR +from +/etc/login\&.defs +when adding new entries to +/etc/shadow\&. +.PP +Likewise +\fBpwunconv\fR +and +\fBgrpunconv\fR +are similar\&. Passwords in the main file are updated from the shadowed file\&. Entries which exist in the main file but not in the shadowed file are left alone\&. Finally, the shadowed file is removed\&. Some password aging information is lost by +\fBpwunconv\fR\&. It will convert what it can\&. +.SH "选项" +.PP +The options which apply to the +\fBpwconv\fR, +\fBpwunconv\fR, +\fBgrpconv\fR, and +\fBgrpunconv\fR +commands are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.SH "缺陷" +.PP +Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways\&. Please run +\fBpwck\fR +and +\fBgrpck\fR +to correct any such errors before converting to or from shadow passwords or groups\&. +.SH "配置文件" +.PP +The following configuration variable in +/etc/login\&.defs +changes the behavior of +\fBgrpconv\fR +and +\fBgrpunconv\fR: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of +\fBpwconv\fR: +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.SH "文件" +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBgrpck\fR(8), +\fBlogin.defs\fR(5), +\fBpwck\fR(8)\&. diff --git a/man/zh_CN/man8/pwunconv.8 b/man/zh_CN/man8/pwunconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/pwunconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/sulogin.8 b/man/zh_CN/man8/sulogin.8 new file mode 100644 index 0000000..a8acbf7 --- /dev/null +++ b/man/zh_CN/man8/sulogin.8 @@ -0,0 +1,116 @@ +'\" t +.\" Title: sulogin +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SULOGIN" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +sulogin \- Single\-user login +.SH "SYNTAX" +.PP +\fBsulogin\fR +[\fItty\-device\fR] +.SH "描述" +.PP +The +\fBsulogin\fR +command is invoked by +\fBinit\fR +prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where +\fBinit\fR +has been modified accordingly, or where the +/etc/inittab +has an entry for a single user login\&. +.PP +The user is prompted +.PP +Type control\-d to proceed with normal startup, +(or give root password for system maintenance): +.PP +Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. +.PP +If the user enters the correct root password, a login session is initiated\&. When +\fIEOF\fR +is pressed instead, the system enters multi\-user mode\&. +.PP +After the user exits the single\-user shell, or presses +\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. +.SH "CAVEATS" +.PP +This command can only be used if +\fBinit\fR +has been modified to call +\fBsulogin\fR +instead of +/bin/sh, or if the user has set the +\fIinittab\fR +to support a single user login\&. For example, the line: +.PP +co:s:respawn:/etc/sulogin /dev/console +.PP +should execute the sulogin command in single user mode\&. +.PP +As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBsh\fR(1), +\fBinit\fR(8)\&. diff --git a/man/zh_CN/man8/useradd.8 b/man/zh_CN/man8/useradd.8 new file mode 100644 index 0000000..ea0f7b1 --- /dev/null +++ b/man/zh_CN/man8/useradd.8 @@ -0,0 +1,784 @@ +'\" t +.\" Title: useradd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERADD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +useradd \- 创建一个新用户或更新默认新用户信息 +.SH "大纲" +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR [\fI选项\fR] \fI登录\fR +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR \-D +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR \-D [\fI选项\fR] +.SH "描述" +.PP +When invoked without the +\fB\-D\fR +option, the +\fBuseradd\fR +command creates a new user account using the values specified on the command line plus the default values from the system\&. Depending on command line options, the +\fBuseradd\fR +command will update system files and may also create the new user\*(Aqs home directory and copy initial files\&. +.PP +By default, a group will also be created for the new user (see +\fB\-g\fR, +\fB\-N\fR, +\fB\-U\fR, and +\fBUSERGROUPS_ENAB\fR)\&. +.SH "选项" +.PP +The options which apply to the +\fBuseradd\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR +.RS 4 +The default base directory for the system if +\fB\-d\fR\ \&\fIHOME_DIR\fR +is not specified\&. +\fIBASE_DIR\fR +is concatenated with the account name to define the home directory\&. If the +\fB\-m\fR +option is not used, +\fIBASE_DIR\fR +must exist\&. +.sp +If this option is not specified, +\fBuseradd\fR +will use the base directory specified by the +\fBHOME\fR +variable in +/etc/default/useradd, or +/home +by default\&. +.RE +.PP +\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR +.RS 4 +任何字符串。通常是关于登录的简短描述,当前用于用户全名。 +.RE +.PP +\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR +.RS 4 +The new user will be created using +\fIHOME_DIR\fR +as the value for the user\*(Aqs login directory\&. The default is to append the +\fILOGIN\fR +name to +\fIBASE_DIR\fR +and use that as the login directory name\&. The directory +\fIHOME_DIR\fR +does not have to exist but will not be created if it is missing\&. +.RE +.PP +\fB\-D\fR, \fB\-\-defaults\fR +.RS 4 +看下边,\(lq更改默认值\(rq子节。 +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +The date on which the user account will be disabled\&. The date is specified in the format +\fIYYYY\-MM\-DD\fR\&. +.sp +If not specified, +\fBuseradd\fR +will use the default expiry date specified by the +\fBEXPIRE\fR +variable in +/etc/default/useradd, or an empty string (no expiry) by default\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期后,账户被彻底禁用之前的天数。0 表示立即禁用,\-1 表示禁用这个功能。 +.sp +If not specified, +\fBuseradd\fR +will use the default inactivity period specified by the +\fBINACTIVE\fR +variable in +/etc/default/useradd, or \-1 by default\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +用户初始登陆组的组名或号码。组名必须已经存在。组号码必须指代已经存在的组。 +.sp +If not specified, the behavior of +\fBuseradd\fR +will depend on the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. If this variable is set to +\fIyes\fR +(or +\fB\-U/\-\-user\-group\fR +is specified on the command line), a group will be created for the user, with the same name as her loginname\&. If the variable is set to +\fIno\fR +(or +\fB\-N/\-\-no\-user\-group\fR +is specified on the command line), useradd will set the primary group of the new user to the value specified by the +\fBGROUP\fR +variable in +/etc/default/useradd, or 100 by default\&. +.RE +.PP +\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] +.RS 4 +A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the +\fB\-g\fR +option\&. The default is for the user to belong only to the initial group\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR +.RS 4 +The skeleton directory, which contains files and directories to be copied in the user\*(Aqs home directory, when the home directory is created by +\fBuseradd\fR\&. +.sp +This option is only valid if the +\fB\-m\fR +(or +\fB\-\-create\-home\fR) option is specified\&. +.sp +If this option is not set, the skeleton directory is defined by the +\fBSKEL\fR +variable in +/etc/default/useradd +or, by default, +/etc/skel\&. +.sp +如果可以,也复制 ACL 和扩展属性。 +.RE +.PP +\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR +.RS 4 +Overrides +/etc/login\&.defs +defaults (\fBUID_MIN\fR, +\fBUID_MAX\fR, +\fBUMASK\fR, +\fBPASS_MAX_DAYS\fR +and others)\&. + +Example: +\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR +can be used when creating system account to turn off password aging, even though system account has no password at all\&. Multiple +\fB\-K\fR +options can be specified, e\&.g\&.: +\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \& +\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR +.RE +.PP +\fB\-l\fR, \fB\-\-no\-log\-init\fR +.RS 4 +不要将用户添加到最近登录和登录失败数据库。 +.sp +By default, the user\*(Aqs entries in the lastlog and faillog databases are reset to avoid reusing the entry from a previously deleted user\&. +.RE +.PP +\fB\-m\fR, \fB\-\-create\-home\fR +.RS 4 +Create the user\*(Aqs home directory if it does not exist\&. The files and directories contained in the skeleton directory (which can be defined with the +\fB\-k\fR +option) will be copied to the home directory\&. +.sp +By default, if this option is not specified and +\fBCREATE_HOME\fR +is not enabled, no home directories are created\&. +.RE +.PP +\fB\-M\fR, \fB\-\-no\-create\-home\fR +.RS 4 +Do no create the user\*(Aqs home directory, even if the system wide setting from +/etc/login\&.defs +(\fBCREATE_HOME\fR) is set to +\fIyes\fR\&. +.RE +.PP +\fB\-N\fR, \fB\-\-no\-user\-group\fR +.RS 4 +Do not create a group with the same name as the user, but add the user to the group specified by the +\fB\-g\fR +option or by the +\fBGROUP\fR +variable in +/etc/default/useradd\&. +.sp +The default behavior (if the +\fB\-g\fR, +\fB\-N\fR, and +\fB\-U\fR +options are not specified) is defined by the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +允许使用重复的 UID 创建用户账户。 +.sp +This option is only valid in combination with the +\fB\-u\fR +option\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. The default is to disable the password\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统账户。 +.sp +System users will be created with no aging information in +/etc/shadow, and their numeric identifiers are chosen in the +\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR +range, defined in +/etc/login\&.defs, instead of +\fBUID_MIN\fR\-\fBUID_MAX\fR +(and their +\fBGID\fR +counterparts for the creation of groups)\&. +.sp +Note that +\fBuseradd\fR +will not create a home directory for such a user, regardless of the default setting in +/etc/login\&.defs +(\fBCREATE_HOME\fR)\&. You have to specify the +\fB\-m\fR +options if you want a home directory for a system account to be created\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +The name of the user\*(Aqs login shell\&. The default is to leave this field blank, which causes the system to select the default login shell specified by the +\fBSHELL\fR +variable in +/etc/default/useradd, or an empty string by default\&. +.RE +.PP +\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR +.RS 4 +The numerical value of the user\*(Aqs ID\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to +\fBUID_MIN\fR +and greater than every other user\&. +.sp +See also the +\fB\-r\fR +option and the +\fBUID_MAX\fR +description\&. +.RE +.PP +\fB\-U\fR, \fB\-\-user\-group\fR +.RS 4 +创建一个和用户同名的组,并将用户添加到组中。 +.sp +The default behavior (if the +\fB\-g\fR, +\fB\-N\fR, and +\fB\-U\fR +options are not specified) is defined by the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR +.RS 4 +用户登陆的 SELinux 用户。默认为留空,这会造成系统选择默认的 SELinux 用户。 +.RE +.SS "更改默认值" +.PP +When invoked with only the +\fB\-D\fR +option, +\fBuseradd\fR +will display the current default values\&. When invoked with +\fB\-D\fR +plus other options, +\fBuseradd\fR +will update the default values for the specified options\&. Valid default\-changing options are: +.PP +\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR +.RS 4 +The path prefix for a new user\*(Aqs home directory\&. The user\*(Aqs name will be affixed to the end of +\fIBASE_DIR\fR +to form the new user\*(Aqs home directory name, if the +\fB\-d\fR +option is not used when creating a new account\&. +.sp +This option sets the +\fBHOME\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +禁用此用户账户的日期。 +.sp +This option sets the +\fBEXPIRE\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期到账户被禁用之前的天数。 +.sp +This option sets the +\fBINACTIVE\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +The group name or ID for a new user\*(Aqs initial group (when the +\fB\-N/\-\-no\-user\-group\fR +is used or when the +\fBUSERGROUPS_ENAB\fR +variable is set to +\fIno\fR +in +/etc/login\&.defs)\&. The named group must exist, and a numerical group ID must have an existing entry\&. +.sp +This option sets the +\fBGROUP\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +新用户的登录 shell 名。 +.sp +This option sets the +\fBSHELL\fR +variable in +/etc/default/useradd\&. +.RE +.SH "注意:" +.PP +The system administrator is responsible for placing the default user files in the +/etc/skel/ +directory (or any other skeleton directory specified in +/etc/default/useradd +or on the command line)\&. +.SH "CAVEATS" +.PP +您可能不能想 NIS 组或 LDAP 组添加用户。这只能在相应服务器上进行。 +.PP +Similarly, if the username already exists in an external user database such as NIS or LDAP, +\fBuseradd\fR +will deny the user account creation request\&. +.PP +用户名必须以一个小写字母或下划线开始,跟随小写字符、数字、下划线或连字符的组合。可以以美元符号结束。用正则表达式表示就是:[a\-z_][a\-z0\-9_\-]*[$]? +.PP +用户名不能超过 32 个字符长。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCREATE_HOME\fR (boolean) +.RS 4 +指示是否应该为新用户默认创建主目录。 +.sp +此设置并不应用到系统用户,并且可以使用命令行覆盖。 +.RE +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBHOME_MODE\fR (number) +.RS 4 +The mode for new home directories\&. If not specified, the +\fBUMASK\fR +is used to create the mode\&. +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this to set the mode of the home directory they create\&. +.RE +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.PP +\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of system users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_UID_MIN\fR +(resp\&. +\fBSYS_UID_MAX\fR) is 101 (resp\&. +\fBUID_MIN\fR\-1)\&. +.RE +.PP +\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of regular users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBUID_MIN\fR +(resp\&. +\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/default/useradd +.RS 4 +账户创建的默认值。 +.RE +.PP +/etc/skel/ +.RS 4 +包含默认文件的目录。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +The +\fBuseradd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +can\*(Aqt update password file +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +UID already in use (and no +\fB\-o\fR) +.RE +.PP +\fI6\fR +.RS 4 +specified group doesn\*(Aqt exist +.RE +.PP +\fI9\fR +.RS 4 +username already in use +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.PP +\fI12\fR +.RS 4 +can\*(Aqt create home directory +.RE +.PP +\fI14\fR +.RS 4 +can\*(Aqt update SELinux user mapping +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBcrypt\fR(3), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBnewusers\fR(8), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/userdel.8 b/man/zh_CN/man8/userdel.8 new file mode 100644 index 0000000..3c91432 --- /dev/null +++ b/man/zh_CN/man8/userdel.8 @@ -0,0 +1,308 @@ +'\" t +.\" Title: userdel +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERDEL" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +userdel \- 删除用户账户和相关文件 +.SH "大纲" +.HP \w'\fBuserdel\fR\ 'u +\fBuserdel\fR [选项] \fI登录\fR +.SH "描述" +.PP +The +\fBuserdel\fR +command modifies the system account files, deleting all entries that refer to the user name +\fILOGIN\fR\&. The named user must exist\&. +.SH "选项" +.PP +The options which apply to the +\fBuserdel\fR +command are: +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +This option forces the removal of the user account, even if the user is still logged in\&. It also forces +\fBuserdel\fR +to remove the user\*(Aqs home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user\&. If +\fBUSERGROUPS_ENAB\fR +is defined to +\fIyes\fR +in +/etc/login\&.defs +and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user\&. +.sp +\fINote:\fR +This option is dangerous and may leave your system in an inconsistent state\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-remove\fR +.RS 4 +用户主目录中的文件将随用户主目录和用户邮箱一起删除。在其它文件系统中的文件必须手动搜索并删除。 +.sp +The mail spool is defined by the +\fBMAIL_DIR\fR +variable in the +login\&.defs +file\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR +.RS 4 +移除用户登录的所有 SELinux 用户映射。 +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBUSERDEL_CMD\fR (string) +.RS 4 +如果定义了,这是删除账户时执行的命令。它应该移除所有属于此用户的的 at/cron/print 等作业(作为第一个参数传递)。 +.sp +这个脚本的返回值并不被带到账户中去。 +.sp +Here is an example script, which removes the user\*(Aqs cron, at and print jobs: +.sp +.if n \{\ +.RS 4 +.\} +.nf +#! /bin/sh + +# Check for the required argument\&. +if [ $# != 1 ]; then + echo "Usage: $0 username" + exit 1 +fi + +# Remove cron jobs\&. +crontab \-r \-u $1 + +# Remove at jobs\&. +# Note that it will remove any jobs owned by the same UID, +# even if it was shared by a different username\&. +AT_SPOOL_DIR=/var/spool/cron/atjobs +find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; + +# Remove print jobs\&. +lprm $1 + +# All done\&. +exit 0 + +.fi +.if n \{\ +.RE +.\} +.sp +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "退出值" +.PP +The +\fBuserdel\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +can\*(Aqt update password file +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI6\fR +.RS 4 +specified user doesn\*(Aqt exist +.RE +.PP +\fI8\fR +.RS 4 +user currently logged in +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.PP +\fI12\fR +.RS 4 +can\*(Aqt remove home directory +.RE +.SH "CAVEATS" +.PP +\fBuserdel\fR +will not allow you to remove an account if there are running processes which belong to this account\&. In that case, you may have to kill those processes or lock the user\*(Aqs password or account and remove the account later\&. The +\fB\-f\fR +option can force the deletion of this account\&. +.PP +您应该手动检查所以文件系统,以确保没有遗留此用户的文件。 +.PP +您不能在 NIS 客户端上移除任何 NIS 属性。这必须在 NIS 服务器上执行。 +.PP +If +\fBUSERGROUPS_ENAB\fR +is defined to +\fIyes\fR +in +/etc/login\&.defs, +\fBuserdel\fR +will delete the group with the same name as the user\&. To avoid inconsistencies in the passwd and group databases, +\fBuserdel\fR +will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise\&. The +\fB\-f\fR +option can force the deletion of this group\&. +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBlogin.defs\fR(5), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/usermod.8 b/man/zh_CN/man8/usermod.8 new file mode 100644 index 0000000..270df0a --- /dev/null +++ b/man/zh_CN/man8/usermod.8 @@ -0,0 +1,469 @@ +'\" t +.\" Title: usermod +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERMOD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +usermod \- 修改一个用户账户 +.SH "大纲" +.HP \w'\fBusermod\fR\ 'u +\fBusermod\fR [\fI选项\fR] \fI登录\fR +.SH "描述" +.PP +The +\fBusermod\fR +command modifies the system account files to reflect the changes that are specified on the command line\&. +.SH "选项" +.PP +The options which apply to the +\fBusermod\fR +command are: +.PP +\fB\-a\fR, \fB\-\-append\fR +.RS 4 +Add the user to the supplementary group(s)\&. Use only with the +\fB\-G\fR +option\&. +.RE +.PP +\fB\-b\fR, \fB\-\-badnames\fR +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR +.RS 4 +The new value of the user\*(Aqs password file comment field\&. It is normally modified using the +\fBchfn\fR(1) +utility\&. +.RE +.PP +\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR +.RS 4 +用户的新登录目录。 +.sp +If the +\fB\-m\fR +option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +The date on which the user account will be disabled\&. The date is specified in the format +\fIYYYY\-MM\-DD\fR\&. +.sp +An empty +\fIEXPIRE_DATE\fR +argument will disable the expiration of the account\&. +.sp +This option requires a +/etc/shadow +file\&. A +/etc/shadow +entry will be created if there were none\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期之后,账户被彻底禁用之前的天数。 +.sp +0 表示密码过期时,立即禁用账户;\-1 表示不使用这个功能。 +.sp +This option requires a +/etc/shadow +file\&. A +/etc/shadow +entry will be created if there were none\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +用户的新初始登录组的组名或数字代号。此组必须存在。 +.sp +用户主目录中,属于原来的主组的文件将转交新组所有。 +.sp +主目录之外的文件所属的组必须手动修改。 +.RE +.PP +\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] +.RS 4 +A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the +\fB\-g\fR +option\&. +.sp +If the user is currently a member of a group which is not listed, the user will be removed from the group\&. This behaviour can be changed via the +\fB\-a\fR +option, which appends the user to the current supplementary group list\&. +.RE +.PP +\fB\-l\fR, \fB\-\-login\fR\ \&\fINEW_LOGIN\fR +.RS 4 +The name of the user will be changed from +\fILOGIN\fR +to +\fINEW_LOGIN\fR\&. Nothing else is changed\&. In particular, the user\*(Aqs home directory or mail spool should probably be renamed manually to reflect the new login name\&. +.RE +.PP +\fB\-L\fR, \fB\-\-lock\fR +.RS 4 +Lock a user\*(Aqs password\&. This puts a \*(Aq!\*(Aq in front of the encrypted password, effectively disabling the password\&. You can\*(Aqt use this option with +\fB\-p\fR +or +\fB\-U\fR\&. +.sp +Note: if you wish to lock the account (not only access with a password), you should also set the +\fIEXPIRE_DATE\fR +to +\fI1\fR\&. +.RE +.PP +\fB\-m\fR, \fB\-\-move\-home\fR +.RS 4 +将用户的主目录移动到新位置。 +.sp +This option is only valid in combination with the +\fB\-d\fR +(or +\fB\-\-home\fR) option\&. +.sp +\fBusermod\fR +will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +When used with the +\fB\-u\fR +option, this option allows to change the user ID to a non\-unique value\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +用户的新登录 shell 的名称。将此字段设置为空会让系统选择默认的登录 shell。 +.RE +.PP +\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR +.RS 4 +用户 ID 的新数值。 +.sp +This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. +.sp +用户的邮箱,用户主目录中属于此用户的文件的属主 ID 也将自动更改。 +.sp +用户主目录之外文件所有权必须手动修复。 +.sp +No checks will be performed with regard to the +\fBUID_MIN\fR, +\fBUID_MAX\fR, +\fBSYS_UID_MIN\fR, or +\fBSYS_UID_MAX\fR +from +/etc/login\&.defs\&. +.RE +.PP +\fB\-U\fR, \fB\-\-unlock\fR +.RS 4 +Unlock a user\*(Aqs password\&. This removes the \*(Aq!\*(Aq in front of the encrypted password\&. You can\*(Aqt use this option with +\fB\-p\fR +or +\fB\-L\fR\&. +.sp +Note: if you wish to unlock the account (not only access with a password), you should also set the +\fIEXPIRE_DATE\fR +(for example to +\fI99999\fR, or to the +\fBEXPIRE\fR +value from +/etc/default/useradd)\&. +.RE +.PP +\fB\-v\fR, \fB\-\-add\-subuids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Add a range of subordinate uids to the user\*(Aqs account\&. +.sp +This option may be specified multiple times to add multiple ranges to a users account\&. +.sp +No checks will be performed with regard to +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, or +\fBSUB_UID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-V\fR, \fB\-\-del\-subuids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Remove a range of subordinate uids from the user\*(Aqs account\&. +.sp +This option may be specified multiple times to remove multiple ranges to a users account\&. When both +\fB\-\-del\-subuids\fR +and +\fB\-\-add\-subuids\fR +are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. +.sp +No checks will be performed with regard to +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, or +\fBSUB_UID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-w\fR, \fB\-\-add\-subgids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Add a range of subordinate gids to the user\*(Aqs account\&. +.sp +This option may be specified multiple times to add multiple ranges to a users account\&. +.sp +No checks will be performed with regard to +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, or +\fBSUB_GID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-W\fR, \fB\-\-del\-subgids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Remove a range of subordinate gids from the user\*(Aqs account\&. +.sp +This option may be specified multiple times to remove multiple ranges to a users account\&. When both +\fB\-\-del\-subgids\fR +and +\fB\-\-add\-subgids\fR +are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. +.sp +No checks will be performed with regard to +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, or +\fBSUB_GID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR +.RS 4 +用户登陆的 SELinux 用户。 +.sp +A blank +\fISEUSER\fR +will remove the SELinux user mapping for user +\fILOGIN\fR +(if any)\&. +.RE +.SH "CAVEATS" +.PP +You must make certain that the named user is not executing any processes when this command is being executed if the user\*(Aqs numerical user ID, the user\*(Aqs name, or the user\*(Aqs home directory is being changed\&. +\fBusermod\fR +checks this on Linux\&. On other platforms it only uses utmp to check if the user is logged in\&. +.PP +You must change the owner of any +\fBcrontab\fR +files or +\fBat\fR +jobs manually\&. +.PP +您必须更改 NIS 服务器上的 NIS 相关内容。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBcrypt\fR(3), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8)\&. diff --git a/man/zh_CN/man8/vigr.8 b/man/zh_CN/man8/vigr.8 new file mode 100644 index 0000000..ff72d7a --- /dev/null +++ b/man/zh_CN/man8/vigr.8 @@ -0,0 +1 @@ +.so man8/vipw.8 diff --git a/man/zh_CN/man8/vipw.8 b/man/zh_CN/man8/vipw.8 new file mode 100644 index 0000000..971d955 --- /dev/null +++ b/man/zh_CN/man8/vipw.8 @@ -0,0 +1,137 @@ +'\" t +.\" Title: vipw +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "VIPW" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +vipw, vigr \- 编辑密码、组、影子密码或影子组文件。 +.SH "大纲" +.HP \w'\fBvipw\fR\ 'u +\fBvipw\fR [\fI选项\fR] +.HP \w'\fBvigr\fR\ 'u +\fBvigr\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBvipw\fR +and +\fBvigr\fR +commands edits the files +/etc/passwd +and +/etc/group, respectively\&. With the +\fB\-s\fR +flag, they will edit the shadow versions of those files, +/etc/shadow +and +/etc/gshadow, respectively\&. The programs will set the appropriate locks to prevent file corruption\&. When looking for an editor, the programs will first try the environment variable +\fB$VISUAL\fR, then the environment variable +\fB$EDITOR\fR, and finally the default editor, +\fBvi\fR(1)\&. +.SH "选项" +.PP +The options which apply to the +\fBvipw\fR +and +\fBvigr\fR +commands are: +.PP +\fB\-g\fR, \fB\-\-group\fR +.RS 4 +编辑 group 数据库。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-p\fR, \fB\-\-passwd\fR +.RS 4 +编辑 passwd 数据库。 +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +安静模式。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shadow\fR +.RS 4 +编辑 shadow 或 gshadow 数据库。 +.RE +.SH "环境变量" +.PP +\fBVISUAL\fR +.RS 4 +要使用的编辑器。 +.RE +.PP +\fBEDITOR\fR +.RS 4 +Editor to be used if +\fBVISUAL\fR +is not set\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBvi\fR(1), +\fBgroup\fR(5), +\fBgshadow\fR(5) +, +\fBpasswd\fR(5), , +\fBshadow\fR(5)\&. |