summaryrefslogtreecommitdiffstats
path: root/man/gpasswd.1.xml
diff options
context:
space:
mode:
Diffstat (limited to 'man/gpasswd.1.xml')
-rw-r--r--man/gpasswd.1.xml322
1 files changed, 322 insertions, 0 deletions
diff --git a/man/gpasswd.1.xml b/man/gpasswd.1.xml
new file mode 100644
index 0000000..ebd1b41
--- /dev/null
+++ b/man/gpasswd.1.xml
@@ -0,0 +1,322 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Copyright (c) 1996 , Rafal Maszkowski
+ Copyright (c) 2007 - 2011, Nicolas François
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. The name of the copyright holders or contributors may not be used to
+ endorse or promote products derived from this software without
+ specific prior written permission.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
+<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
+<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
+<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!-- SHADOW-CONFIG-HERE -->
+]>
+
+<refentry id='gpasswd.1'>
+ <!-- $Id$ -->
+ <refentryinfo>
+ <author>
+ <firstname>Rafal</firstname>
+ <surname>Maszkowski</surname>
+ <contrib>Creation, 1996</contrib>
+ </author>
+ <author>
+ <firstname>Thomas</firstname>
+ <surname>Kłoczko</surname>
+ <email>kloczek@pld.org.pl</email>
+ <contrib>shadow-utils maintainer, 2000 - 2007</contrib>
+ </author>
+ <author>
+ <firstname>Nicolas</firstname>
+ <surname>François</surname>
+ <email>nicolas.francois@centraliens.net</email>
+ <contrib>shadow-utils maintainer, 2007 - now</contrib>
+ </author>
+ </refentryinfo>
+ <refmeta>
+ <refentrytitle>gpasswd</refentrytitle>
+ <manvolnum>1</manvolnum>
+ <refmiscinfo class="sectdesc">User Commands</refmiscinfo>
+ <refmiscinfo class="source">shadow-utils</refmiscinfo>
+ <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo>
+ </refmeta>
+ <refnamediv id='name'>
+ <refname>gpasswd</refname>
+ <refpurpose>
+ <phrase condition="no_gshadow">
+ administer <filename>/etc/group</filename>
+ </phrase>
+ <phrase condition="gshadow">
+ administer <filename>/etc/group</filename> and
+ <filename>/etc/gshadow</filename>
+ </phrase>
+ </refpurpose>
+ </refnamediv>
+ <!-- body begins here -->
+ <refsynopsisdiv id='synopsis'>
+ <cmdsynopsis>
+ <command>gpasswd</command>
+ <arg choice='opt'>
+ <replaceable>option</replaceable>
+ </arg>
+ <arg choice='plain'>
+ <replaceable>group</replaceable>
+ </arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <command>gpasswd</command> command is used to administer
+ <filename>/etc/group</filename><phrase condition="gshadow">,
+ and <filename>/etc/gshadow</filename></phrase>.
+ Every group can have
+ <phrase condition="gshadow">administrators,</phrase>
+ members and a password.
+ </para>
+ <para condition="gshadow">
+ System administrators can use the <option>-A</option> option to define
+ group administrator(s) and the <option>-M</option> option to define
+ members. They have all rights of group administrators and members.
+ </para>
+ <para>
+ <command>gpasswd</command> called by
+ <phrase condition="gshadow">a group administrator</phrase>
+ <phrase condition="no_gshadow">a system administrator</phrase>
+ with a group name only prompts for the new password of the
+ <replaceable>group</replaceable>.
+ </para>
+ <para>
+ If a password is set the members can still use <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry> without a password, and non-members must supply the
+ password.
+ </para>
+
+ <refsect2 id='notes_about_group_passwords'>
+ <title>Notes about group passwords</title>
+ <para>
+ Group passwords are an inherent security problem since more than one
+ person is permitted to know the password. However, groups are a
+ useful tool for permitting co-operation between different users.
+ </para>
+ </refsect2>
+
+ </refsect1>
+
+ <refsect1 id='options'>
+ <title>OPTIONS</title>
+ <para condition="gshadow">
+ Except for the <option>-A</option> and <option>-M</option> options,
+ the options cannot be combined.
+ </para>
+ <para condition="no_gshadow">
+ The options cannot be combined.
+ </para>
+ <para>
+ The options which apply to the <command>gpasswd</command> command are:
+ </para>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-a</option>, <option>--add</option>&nbsp;<replaceable>user</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Add the <replaceable>user</replaceable> to the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-d</option>, <option>--delete</option>&nbsp;<replaceable>user</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Remove the <replaceable>user</replaceable> from the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term><option>-h</option>, <option>--help</option></term>
+ <listitem>
+ <para>Display help message and exit.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-Q</option>, <option>--root</option>&nbsp;<replaceable>CHROOT_DIR</replaceable>
+ </term>
+ <listitem>
+ <para>
+ Apply changes in the <replaceable>CHROOT_DIR</replaceable>
+ directory and use the configuration files from the
+ <replaceable>CHROOT_DIR</replaceable> directory.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-r</option>, <option>--remove-password</option>
+ </term>
+ <listitem>
+ <para>
+ Remove the password from the named <replaceable>group</replaceable>.
+ The group password will be empty.
+ Only group members will be allowed to use
+ <command>newgrp</command> to join the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-R</option>, <option>--restrict</option>
+ </term>
+ <listitem>
+ <para>
+ Restrict the access to the named <replaceable>group</replaceable>.
+ The group password is set to "!".
+ Only group members with a password will be allowed to use
+ <command>newgrp</command> to join the named
+ <replaceable>group</replaceable>.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP' condition="gshadow">
+ <varlistentry>
+ <term>
+ <option>-A</option>, <option>--administrators</option>&nbsp;<replaceable>user</replaceable>,...
+ </term>
+ <listitem>
+ <para>
+ Set the list of administrative users.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <variablelist remap='IP'>
+ <varlistentry>
+ <term>
+ <option>-M</option>, <option>--members</option>&nbsp;<replaceable>user</replaceable>,...
+ </term>
+ <listitem>
+ <para>
+ Set the list of group members.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='caveats'>
+ <title>CAVEATS</title>
+ <para>
+ This tool only operates on the <filename>/etc/group</filename>
+ <phrase condition="gshadow"> and <filename>/etc/gshadow</filename>
+ files.</phrase>
+ <phrase condition="no_gshadow">file.</phrase>
+ Thus you cannot change any NIS or LDAP group. This must be performed
+ on the corresponding server.
+ </para>
+ </refsect1>
+
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &ENCRYPT_METHOD;
+ &MAX_MEMBERS_PER_GROUP;
+ &MD5_CRYPT_ENAB;
+ &SHA_CRYPT_MIN_ROUNDS; <!--This also document SHA_CRYPT_MAX_ROUNDS-->
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='files'>
+ <title>FILES</title>
+ <variablelist>
+ <varlistentry>
+ <term><filename>/etc/group</filename></term>
+ <listitem>
+ <para>Group account information.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry condition="gshadow">
+ <term><filename>/etc/gshadow</filename></term>
+ <listitem>
+ <para>Secure group account information.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>newgrp</refentrytitle><manvolnum>1</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupadd</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupdel</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>groupmod</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>grpck</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>group</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry><phrase condition="gshadow">,
+ <citerefentry>
+ <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry></phrase>.
+ </para>
+ </refsect1>
+</refentry>