diff options
Diffstat (limited to 'man/zh_CN/man8')
-rw-r--r-- | man/zh_CN/man8/chgpasswd.8 | 208 | ||||
-rw-r--r-- | man/zh_CN/man8/chpasswd.8 | 212 | ||||
-rw-r--r-- | man/zh_CN/man8/faillog.8 | 165 | ||||
-rw-r--r-- | man/zh_CN/man8/groupadd.8 | 257 | ||||
-rw-r--r-- | man/zh_CN/man8/groupdel.8 | 145 | ||||
-rw-r--r-- | man/zh_CN/man8/groupmems.8 | 180 | ||||
-rw-r--r-- | man/zh_CN/man8/groupmod.8 | 233 | ||||
-rw-r--r-- | man/zh_CN/man8/grpck.8 | 247 | ||||
-rw-r--r-- | man/zh_CN/man8/grpconv.8 | 1 | ||||
-rw-r--r-- | man/zh_CN/man8/grpunconv.8 | 1 | ||||
-rw-r--r-- | man/zh_CN/man8/lastlog.8 | 137 | ||||
-rw-r--r-- | man/zh_CN/man8/logoutd.8 | 57 | ||||
-rw-r--r-- | man/zh_CN/man8/newusers.8 | 449 | ||||
-rw-r--r-- | man/zh_CN/man8/nologin.8 | 55 | ||||
-rw-r--r-- | man/zh_CN/man8/pwck.8 | 328 | ||||
-rw-r--r-- | man/zh_CN/man8/pwconv.8 | 193 | ||||
-rw-r--r-- | man/zh_CN/man8/pwunconv.8 | 1 | ||||
-rw-r--r-- | man/zh_CN/man8/sulogin.8 | 116 | ||||
-rw-r--r-- | man/zh_CN/man8/useradd.8 | 784 | ||||
-rw-r--r-- | man/zh_CN/man8/userdel.8 | 308 | ||||
-rw-r--r-- | man/zh_CN/man8/usermod.8 | 469 | ||||
-rw-r--r-- | man/zh_CN/man8/vigr.8 | 1 | ||||
-rw-r--r-- | man/zh_CN/man8/vipw.8 | 137 |
23 files changed, 4684 insertions, 0 deletions
diff --git a/man/zh_CN/man8/chgpasswd.8 b/man/zh_CN/man8/chgpasswd.8 new file mode 100644 index 0000000..ff0204e --- /dev/null +++ b/man/zh_CN/man8/chgpasswd.8 @@ -0,0 +1,208 @@ +'\" t +.\" Title: chgpasswd +.\" Author: Thomas K\(/loczko <kloczek@pld.org.pl> +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHGPASSWD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chgpasswd \- 批量更新组密码 +.SH "大纲" +.HP \w'\fBchgpasswd\fR\ 'u +\fBchgpasswd\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBchgpasswd\fR +command reads a list of group name and password pairs from standard input and uses this information to update a set of existing groups\&. Each line is of the format: +.PP +\fIgroup_name\fR:\fIpassword\fR +.PP +By default the supplied password must be in clear\-text, and is encrypted by +\fBchgpasswd\fR\&. +.PP +The default encryption algorithm can be defined for the system with the +\fBENCRYPT_METHOD\fR +variable of +/etc/login\&.defs, and can be overwritten with the +\fB\-e\fR, +\fB\-m\fR, or +\fB\-c\fR +options\&. +.PP +此命令一般用于需要一次创建很多用户的大型系统。 +.SH "选项" +.PP +The options which apply to the +\fBchgpasswd\fR +command are: +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.RE +.PP +\fB\-e\fR, \fB\-\-encrypted\fR +.RS 4 +提供的密码是已经加密了的 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-m\fR, \fB\-\-md5\fR +.RS 4 +如果提供的密码没有加密,则使用 MD5 加密而不是 DES。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +记住要设置权限或者掩码来阻止其它用户对未加密文件的读取。 +.PP +您需要确保你吗和加密方法符合系统的密码策略。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBgpasswd\fR(1), +\fBgroupadd\fR(8), +\fBlogin.defs\fR(5)\&. diff --git a/man/zh_CN/man8/chpasswd.8 b/man/zh_CN/man8/chpasswd.8 new file mode 100644 index 0000000..b26ed56 --- /dev/null +++ b/man/zh_CN/man8/chpasswd.8 @@ -0,0 +1,212 @@ +'\" t +.\" Title: chpasswd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHPASSWD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chpasswd \- 批量更新密码 +.SH "大纲" +.HP \w'\fBchpasswd\fR\ 'u +\fBchpasswd\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBchpasswd\fR +command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users\&. Each line is of the format: +.PP +\fIuser_name\fR:\fIpassword\fR +.PP +By default the passwords must be supplied in clear\-text, and are encrypted by +\fBchpasswd\fR\&. Also the password age will be updated, if present\&. +.PP +The default encryption algorithm can be defined for the system with the +\fBENCRYPT_METHOD\fR +or +\fBMD5_CRYPT_ENAB\fR +variables of +/etc/login\&.defs, and can be overwritten with the +\fB\-e\fR, +\fB\-m\fR, or +\fB\-c\fR +options\&. +.PP +\fBchpasswd\fR +first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user\&. +.PP +此命令一般用于需要一次创建很多用户的大型系统。 +.SH "选项" +.PP +The options which apply to the +\fBchpasswd\fR +command are: +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR\ \&\fIMETHOD\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.sp +By default (if none of the +\fB\-c\fR, +\fB\-m\fR, or +\fB\-e\fR +options are specified), the encryption method is defined by the +\fBENCRYPT_METHOD\fR +or +\fBMD5_CRYPT_ENAB\fR +variables of +/etc/login\&.defs\&. +.RE +.PP +\fB\-e\fR, \fB\-\-encrypted\fR +.RS 4 +提供的密码是已经加密了的 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-m\fR, \fB\-\-md5\fR +.RS 4 +如果提供的密码没有加密,则使用 MD5 加密而不是 DES。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR\ \&\fIROUNDS\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the +\fBSHA_CRYPT_MIN_ROUNDS\fR +and +\fBSHA_CRYPT_MAX_ROUNDS\fR +variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +记住要设置权限或者掩码来阻止其它用户对未加密文件的读取。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBpasswd\fR(1), +\fBnewusers\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/faillog.8 b/man/zh_CN/man8/faillog.8 new file mode 100644 index 0000000..50b154b --- /dev/null +++ b/man/zh_CN/man8/faillog.8 @@ -0,0 +1,165 @@ +'\" t +.\" Title: faillog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "FAILLOG" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +faillog \- 显示登录失败记录或设置登录失败限制 +.SH "大纲" +.HP \w'\fBfaillog\fR\ 'u +\fBfaillog\fR [\fI选项\fR] +.SH "描述" +.PP +\fBfaillog\fR +displays the contents of the failure log database (/var/log/faillog)\&. It can also set the failure counters and limits\&. When +\fBfaillog\fR +is run without arguments, it only displays the faillog records of the users who had a login failure\&. +.SH "选项" +.PP +The options which apply to the +\fBfaillog\fR +command are: +.PP +\fB\-a\fR, \fB\-\-all\fR +.RS 4 +Display (or act on) faillog records for all users having an entry in the +faillog +database\&. +.sp +The range of users can be restricted with the +\fB\-u\fR +option\&. +.sp +In display mode, this is still restricted to existing users but forces the display of the faillog entries even if they are empty\&. +.sp +With the +\fB\-l\fR, +\fB\-m\fR, +\fB\-r\fR, +\fB\-t\fR +options, the users\*(Aq records are changed, even if the user does not exist on the system\&. This is useful to reset records of users that have been deleted or to set a policy in advance for a range of users\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-l\fR, \fB\-\-lock\-secs\fR\ \&\fISEC\fR +.RS 4 +Lock account for +\fISEC\fR +seconds after failed login\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-m\fR, \fB\-\-maximum\fR\ \&\fIMAX\fR +.RS 4 +Set the maximum number of login failures after the account is disabled to +\fIMAX\fR\&. +.sp +Selecting a +\fIMAX\fR +value of 0 has the effect of not placing a limit on the number of failed logins\&. +.sp +The maximum failure count should always be 0 for +\fIroot\fR +to prevent a denial of services attack against the system\&. +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-r\fR, \fB\-\-reset\fR +.RS 4 +重置登录失败计数。 +.sp +Write access to +/var/log/faillog +is required for this option\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR +.RS 4 +Display faillog records more recent than +\fIDAYS\fR\&. +.RE +.PP +\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR +.RS 4 +Display faillog record or maintains failure counters and limits (if used with +\fB\-l\fR, +\fB\-m\fR +or +\fB\-r\fR +options) only for the specified user(s)\&. +.sp +The users can be specified by a login name, a numerical user ID, or a +\fIRANGE\fR +of users\&. This +\fIRANGE\fR +of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. +.RE +.PP +When none of the +\fB\-l\fR, +\fB\-m\fR, or +\fB\-r\fR +options are used, +\fBfaillog\fR +displays the faillog record of the specified user(s)\&. +.SH "CAVEATS" +.PP +\fBfaillog\fR +only prints out users with no successful login since the last failure\&. To print out a user who has had a successful login since their last failure, you must explicitly request the user with the +\fB\-u\fR +flag, or print out all users with the +\fB\-a\fR +flag\&. +.SH "文件" +.PP +/var/log/faillog +.RS 4 +Failure logging file\&. +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBfaillog\fR(5)\&. diff --git a/man/zh_CN/man8/groupadd.8 b/man/zh_CN/man8/groupadd.8 new file mode 100644 index 0000000..f150550 --- /dev/null +++ b/man/zh_CN/man8/groupadd.8 @@ -0,0 +1,257 @@ +'\" t +.\" Title: groupadd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPADD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupadd \- 创建一个新组 +.SH "大纲" +.HP \w'\fBgroupadd\fR\ 'u +\fBgroupadd\fR [\fI选项\fR] \fIgroup\fR +.SH "描述" +.PP +The +\fBgroupadd\fR +command creates a new group account using the values specified on the command line plus the default values from the system\&. The new group will be entered into the system files as needed\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupadd\fR +command are: +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +This option causes the command to simply exit with success status if the specified group already exists\&. When used with +\fB\-g\fR, and the specified GID already exists, another (unique) GID is chosen (i\&.e\&. +\fB\-g\fR +is turned off)\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR +.RS 4 +The numerical value of the group\*(Aqs ID\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to +\fBGID_MIN\fR +and greater than every other group\&. +.sp +See also the +\fB\-r\fR +option and the +\fBGID_MAX\fR +description\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR +.RS 4 +Overrides +/etc/login\&.defs +defaults (GID_MIN, GID_MAX and others)\&. Multiple +\fB\-K\fR +options can be specified\&. +.sp +Example: +\fB\-K\fR\ \&\fIGID_MIN\fR=\fI100\fR\ \& +\fB\-K\fR\ \&\fIGID_MAX\fR=\fI499\fR +.sp +Note: +\fB\-K\fR\ \&\fIGID_MIN\fR=\fI10\fR,\fIGID_MAX\fR=\fI499\fR +doesn\*(Aqt work yet\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +此选项允许添加一个使用非唯一 GID 的组。 +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. The default is to disable the password\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统组。 +.sp +The numeric identifiers of new system groups are chosen in the +\fBSYS_GID_MIN\fR\-\fBSYS_GID_MAX\fR +range, defined in +login\&.defs, instead of +\fBGID_MIN\fR\-\fBGID_MAX\fR\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "CAVEATS" +.PP +组名必须以小写字母或者下划线开头,跟随小写字母、下划线或短横线。可以由美元符号结束。用正则表达式就是:[a\-z_][a\-z0\-9_\-]*[$]? +.PP +Groupnames may only be up to 16 characters long\&. +.PP +You may not add a NIS or LDAP group\&. This must be performed on the corresponding server\&. +.PP +If the groupname already exists in an external group database such as NIS or LDAP, +\fBgroupadd\fR +will deny the group creation request\&. +.SH "退出值" +.PP +The +\fBgroupadd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +GID not unique (when +\fB\-o\fR +not used) +.RE +.PP +\fI9\fR +.RS 4 +group name not unique +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupdel.8 b/man/zh_CN/man8/groupdel.8 new file mode 100644 index 0000000..dd5804d --- /dev/null +++ b/man/zh_CN/man8/groupdel.8 @@ -0,0 +1,145 @@ +'\" t +.\" Title: groupdel +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPDEL" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupdel \- 删除一个组 +.SH "大纲" +.HP \w'\fBgroupdel\fR\ 'u +\fBgroupdel\fR [\fI选项\fR] \fIGROUP\fR +.SH "描述" +.PP +The +\fBgroupdel\fR +command modifies the system account files, deleting all entries that refer to +\fIGROUP\fR\&. The named group must exist\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupdel\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "CAVEATS" +.PP +您不能移除现有用户的主组。在移除此组之前,必须先移除此用户。 +.PP +您需要手动检查所有文件系统,以确保没有遗留的属于此组的文件。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgroupdel\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI6\fR +.RS 4 +specified group doesn\*(Aqt exist +.RE +.PP +\fI8\fR +.RS 4 +can\*(Aqt remove user\*(Aqs primary group +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupmod\fR(8), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmems.8 b/man/zh_CN/man8/groupmems.8 new file mode 100644 index 0000000..fdfe2c3 --- /dev/null +++ b/man/zh_CN/man8/groupmems.8 @@ -0,0 +1,180 @@ +'\" t +.\" Title: groupmems +.\" Author: George Kraft, IV +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPMEMS" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupmems \- 用户主组的管理员成员 +.SH "大纲" +.HP \w'\fBgroupmems\fR\ 'u +\fBgroupmems\fR \-a\ \fIuser_name\fR | \-d\ \fIuser_name\fR | [\-g\ \fIgroup_name\fR] | \-l | \-p +.SH "描述" +.PP +The +\fBgroupmems\fR +command allows a user to administer their own group membership list without the requirement of superuser privileges\&. The +\fBgroupmems\fR +utility is for systems that configure its users to be in their own name sake primary group (i\&.e\&., guest / guest)\&. +.PP +Only the superuser, as administrator, can use +\fBgroupmems\fR +to alter the memberships of other groups\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupmems\fR +command are: +.PP +\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser_name\fR +.RS 4 +Add a user to the group membership list\&. +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser_name\fR +.RS 4 +从组成员列表中删除用户。 +.sp +If the +/etc/gshadow +file exist, the user will be removed from the list of members and administrators of the group\&. +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-g\fR, \fB\-\-group\fR\ \&\fIgroup_name\fR +.RS 4 +超级用户可以指定修改哪个组的组成员列表。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-l\fR, \fB\-\-list\fR +.RS 4 +列出组成员。 +.RE +.PP +\fB\-p\fR, \fB\-\-purge\fR +.RS 4 +从组成员列表中删除所有用户。 +.sp +If the +/etc/gshadow +file exist, and the group has no entry in the +/etc/gshadow +file, a new entry will be created\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.SH "SETUP" +.PP +The +\fBgroupmems\fR +executable should be in mode +2710 +as user +\fIroot\fR +and in group +\fIgroups\fR\&. The system administrator can add users to group +\fIgroups\fR +to allow or disallow them using the +\fBgroupmems\fR +utility to manage their own group membership list\&. +.sp +.if n \{\ +.RS 4 +.\} +.nf + $ groupadd \-r groups + $ chmod 2710 groupmems + $ chown root\&.groups groupmems + $ groupmems \-g groups \-a gk4 + +.fi +.if n \{\ +.RE +.\} +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息 +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/groupmod.8 b/man/zh_CN/man8/groupmod.8 new file mode 100644 index 0000000..9701a5e --- /dev/null +++ b/man/zh_CN/man8/groupmod.8 @@ -0,0 +1,233 @@ +'\" t +.\" Title: groupmod +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPMOD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groupmod \- modify a group definition on the system +.SH "大纲" +.HP \w'\fBgroupmod\fR\ 'u +\fBgroupmod\fR [\fI选项\fR] \fIGROUP\fR +.SH "描述" +.PP +The +\fBgroupmod\fR +command modifies the definition of the specified +\fIGROUP\fR +by modifying the appropriate entry in the group database\&. +.SH "选项" +.PP +The options which apply to the +\fBgroupmod\fR +command are: +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGID\fR +.RS 4 +The group ID of the given +\fIGROUP\fR +will be changed to +\fIGID\fR\&. +.sp +The value of +\fIGID\fR +must be a non\-negative decimal integer\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. +.sp +Users who use the group as primary group will be updated to keep the group as their primary group\&. +.sp +Any files that have the old group ID and must continue to belong to +\fIGROUP\fR, must have their group ID changed manually\&. +.sp +No checks will be performed with regard to the +\fBGID_MIN\fR, +\fBGID_MAX\fR, +\fBSYS_GID_MIN\fR, or +\fBSYS_GID_MAX\fR +from +/etc/login\&.defs\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-n\fR, \fB\-\-new\-name\fR\ \&\fINEW_GROUP\fR +.RS 4 +The name of the group will be changed from +\fIGROUP\fR +to +\fINEW_GROUP\fR +name\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +When used with the +\fB\-g\fR +option, allow to change the group +\fIGID\fR +to a non\-unique value\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgroupmod\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +E_SUCCESS: success +.RE +.PP +\fI2\fR +.RS 4 +E_USAGE: invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +E_BAD_ARG: invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +E_GID_IN_USE: specified group doesn\*(Aqt exist +.RE +.PP +\fI6\fR +.RS 4 +E_NOTFOUND: specified group doesn\*(Aqt exist +.RE +.PP +\fI9\fR +.RS 4 +E_NAME_IN_USE: group name already in use +.RE +.PP +\fI10\fR +.RS 4 +E_GRP_UPDATE: can\*(Aqt update group file +.RE +.PP +\fI11\fR +.RS 4 +E_CLEANUP_SERVICE: can\*(Aqt setup cleanup service +.RE +.PP +\fI12\fR +.RS 4 +E_PAM_USERNAME: can\*(Aqt determine your username for use with pam +.RE +.PP +\fI13\fR +.RS 4 +E_PAM_ERROR: pam returned an error, see syslog facility id groupmod for the PAM error message +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBlogin.defs\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/grpck.8 b/man/zh_CN/man8/grpck.8 new file mode 100644 index 0000000..eb8f146 --- /dev/null +++ b/man/zh_CN/man8/grpck.8 @@ -0,0 +1,247 @@ +'\" t +.\" Title: grpck +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GRPCK" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +grpck \- 检查组文件的完整性 +.SH "大纲" +.HP \w'\fBgrpck\fR\ 'u +\fBgrpck\fR [选项] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] +.SH "描述" +.PP +The +\fBgrpck\fR +command verifies the integrity of the groups information\&. It checks that all entries in +/etc/group +and /etc/gshadow +have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. +.PP +检查的项目有: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +正确的字段数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个唯一且有效的组名 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a valid group identifier +(/etc/group only) +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a valid list of members +and administrators +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +a corresponding entry in the +/etc/gshadow +file (respectively +/etc/group +for the +gshadow +checks) +.RE +.PP +The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the +\fBgroupmod\fR +command to correct the error\&. +.PP +The commands which operate on the +/etc/group +and /etc/gshadow files +are not able to alter corrupted or duplicated entries\&. +\fBgrpck\fR +should be used in those circumstances to remove the offending entries\&. +.SH "选项" +.PP +The +\fB\-r\fR +and +\fB\-s\fR +options cannot be combined\&. +.PP +The options which apply to the +\fBgrpck\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-read\-only\fR +.RS 4 +Execute the +\fBgrpck\fR +command in read\-only mode\&. This causes all questions regarding changes to be answered +\fIno\fR +without user intervention\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sort\fR +.RS 4 +Sort entries in +/etc/group +and /etc/gshadow +by GID\&. +.RE +.PP +By default, +\fBgrpck\fR +operates on +/etc/group +and /etc/gshadow\&. The user may select alternate files with the +\fIgroup\fR +and \fIshadow\fR parameters\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBgrpck\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI2\fR +.RS 4 +one or more bad group entries +.RE +.PP +\fI3\fR +.RS 4 +can\*(Aqt open group files +.RE +.PP +\fI4\fR +.RS 4 +can\*(Aqt lock group files +.RE +.PP +\fI5\fR +.RS 4 +can\*(Aqt update group files +.RE +.SH "参见" +.PP +\fBgroup\fR(5), +\fBgroupmod\fR(8), +\fBgshadow\fR(5), +\fBpasswd\fR(5), +\fBpwck\fR(8), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man8/grpconv.8 b/man/zh_CN/man8/grpconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/grpconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/grpunconv.8 b/man/zh_CN/man8/grpunconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/grpunconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/lastlog.8 b/man/zh_CN/man8/lastlog.8 new file mode 100644 index 0000000..52dcc9c --- /dev/null +++ b/man/zh_CN/man8/lastlog.8 @@ -0,0 +1,137 @@ +'\" t +.\" Title: lastlog +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LASTLOG" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +lastlog \- 报告所有用户的最近登录情况,或者指定用户的最近登录情况 +.SH "大纲" +.HP \w'\fBlastlog\fR\ 'u +\fBlastlog\fR [\fI选项\fR] +.SH "描述" +.PP +\fBlastlog\fR +formats and prints the contents of the last login log +/var/log/lastlog +file\&. The +\fIlogin\-name\fR, +\fIport\fR, and +\fIlast login time\fR +will be printed\&. The default (no flags) causes lastlog entries to be printed, sorted by their order in +/etc/passwd\&. +.SH "选项" +.PP +The options which apply to the +\fBlastlog\fR +command are: +.PP +\fB\-b\fR, \fB\-\-before\fR\ \&\fIDAYS\fR +.RS 4 +Print only lastlog records older than +\fIDAYS\fR\&. +.RE +.PP +\fB\-C\fR, \fB\-\-clear\fR +.RS 4 +Clear lastlog record of a user\&. This option can be used only together with +\fB\-u\fR +(\fB\-\-user\fR))\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-S\fR, \fB\-\-set\fR +.RS 4 +Set lastlog record of a user to the current time\&. This option can be used only together with +\fB\-u\fR +(\fB\-\-user\fR))\&. +.RE +.PP +\fB\-t\fR, \fB\-\-time\fR\ \&\fIDAYS\fR +.RS 4 +Print the lastlog records more recent than +\fIDAYS\fR\&. +.RE +.PP +\fB\-u\fR, \fB\-\-user\fR\ \&\fILOGIN\fR|\fIRANGE\fR +.RS 4 +现实指定用户的最近登录记录。 +.sp +The users can be specified by a login name, a numerical user ID, or a +\fIRANGE\fR +of users\&. This +\fIRANGE\fR +of users can be specified with a min and max values (\fIUID_MIN\-UID_MAX\fR), a max value (\fI\-UID_MAX\fR), or a min value (\fIUID_MIN\-\fR)\&. +.RE +.PP +If the user has never logged in the message +\fI** Never logged in**\fR +will be displayed instead of the port and time\&. +.PP +Only the entries for the current users of the system will be displayed\&. Other entries may exist for users that were deleted previously\&. +.SH "注意" +.PP +The +lastlog +file is a database which contains info on the last login of each user\&. You should not rotate it\&. It is a sparse file, so its size on the disk is usually much smaller than the one shown by "\fBls \-l\fR" (which can indicate a really big file if you have in +passwd +users with a high UID)\&. You can display its real size with "\fBls \-s\fR"\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.SH "文件" +.PP +/var/log/lastlog +.RS 4 +Database times of previous user logins\&. +.RE +.SH "CAVEATS" +.PP +Large gaps in UID numbers will cause the lastlog program to run longer with no output to the screen (i\&.e\&. if in lastlog database there is no entries for users with UID between 170 and 800 lastlog will appear to hang as it processes entries with UIDs 171\-799)\&. diff --git a/man/zh_CN/man8/logoutd.8 b/man/zh_CN/man8/logoutd.8 new file mode 100644 index 0000000..d9c36e7 --- /dev/null +++ b/man/zh_CN/man8/logoutd.8 @@ -0,0 +1,57 @@ +'\" t +.\" Title: logoutd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGOUTD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +logoutd \- 强制登录时间限制 +.SH "大纲" +.HP \w'\fBlogoutd\fR\ 'u +\fBlogoutd\fR +.SH "描述" +.PP +\fBlogoutd\fR +enforces the login time and port restrictions specified in +/etc/porttime\&. +\fBlogoutd\fR +should be started from +/etc/rc\&. The +/var/run/utmp +file is scanned periodically and each user name is checked to see if the named user is permitted on the named port at the current time\&. Any login session which is violating the restrictions in +/etc/porttime +is terminated\&. +.SH "文件" +.PP +/etc/porttime +.RS 4 +包含了端口访问信息的文件。 +.RE +.PP +/var/run/utmp +.RS 4 +当前登录会话的列表。 +.RE diff --git a/man/zh_CN/man8/newusers.8 b/man/zh_CN/man8/newusers.8 new file mode 100644 index 0000000..190defa --- /dev/null +++ b/man/zh_CN/man8/newusers.8 @@ -0,0 +1,449 @@ +'\" t +.\" Title: newusers +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NEWUSERS" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +newusers \- 批量更新和创建新用户 +.SH "大纲" +.HP \w'\fBnewusers\fR\ 'u +\fBnewusers\fR [\fI选项\fR] [\fI文件\fR] +.SH "描述" +.PP +The +\fBnewusers\fR +command reads a +\fIfile\fR +(or the standard input by default) and uses this information to update a set of existing users or to create new users\&. Each line is in the same format as the standard password file (see +\fBpasswd\fR(5)) with the exceptions explained below: +.PP +pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell +.PP +\fIpw_name\fR +.RS 4 +这是用户的用户名。 +.sp +It can be the name of a new user or the name of an existing user (or a user created before by +\fBnewusers\fR)\&. In case of an existing user, the user\*(Aqs information will be changed, otherwise a new user will be created\&. +.RE +.PP +\fIpw_passwd\fR +.RS 4 +此字段将被加密然后用于加密后密码的新值。 +.RE +.PP +\fIpw_uid\fR +.RS 4 +此字段用于定义用户的 UID。 +.sp +If the field is empty, a new (unused) UID will be defined automatically by +\fBnewusers\fR\&. +.sp +如果此字段包含一个数字,此数字会用于 UID。 +.sp +If this field contains the name of an existing user (or the name of a user created before by +\fBnewusers\fR), the UID of the specified user will be used\&. +.sp +如果一个现有用户更改了 UID,此用户的文件所有权需要手动修复。 +.RE +.PP +\fIpw_gid\fR +.RS 4 +此字段用于定义用户的主组 ID。 +.sp +If this field contains the name of an existing group (or a group created before by +\fBnewusers\fR), the GID of this group will be used as the primary group ID for the user\&. +.sp +如果此字段是一个数字,此数字会被用作此用户的主组 ID。如果没有对应此 GID 的现有组,将会使用此 GID 创建一个新组,名称和用户名相同。 +.sp +If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by +\fBnewusers\fR +to be used as the primary group ID for the user and as the GID for the new group\&. +.sp +If this field contains the name of a group which does not exist (and was not created before by +\fBnewusers\fR), a new group will be created with the specified name and a GID will be automatically defined by +\fBnewusers\fR +to be used as the primary group ID for the user and GID for the new group\&. +.RE +.PP +\fIpw_gecos\fR +.RS 4 +此字段复制到用户的 GECOS 字段。 +.RE +.PP +\fIpw_dir\fR +.RS 4 +此字段用于定义用户的主目录。 +.sp +如果此字段指定的不是现有的目录,将会创建指定的目录,所有权设置为创建或更新的用户及其主组。 +.sp +If the home directory of an existing user is changed, +\fBnewusers\fR +does not move or copy the content of the old directory to the new location\&. This should be done manually\&. +.RE +.PP +\fIpw_shell\fR +.RS 4 +此字段定义了用户的 shell。对此字段不进行任何检查。 +.RE +.PP +\fBnewusers\fR +first tries to create or change all the specified users, and then write these changes to the user or group databases\&. If an error occurs (except in the final writes to the databases), no changes are committed to the databases\&. +.PP +此命令一般用于在大型的应用环境中,对大量账户进行一次性更新。 +.SH "选项" +.PP +The options which apply to the +\fBnewusers\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-c\fR, \fB\-\-crypt\-method\fR +.RS 4 +使用指定的方法加密密码。 +.sp +可用的方法有 DES, MD5, NONE, and SHA256 或 SHA512,前提是您的 libc 支持这写方法。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统账户。 +.sp +System users will be created with no aging information in +/etc/shadow, and their numeric identifiers are chosen in the +\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR +range, defined in +login\&.defs, instead of +\fBUID_MIN\fR\-\fBUID_MAX\fR +(and their +\fBGID\fR +counterparts for the creation of groups)\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sha\-rounds\fR +.RS 4 +使用指定次数的轮转来加密密码。 +.sp +值 0 表示让系统为加密方法选择默认的轮转次数 (5000)。 +.sp +会强制最小 1,000,最大 9,9999,9999 +.sp +您只可以对 SHA256 或 SHA512 使用此选项。 +.sp +By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in +/etc/login\&.defs\&. +.RE +.SH "CAVEATS" +.PP +输入文件必须受到保护,因为它包含未加密的密码。 +.PP +您需要确保你吗和加密方法符合系统的密码策略。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBHOME_MODE\fR (number) +.RS 4 +The mode for new home directories\&. If not specified, the +\fBUMASK\fR +is used to create the mode\&. +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this to set the mode of the home directory they create\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.PP +\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of system users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_UID_MIN\fR +(resp\&. +\fBSYS_UID_MAX\fR) is 101 (resp\&. +\fBUID_MIN\fR\-1)\&. +.RE +.PP +\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of regular users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBUID_MIN\fR +(resp\&. +\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "参见" +.PP +\fBlogin.defs\fR(5), +\fBpasswd\fR(1), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8)\&. diff --git a/man/zh_CN/man8/nologin.8 b/man/zh_CN/man8/nologin.8 new file mode 100644 index 0000000..d07348f --- /dev/null +++ b/man/zh_CN/man8/nologin.8 @@ -0,0 +1,55 @@ +'\" t +.\" Title: nologin +.\" Author: Nicolas Fran\(,cois <nicolas.francois@centraliens.net> +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NOLOGIN" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +nologin \- 礼貌地拒绝登录 +.SH "大纲" +.HP \w'\fBnologin\fR\ 'u +\fBnologin\fR +.SH "描述" +.PP +The +\fBnologin\fR +command displays a message that an account is not available and exits non\-zero\&. It is intended as a replacement shell field for accounts that have been disabled\&. +.PP +To disable all logins, investigate +\fBnologin\fR(5)\&. +.PP +If +\fBSSH_ORIGINAL_COMMAND\fR +is populated it will be logged\&. +.SH "参见" +.PP +\fBlogin\fR(1), +\fBnologin\fR(5)\&. +.SH "历史" +.PP +The +\fBnologin\fR +command appeared in BSD 4\&.4\&. diff --git a/man/zh_CN/man8/pwck.8 b/man/zh_CN/man8/pwck.8 new file mode 100644 index 0000000..8544184 --- /dev/null +++ b/man/zh_CN/man8/pwck.8 @@ -0,0 +1,328 @@ +'\" t +.\" Title: pwck +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PWCK" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +pwck \- 检查密码文件的完整性 +.SH "大纲" +.HP \w'\fBpwck\fR\ 'u +\fBpwck\fR [选项] [\fIpasswd\fR\ [\ \fIshadow\fR\ ]] +.SH "描述" +.PP +The +\fBpwck\fR +command verifies the integrity of the users and authentication information\&. It checks that all entries in +/etc/passwd +and +/etc/shadow +have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. +.PP +检查的项目有: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +正确的字段数 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个唯一且有效的用户名 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +一个有效的用户和组标识符 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的主组 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的主目录 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +有效的登录 shell +.RE +.PP +shadow +checks are enabled when a second file parameter is specified or when +/etc/shadow +exists on the system\&. +.PP +这些检查是: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +每个密码项都有对应的影子相,反之亦然。 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +密码在影子化了的文件中指定 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +影子项有正确的字段数。 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +影子项在影子文件中是唯一的 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +最后一次的密码更改时间不是被设成了一个将来的时间。 +.RE +.PP +The checks for correct number of fields and unique user name are fatal\&. If the entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated user name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warning and the user is encouraged to run the +\fBusermod\fR +command to correct the error\&. +.PP +The commands which operate on the +/etc/passwd +file are not able to alter corrupted or duplicated entries\&. +\fBpwck\fR +should be used in those circumstances to remove the offending entry\&. +.SH "选项" +.PP +The +\fB\-r\fR +and +\fB\-s\fR +options cannot be combined\&. +.PP +The options which apply to the +\fBpwck\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +只报告错误。不显示那些不需要用户操作的警告。 +.RE +.PP +\fB\-r\fR, \fB\-\-read\-only\fR +.RS 4 +Execute the +\fBpwck\fR +command in read\-only mode\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-sort\fR +.RS 4 +Sort entries in +/etc/passwd +and +/etc/shadow +by UID\&. +.RE +.PP +By default, +\fBpwck\fR +operates on the files +/etc/passwd +and +/etc/shadow\&. The user may select alternate files with the +\fIpasswd\fR +and +\fIshadow\fR +parameters\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBpwck\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI2\fR +.RS 4 +one or more bad password entries +.RE +.PP +\fI3\fR +.RS 4 +can\*(Aqt open password files +.RE +.PP +\fI4\fR +.RS 4 +can\*(Aqt lock password files +.RE +.PP +\fI5\fR +.RS 4 +can\*(Aqt update password files +.RE +.PP +\fI6\fR +.RS 4 +can\*(Aqt sort password files +.RE +.SH "参见" +.PP +\fBgroup\fR(5), +\fBgrpck\fR(8), +\fBpasswd\fR(5), +\fBshadow\fR(5), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/pwconv.8 b/man/zh_CN/man8/pwconv.8 new file mode 100644 index 0000000..0b6f41e --- /dev/null +++ b/man/zh_CN/man8/pwconv.8 @@ -0,0 +1,193 @@ +'\" t +.\" Title: pwconv +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PWCONV" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +pwconv, pwunconv, grpconv, grpunconv \- 在影子密码和组以及其它直接转换 +.SH "大纲" +.HP \w'\fBpwconv\fR\ 'u +\fBpwconv\fR [\fI选项\fR] +.HP \w'\fBpwunconv\fR\ 'u +\fBpwunconv\fR [\fI选项\fR] +.HP \w'\fBgrpconv\fR\ 'u +\fBgrpconv\fR [\fI选项\fR] +.HP \w'\fBgrpunconv\fR\ 'u +\fBgrpunconv\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBpwconv\fR +command creates +\fIshadow\fR +from +\fIpasswd\fR +and an optionally existing +\fIshadow\fR\&. +.PP +The +\fBpwunconv\fR +command creates +\fIpasswd\fR +from +\fIpasswd\fR +and +\fIshadow\fR +and then removes +\fIshadow\fR\&. +.PP +The +\fBgrpconv\fR +command creates +\fIgshadow\fR +from +\fIgroup\fR +and an optionally existing +\fIgshadow\fR\&. +.PP +The +\fBgrpunconv\fR +command creates +\fIgroup\fR +from +\fIgroup\fR +and +\fIgshadow\fR +and then removes +\fIgshadow\fR\&. +.PP +These four programs all operate on the normal and shadow password and group files: +/etc/passwd, +/etc/group, +/etc/shadow, and +/etc/gshadow\&. +.PP +Each program acquires the necessary locks before conversion\&. +\fBpwconv\fR +and +\fBgrpconv\fR +are similar\&. First, entries in the shadowed file which don\*(Aqt exist in the main file are removed\&. Then, shadowed entries which don\*(Aqt have `x\*(Aq as the password in the main file are updated\&. Any missing shadowed entries are added\&. Finally, passwords in the main file are replaced with `x\*(Aq\&. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand\&. +.PP +\fBpwconv\fR +will use the values of +\fIPASS_MIN_DAYS\fR, +\fIPASS_MAX_DAYS\fR, and +\fIPASS_WARN_AGE\fR +from +/etc/login\&.defs +when adding new entries to +/etc/shadow\&. +.PP +Likewise +\fBpwunconv\fR +and +\fBgrpunconv\fR +are similar\&. Passwords in the main file are updated from the shadowed file\&. Entries which exist in the main file but not in the shadowed file are left alone\&. Finally, the shadowed file is removed\&. Some password aging information is lost by +\fBpwunconv\fR\&. It will convert what it can\&. +.SH "选项" +.PP +The options which apply to the +\fBpwconv\fR, +\fBpwunconv\fR, +\fBgrpconv\fR, and +\fBgrpunconv\fR +commands are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.SH "缺陷" +.PP +Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways\&. Please run +\fBpwck\fR +and +\fBgrpck\fR +to correct any such errors before converting to or from shadow passwords or groups\&. +.SH "配置文件" +.PP +The following configuration variable in +/etc/login\&.defs +changes the behavior of +\fBgrpconv\fR +and +\fBgrpunconv\fR: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of +\fBpwconv\fR: +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.SH "文件" +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBgrpck\fR(8), +\fBlogin.defs\fR(5), +\fBpwck\fR(8)\&. diff --git a/man/zh_CN/man8/pwunconv.8 b/man/zh_CN/man8/pwunconv.8 new file mode 100644 index 0000000..6eed9e8 --- /dev/null +++ b/man/zh_CN/man8/pwunconv.8 @@ -0,0 +1 @@ +.so man8/pwconv.8 diff --git a/man/zh_CN/man8/sulogin.8 b/man/zh_CN/man8/sulogin.8 new file mode 100644 index 0000000..a8acbf7 --- /dev/null +++ b/man/zh_CN/man8/sulogin.8 @@ -0,0 +1,116 @@ +'\" t +.\" Title: sulogin +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SULOGIN" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +sulogin \- Single\-user login +.SH "SYNTAX" +.PP +\fBsulogin\fR +[\fItty\-device\fR] +.SH "描述" +.PP +The +\fBsulogin\fR +command is invoked by +\fBinit\fR +prior to allowing the user access to the system when in single user mode\&. This feature may only be available on certain systems where +\fBinit\fR +has been modified accordingly, or where the +/etc/inittab +has an entry for a single user login\&. +.PP +The user is prompted +.PP +Type control\-d to proceed with normal startup, +(or give root password for system maintenance): +.PP +Input and output will be performed with the standard file descriptors unless the optional device name argument is provided\&. +.PP +If the user enters the correct root password, a login session is initiated\&. When +\fIEOF\fR +is pressed instead, the system enters multi\-user mode\&. +.PP +After the user exits the single\-user shell, or presses +\fIEOF\fR, the system begins the initialization process required to enter multi\-user mode\&. +.SH "CAVEATS" +.PP +This command can only be used if +\fBinit\fR +has been modified to call +\fBsulogin\fR +instead of +/bin/sh, or if the user has set the +\fIinittab\fR +to support a single user login\&. For example, the line: +.PP +co:s:respawn:/etc/sulogin /dev/console +.PP +should execute the sulogin command in single user mode\&. +.PP +As complete an environment as possible is created\&. However, various devices may be unmounted or uninitialized and many of the user commands may be unavailable or nonfunctional as a result\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBsh\fR(1), +\fBinit\fR(8)\&. diff --git a/man/zh_CN/man8/useradd.8 b/man/zh_CN/man8/useradd.8 new file mode 100644 index 0000000..ea0f7b1 --- /dev/null +++ b/man/zh_CN/man8/useradd.8 @@ -0,0 +1,784 @@ +'\" t +.\" Title: useradd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERADD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +useradd \- 创建一个新用户或更新默认新用户信息 +.SH "大纲" +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR [\fI选项\fR] \fI登录\fR +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR \-D +.HP \w'\fBuseradd\fR\ 'u +\fBuseradd\fR \-D [\fI选项\fR] +.SH "描述" +.PP +When invoked without the +\fB\-D\fR +option, the +\fBuseradd\fR +command creates a new user account using the values specified on the command line plus the default values from the system\&. Depending on command line options, the +\fBuseradd\fR +command will update system files and may also create the new user\*(Aqs home directory and copy initial files\&. +.PP +By default, a group will also be created for the new user (see +\fB\-g\fR, +\fB\-N\fR, +\fB\-U\fR, and +\fBUSERGROUPS_ENAB\fR)\&. +.SH "选项" +.PP +The options which apply to the +\fBuseradd\fR +command are: +.PP +\fB\-\-badname\fR\ \& +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR +.RS 4 +The default base directory for the system if +\fB\-d\fR\ \&\fIHOME_DIR\fR +is not specified\&. +\fIBASE_DIR\fR +is concatenated with the account name to define the home directory\&. If the +\fB\-m\fR +option is not used, +\fIBASE_DIR\fR +must exist\&. +.sp +If this option is not specified, +\fBuseradd\fR +will use the base directory specified by the +\fBHOME\fR +variable in +/etc/default/useradd, or +/home +by default\&. +.RE +.PP +\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR +.RS 4 +任何字符串。通常是关于登录的简短描述,当前用于用户全名。 +.RE +.PP +\fB\-d\fR, \fB\-\-home\-dir\fR\ \&\fIHOME_DIR\fR +.RS 4 +The new user will be created using +\fIHOME_DIR\fR +as the value for the user\*(Aqs login directory\&. The default is to append the +\fILOGIN\fR +name to +\fIBASE_DIR\fR +and use that as the login directory name\&. The directory +\fIHOME_DIR\fR +does not have to exist but will not be created if it is missing\&. +.RE +.PP +\fB\-D\fR, \fB\-\-defaults\fR +.RS 4 +看下边,\(lq更改默认值\(rq子节。 +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +The date on which the user account will be disabled\&. The date is specified in the format +\fIYYYY\-MM\-DD\fR\&. +.sp +If not specified, +\fBuseradd\fR +will use the default expiry date specified by the +\fBEXPIRE\fR +variable in +/etc/default/useradd, or an empty string (no expiry) by default\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期后,账户被彻底禁用之前的天数。0 表示立即禁用,\-1 表示禁用这个功能。 +.sp +If not specified, +\fBuseradd\fR +will use the default inactivity period specified by the +\fBINACTIVE\fR +variable in +/etc/default/useradd, or \-1 by default\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +用户初始登陆组的组名或号码。组名必须已经存在。组号码必须指代已经存在的组。 +.sp +If not specified, the behavior of +\fBuseradd\fR +will depend on the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. If this variable is set to +\fIyes\fR +(or +\fB\-U/\-\-user\-group\fR +is specified on the command line), a group will be created for the user, with the same name as her loginname\&. If the variable is set to +\fIno\fR +(or +\fB\-N/\-\-no\-user\-group\fR +is specified on the command line), useradd will set the primary group of the new user to the value specified by the +\fBGROUP\fR +variable in +/etc/default/useradd, or 100 by default\&. +.RE +.PP +\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] +.RS 4 +A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the +\fB\-g\fR +option\&. The default is for the user to belong only to the initial group\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-k\fR, \fB\-\-skel\fR\ \&\fISKEL_DIR\fR +.RS 4 +The skeleton directory, which contains files and directories to be copied in the user\*(Aqs home directory, when the home directory is created by +\fBuseradd\fR\&. +.sp +This option is only valid if the +\fB\-m\fR +(or +\fB\-\-create\-home\fR) option is specified\&. +.sp +If this option is not set, the skeleton directory is defined by the +\fBSKEL\fR +variable in +/etc/default/useradd +or, by default, +/etc/skel\&. +.sp +如果可以,也复制 ACL 和扩展属性。 +.RE +.PP +\fB\-K\fR, \fB\-\-key\fR\ \&\fIKEY\fR=\fIVALUE\fR +.RS 4 +Overrides +/etc/login\&.defs +defaults (\fBUID_MIN\fR, +\fBUID_MAX\fR, +\fBUMASK\fR, +\fBPASS_MAX_DAYS\fR +and others)\&. + +Example: +\fB\-K\fR\ \&\fIPASS_MAX_DAYS\fR=\fI\-1\fR +can be used when creating system account to turn off password aging, even though system account has no password at all\&. Multiple +\fB\-K\fR +options can be specified, e\&.g\&.: +\fB\-K\fR\ \&\fIUID_MIN\fR=\fI100\fR\ \& +\fB\-K\fR\ \&\fIUID_MAX\fR=\fI499\fR +.RE +.PP +\fB\-l\fR, \fB\-\-no\-log\-init\fR +.RS 4 +不要将用户添加到最近登录和登录失败数据库。 +.sp +By default, the user\*(Aqs entries in the lastlog and faillog databases are reset to avoid reusing the entry from a previously deleted user\&. +.RE +.PP +\fB\-m\fR, \fB\-\-create\-home\fR +.RS 4 +Create the user\*(Aqs home directory if it does not exist\&. The files and directories contained in the skeleton directory (which can be defined with the +\fB\-k\fR +option) will be copied to the home directory\&. +.sp +By default, if this option is not specified and +\fBCREATE_HOME\fR +is not enabled, no home directories are created\&. +.RE +.PP +\fB\-M\fR, \fB\-\-no\-create\-home\fR +.RS 4 +Do no create the user\*(Aqs home directory, even if the system wide setting from +/etc/login\&.defs +(\fBCREATE_HOME\fR) is set to +\fIyes\fR\&. +.RE +.PP +\fB\-N\fR, \fB\-\-no\-user\-group\fR +.RS 4 +Do not create a group with the same name as the user, but add the user to the group specified by the +\fB\-g\fR +option or by the +\fBGROUP\fR +variable in +/etc/default/useradd\&. +.sp +The default behavior (if the +\fB\-g\fR, +\fB\-N\fR, and +\fB\-U\fR +options are not specified) is defined by the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +允许使用重复的 UID 创建用户账户。 +.sp +This option is only valid in combination with the +\fB\-u\fR +option\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. The default is to disable the password\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-r\fR, \fB\-\-system\fR +.RS 4 +创建一个系统账户。 +.sp +System users will be created with no aging information in +/etc/shadow, and their numeric identifiers are chosen in the +\fBSYS_UID_MIN\fR\-\fBSYS_UID_MAX\fR +range, defined in +/etc/login\&.defs, instead of +\fBUID_MIN\fR\-\fBUID_MAX\fR +(and their +\fBGID\fR +counterparts for the creation of groups)\&. +.sp +Note that +\fBuseradd\fR +will not create a home directory for such a user, regardless of the default setting in +/etc/login\&.defs +(\fBCREATE_HOME\fR)\&. You have to specify the +\fB\-m\fR +options if you want a home directory for a system account to be created\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +The name of the user\*(Aqs login shell\&. The default is to leave this field blank, which causes the system to select the default login shell specified by the +\fBSHELL\fR +variable in +/etc/default/useradd, or an empty string by default\&. +.RE +.PP +\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR +.RS 4 +The numerical value of the user\*(Aqs ID\&. This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. The default is to use the smallest ID value greater than or equal to +\fBUID_MIN\fR +and greater than every other user\&. +.sp +See also the +\fB\-r\fR +option and the +\fBUID_MAX\fR +description\&. +.RE +.PP +\fB\-U\fR, \fB\-\-user\-group\fR +.RS 4 +创建一个和用户同名的组,并将用户添加到组中。 +.sp +The default behavior (if the +\fB\-g\fR, +\fB\-N\fR, and +\fB\-U\fR +options are not specified) is defined by the +\fBUSERGROUPS_ENAB\fR +variable in +/etc/login\&.defs\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR +.RS 4 +用户登陆的 SELinux 用户。默认为留空,这会造成系统选择默认的 SELinux 用户。 +.RE +.SS "更改默认值" +.PP +When invoked with only the +\fB\-D\fR +option, +\fBuseradd\fR +will display the current default values\&. When invoked with +\fB\-D\fR +plus other options, +\fBuseradd\fR +will update the default values for the specified options\&. Valid default\-changing options are: +.PP +\fB\-b\fR, \fB\-\-base\-dir\fR\ \&\fIBASE_DIR\fR +.RS 4 +The path prefix for a new user\*(Aqs home directory\&. The user\*(Aqs name will be affixed to the end of +\fIBASE_DIR\fR +to form the new user\*(Aqs home directory name, if the +\fB\-d\fR +option is not used when creating a new account\&. +.sp +This option sets the +\fBHOME\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +禁用此用户账户的日期。 +.sp +This option sets the +\fBEXPIRE\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期到账户被禁用之前的天数。 +.sp +This option sets the +\fBINACTIVE\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +The group name or ID for a new user\*(Aqs initial group (when the +\fB\-N/\-\-no\-user\-group\fR +is used or when the +\fBUSERGROUPS_ENAB\fR +variable is set to +\fIno\fR +in +/etc/login\&.defs)\&. The named group must exist, and a numerical group ID must have an existing entry\&. +.sp +This option sets the +\fBGROUP\fR +variable in +/etc/default/useradd\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +新用户的登录 shell 名。 +.sp +This option sets the +\fBSHELL\fR +variable in +/etc/default/useradd\&. +.RE +.SH "注意:" +.PP +The system administrator is responsible for placing the default user files in the +/etc/skel/ +directory (or any other skeleton directory specified in +/etc/default/useradd +or on the command line)\&. +.SH "CAVEATS" +.PP +您可能不能想 NIS 组或 LDAP 组添加用户。这只能在相应服务器上进行。 +.PP +Similarly, if the username already exists in an external user database such as NIS or LDAP, +\fBuseradd\fR +will deny the user account creation request\&. +.PP +用户名必须以一个小写字母或下划线开始,跟随小写字符、数字、下划线或连字符的组合。可以以美元符号结束。用正则表达式表示就是:[a\-z_][a\-z0\-9_\-]*[$]? +.PP +用户名不能超过 32 个字符长。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCREATE_HOME\fR (boolean) +.RS 4 +指示是否应该为新用户默认创建主目录。 +.sp +此设置并不应用到系统用户,并且可以使用命令行覆盖。 +.RE +.PP +\fBGID_MAX\fR (number), \fBGID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of regular groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBGID_MIN\fR +(resp\&. +\fBGID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBHOME_MODE\fR (number) +.RS 4 +The mode for new home directories\&. If not specified, the +\fBUMASK\fR +is used to create the mode\&. +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this to set the mode of the home directory they create\&. +.RE +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +一个密码可以使用的最大天数。如果密码比这旧,将会强迫更改密码。如果不指定,就假定为 \-1,这会禁用这个限制。 +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +两次更改密码时间的最小间隔。将会拒绝任何早于此的更改密码的尝试。如果不指定,假定为 \-1,将会禁用这个限制。 +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +密码过期之前给出警告的天数。0 表示只有只在过期的当天警告,负值表示不警告。如果没有指定,不会给警告。 +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSYS_GID_MAX\fR (number), \fBSYS_GID_MIN\fR (number) +.RS 4 +Range of group IDs used for the creation of system groups by +\fBuseradd\fR, +\fBgroupadd\fR, or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_GID_MIN\fR +(resp\&. +\fBSYS_GID_MAX\fR) is 101 (resp\&. +\fBGID_MIN\fR\-1)\&. +.RE +.PP +\fBSYS_UID_MAX\fR (number), \fBSYS_UID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of system users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBSYS_UID_MIN\fR +(resp\&. +\fBSYS_UID_MAX\fR) is 101 (resp\&. +\fBUID_MIN\fR\-1)\&. +.RE +.PP +\fBUID_MAX\fR (number), \fBUID_MIN\fR (number) +.RS 4 +Range of user IDs used for the creation of regular users by +\fBuseradd\fR +or +\fBnewusers\fR\&. +.sp +The default value for +\fBUID_MIN\fR +(resp\&. +\fBUID_MAX\fR) is 1000 (resp\&. 60000)\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/default/useradd +.RS 4 +账户创建的默认值。 +.RE +.PP +/etc/skel/ +.RS 4 +包含默认文件的目录。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +The +\fBuseradd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +can\*(Aqt update password file +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI3\fR +.RS 4 +invalid argument to option +.RE +.PP +\fI4\fR +.RS 4 +UID already in use (and no +\fB\-o\fR) +.RE +.PP +\fI6\fR +.RS 4 +specified group doesn\*(Aqt exist +.RE +.PP +\fI9\fR +.RS 4 +username already in use +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.PP +\fI12\fR +.RS 4 +can\*(Aqt create home directory +.RE +.PP +\fI14\fR +.RS 4 +can\*(Aqt update SELinux user mapping +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBcrypt\fR(3), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBnewusers\fR(8), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuserdel\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/userdel.8 b/man/zh_CN/man8/userdel.8 new file mode 100644 index 0000000..3c91432 --- /dev/null +++ b/man/zh_CN/man8/userdel.8 @@ -0,0 +1,308 @@ +'\" t +.\" Title: userdel +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERDEL" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +userdel \- 删除用户账户和相关文件 +.SH "大纲" +.HP \w'\fBuserdel\fR\ 'u +\fBuserdel\fR [选项] \fI登录\fR +.SH "描述" +.PP +The +\fBuserdel\fR +command modifies the system account files, deleting all entries that refer to the user name +\fILOGIN\fR\&. The named user must exist\&. +.SH "选项" +.PP +The options which apply to the +\fBuserdel\fR +command are: +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +This option forces the removal of the user account, even if the user is still logged in\&. It also forces +\fBuserdel\fR +to remove the user\*(Aqs home directory and mail spool, even if another user uses the same home directory or if the mail spool is not owned by the specified user\&. If +\fBUSERGROUPS_ENAB\fR +is defined to +\fIyes\fR +in +/etc/login\&.defs +and if a group exists with the same name as the deleted user, then this group will be removed, even if it is still the primary group of another user\&. +.sp +\fINote:\fR +This option is dangerous and may leave your system in an inconsistent state\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-r\fR, \fB\-\-remove\fR +.RS 4 +用户主目录中的文件将随用户主目录和用户邮箱一起删除。在其它文件系统中的文件必须手动搜索并删除。 +.sp +The mail spool is defined by the +\fBMAIL_DIR\fR +variable in the +login\&.defs +file\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR +.RS 4 +移除用户登录的所有 SELinux 用户映射。 +.RE +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBUSERDEL_CMD\fR (string) +.RS 4 +如果定义了,这是删除账户时执行的命令。它应该移除所有属于此用户的的 at/cron/print 等作业(作为第一个参数传递)。 +.sp +这个脚本的返回值并不被带到账户中去。 +.sp +Here is an example script, which removes the user\*(Aqs cron, at and print jobs: +.sp +.if n \{\ +.RS 4 +.\} +.nf +#! /bin/sh + +# Check for the required argument\&. +if [ $# != 1 ]; then + echo "Usage: $0 username" + exit 1 +fi + +# Remove cron jobs\&. +crontab \-r \-u $1 + +# Remove at jobs\&. +# Note that it will remove any jobs owned by the same UID, +# even if it was shared by a different username\&. +AT_SPOOL_DIR=/var/spool/cron/atjobs +find $AT_SPOOL_DIR \-name "[^\&.]*" \-type f \-user $1 \-delete \e; + +# Remove print jobs\&. +lprm $1 + +# All done\&. +exit 0 + +.fi +.if n \{\ +.RE +.\} +.sp +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "退出值" +.PP +The +\fBuserdel\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +can\*(Aqt update password file +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI6\fR +.RS 4 +specified user doesn\*(Aqt exist +.RE +.PP +\fI8\fR +.RS 4 +user currently logged in +.RE +.PP +\fI10\fR +.RS 4 +can\*(Aqt update group file +.RE +.PP +\fI12\fR +.RS 4 +can\*(Aqt remove home directory +.RE +.SH "CAVEATS" +.PP +\fBuserdel\fR +will not allow you to remove an account if there are running processes which belong to this account\&. In that case, you may have to kill those processes or lock the user\*(Aqs password or account and remove the account later\&. The +\fB\-f\fR +option can force the deletion of this account\&. +.PP +您应该手动检查所以文件系统,以确保没有遗留此用户的文件。 +.PP +您不能在 NIS 客户端上移除任何 NIS 属性。这必须在 NIS 服务器上执行。 +.PP +If +\fBUSERGROUPS_ENAB\fR +is defined to +\fIyes\fR +in +/etc/login\&.defs, +\fBuserdel\fR +will delete the group with the same name as the user\&. To avoid inconsistencies in the passwd and group databases, +\fBuserdel\fR +will check that this group is not used as a primary group for another user, and will just warn without deleting the group otherwise\&. The +\fB\-f\fR +option can force the deletion of this group\&. +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBlogin.defs\fR(5), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man8/usermod.8 b/man/zh_CN/man8/usermod.8 new file mode 100644 index 0000000..270df0a --- /dev/null +++ b/man/zh_CN/man8/usermod.8 @@ -0,0 +1,469 @@ +'\" t +.\" Title: usermod +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "USERMOD" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +usermod \- 修改一个用户账户 +.SH "大纲" +.HP \w'\fBusermod\fR\ 'u +\fBusermod\fR [\fI选项\fR] \fI登录\fR +.SH "描述" +.PP +The +\fBusermod\fR +command modifies the system account files to reflect the changes that are specified on the command line\&. +.SH "选项" +.PP +The options which apply to the +\fBusermod\fR +command are: +.PP +\fB\-a\fR, \fB\-\-append\fR +.RS 4 +Add the user to the supplementary group(s)\&. Use only with the +\fB\-G\fR +option\&. +.RE +.PP +\fB\-b\fR, \fB\-\-badnames\fR +.RS 4 +Allow names that do not conform to standards\&. +.RE +.PP +\fB\-c\fR, \fB\-\-comment\fR\ \&\fICOMMENT\fR +.RS 4 +The new value of the user\*(Aqs password file comment field\&. It is normally modified using the +\fBchfn\fR(1) +utility\&. +.RE +.PP +\fB\-d\fR, \fB\-\-home\fR\ \&\fIHOME_DIR\fR +.RS 4 +用户的新登录目录。 +.sp +If the +\fB\-m\fR +option is given, the contents of the current home directory will be moved to the new home directory, which is created if it does not already exist\&. +.RE +.PP +\fB\-e\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +The date on which the user account will be disabled\&. The date is specified in the format +\fIYYYY\-MM\-DD\fR\&. +.sp +An empty +\fIEXPIRE_DATE\fR +argument will disable the expiration of the account\&. +.sp +This option requires a +/etc/shadow +file\&. A +/etc/shadow +entry will be created if there were none\&. +.RE +.PP +\fB\-f\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +密码过期之后,账户被彻底禁用之前的天数。 +.sp +0 表示密码过期时,立即禁用账户;\-1 表示不使用这个功能。 +.sp +This option requires a +/etc/shadow +file\&. A +/etc/shadow +entry will be created if there were none\&. +.RE +.PP +\fB\-g\fR, \fB\-\-gid\fR\ \&\fIGROUP\fR +.RS 4 +用户的新初始登录组的组名或数字代号。此组必须存在。 +.sp +用户主目录中,属于原来的主组的文件将转交新组所有。 +.sp +主目录之外的文件所属的组必须手动修改。 +.RE +.PP +\fB\-G\fR, \fB\-\-groups\fR\ \&\fIGROUP1\fR[\fI,GROUP2,\&.\&.\&.\fR[\fI,GROUPN\fR]]] +.RS 4 +A list of supplementary groups which the user is also a member of\&. Each group is separated from the next by a comma, with no intervening whitespace\&. The groups are subject to the same restrictions as the group given with the +\fB\-g\fR +option\&. +.sp +If the user is currently a member of a group which is not listed, the user will be removed from the group\&. This behaviour can be changed via the +\fB\-a\fR +option, which appends the user to the current supplementary group list\&. +.RE +.PP +\fB\-l\fR, \fB\-\-login\fR\ \&\fINEW_LOGIN\fR +.RS 4 +The name of the user will be changed from +\fILOGIN\fR +to +\fINEW_LOGIN\fR\&. Nothing else is changed\&. In particular, the user\*(Aqs home directory or mail spool should probably be renamed manually to reflect the new login name\&. +.RE +.PP +\fB\-L\fR, \fB\-\-lock\fR +.RS 4 +Lock a user\*(Aqs password\&. This puts a \*(Aq!\*(Aq in front of the encrypted password, effectively disabling the password\&. You can\*(Aqt use this option with +\fB\-p\fR +or +\fB\-U\fR\&. +.sp +Note: if you wish to lock the account (not only access with a password), you should also set the +\fIEXPIRE_DATE\fR +to +\fI1\fR\&. +.RE +.PP +\fB\-m\fR, \fB\-\-move\-home\fR +.RS 4 +将用户的主目录移动到新位置。 +.sp +This option is only valid in combination with the +\fB\-d\fR +(or +\fB\-\-home\fR) option\&. +.sp +\fBusermod\fR +will try to adapt the ownership of the files and to copy the modes, ACL and extended attributes, but manual changes might be needed afterwards\&. +.RE +.PP +\fB\-o\fR, \fB\-\-non\-unique\fR +.RS 4 +When used with the +\fB\-u\fR +option, this option allows to change the user ID to a non\-unique value\&. +.RE +.PP +\fB\-p\fR, \fB\-\-password\fR\ \&\fIPASSWORD\fR +.RS 4 +The encrypted password, as returned by +\fBcrypt\fR(3)\&. +.sp +\fBNote:\fR +This option is not recommended because the password (or encrypted password) will be visible by users listing the processes\&. +.sp +您应该确保密码符合系统的密码政策。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-P\fR, \fB\-\-prefix\fR\ \&\fIPREFIX_DIR\fR +.RS 4 +Apply changes in the +\fIPREFIX_DIR\fR +directory and use the configuration files from the +\fIPREFIX_DIR\fR +directory\&. This option does not chroot and is intended for preparing a cross\-compilation target\&. Some limitations: NIS and LDAP users/groups are not verified\&. PAM authentication is using the host files\&. No SELINUX support\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +用户的新登录 shell 的名称。将此字段设置为空会让系统选择默认的登录 shell。 +.RE +.PP +\fB\-u\fR, \fB\-\-uid\fR\ \&\fIUID\fR +.RS 4 +用户 ID 的新数值。 +.sp +This value must be unique, unless the +\fB\-o\fR +option is used\&. The value must be non\-negative\&. +.sp +用户的邮箱,用户主目录中属于此用户的文件的属主 ID 也将自动更改。 +.sp +用户主目录之外文件所有权必须手动修复。 +.sp +No checks will be performed with regard to the +\fBUID_MIN\fR, +\fBUID_MAX\fR, +\fBSYS_UID_MIN\fR, or +\fBSYS_UID_MAX\fR +from +/etc/login\&.defs\&. +.RE +.PP +\fB\-U\fR, \fB\-\-unlock\fR +.RS 4 +Unlock a user\*(Aqs password\&. This removes the \*(Aq!\*(Aq in front of the encrypted password\&. You can\*(Aqt use this option with +\fB\-p\fR +or +\fB\-L\fR\&. +.sp +Note: if you wish to unlock the account (not only access with a password), you should also set the +\fIEXPIRE_DATE\fR +(for example to +\fI99999\fR, or to the +\fBEXPIRE\fR +value from +/etc/default/useradd)\&. +.RE +.PP +\fB\-v\fR, \fB\-\-add\-subuids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Add a range of subordinate uids to the user\*(Aqs account\&. +.sp +This option may be specified multiple times to add multiple ranges to a users account\&. +.sp +No checks will be performed with regard to +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, or +\fBSUB_UID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-V\fR, \fB\-\-del\-subuids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Remove a range of subordinate uids from the user\*(Aqs account\&. +.sp +This option may be specified multiple times to remove multiple ranges to a users account\&. When both +\fB\-\-del\-subuids\fR +and +\fB\-\-add\-subuids\fR +are specified, the removal of all subordinate uid ranges happens before any subordinate uid range is added\&. +.sp +No checks will be performed with regard to +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, or +\fBSUB_UID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-w\fR, \fB\-\-add\-subgids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Add a range of subordinate gids to the user\*(Aqs account\&. +.sp +This option may be specified multiple times to add multiple ranges to a users account\&. +.sp +No checks will be performed with regard to +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, or +\fBSUB_GID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-W\fR, \fB\-\-del\-subgids\fR\ \&\fIFIRST\fR\-\fILAST\fR +.RS 4 +Remove a range of subordinate gids from the user\*(Aqs account\&. +.sp +This option may be specified multiple times to remove multiple ranges to a users account\&. When both +\fB\-\-del\-subgids\fR +and +\fB\-\-add\-subgids\fR +are specified, the removal of all subordinate gid ranges happens before any subordinate gid range is added\&. +.sp +No checks will be performed with regard to +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, or +\fBSUB_GID_COUNT\fR +from /etc/login\&.defs\&. +.RE +.PP +\fB\-Z\fR, \fB\-\-selinux\-user\fR\ \&\fISEUSER\fR +.RS 4 +用户登陆的 SELinux 用户。 +.sp +A blank +\fISEUSER\fR +will remove the SELinux user mapping for user +\fILOGIN\fR +(if any)\&. +.RE +.SH "CAVEATS" +.PP +You must make certain that the named user is not executing any processes when this command is being executed if the user\*(Aqs numerical user ID, the user\*(Aqs name, or the user\*(Aqs home directory is being changed\&. +\fBusermod\fR +checks this on Linux\&. On other platforms it only uses utmp to check if the user is logged in\&. +.PP +You must change the owner of any +\fBcrontab\fR +files or +\fBat\fR +jobs manually\&. +.PP +您必须更改 NIS 服务器上的 NIS 相关内容。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBLASTLOG_UID_MAX\fR (number) +.RS 4 +Highest user ID number for which the lastlog entries should be updated\&. As higher user IDs are usually tracked by remote user identity and authentication services there is no need to create a huge sparse lastlog file for them\&. +.sp +No +\fBLASTLOG_UID_MAX\fR +option present in the configuration means that there is no user ID limit for writing lastlog entries\&. +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBSUB_GID_MIN\fR (number), \fBSUB_GID_MAX\fR (number), \fBSUB_GID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate group IDs) allocate +\fBSUB_GID_COUNT\fR +unused group IDs from the range +\fBSUB_GID_MIN\fR +to +\fBSUB_GID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_GID_MIN\fR, +\fBSUB_GID_MAX\fR, +\fBSUB_GID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.PP +\fBSUB_UID_MIN\fR (number), \fBSUB_UID_MAX\fR (number), \fBSUB_UID_COUNT\fR (number) +.RS 4 +If +/etc/subuid +exists, the commands +\fBuseradd\fR +and +\fBnewusers\fR +(unless the user already have subordinate user IDs) allocate +\fBSUB_UID_COUNT\fR +unused user IDs from the range +\fBSUB_UID_MIN\fR +to +\fBSUB_UID_MAX\fR +for each new user\&. +.sp +The default values for +\fBSUB_UID_MIN\fR, +\fBSUB_UID_MAX\fR, +\fBSUB_UID_COUNT\fR +are respectively 100000, 600100000 and 65536\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/subgid +.RS 4 +Per user subordinate group IDs\&. +.RE +.PP +/etc/subuid +.RS 4 +Per user subordinate user IDs\&. +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBchsh\fR(1), +\fBpasswd\fR(1), +\fBcrypt\fR(3), +\fBgpasswd\fR(8), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBlogin.defs\fR(5), +\fBsubgid\fR(5), \fBsubuid\fR(5), +\fBuseradd\fR(8), +\fBuserdel\fR(8)\&. diff --git a/man/zh_CN/man8/vigr.8 b/man/zh_CN/man8/vigr.8 new file mode 100644 index 0000000..ff72d7a --- /dev/null +++ b/man/zh_CN/man8/vigr.8 @@ -0,0 +1 @@ +.so man8/vipw.8 diff --git a/man/zh_CN/man8/vipw.8 b/man/zh_CN/man8/vipw.8 new file mode 100644 index 0000000..971d955 --- /dev/null +++ b/man/zh_CN/man8/vipw.8 @@ -0,0 +1,137 @@ +'\" t +.\" Title: vipw +.\" Author: Marek Micha\(/lkiewicz +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 2020-01-23 +.\" Manual: 系统管理命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "VIPW" "8" "2020-01-23" "shadow\-utils 4\&.8\&.1" "系统管理命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +vipw, vigr \- 编辑密码、组、影子密码或影子组文件。 +.SH "大纲" +.HP \w'\fBvipw\fR\ 'u +\fBvipw\fR [\fI选项\fR] +.HP \w'\fBvigr\fR\ 'u +\fBvigr\fR [\fI选项\fR] +.SH "描述" +.PP +The +\fBvipw\fR +and +\fBvigr\fR +commands edits the files +/etc/passwd +and +/etc/group, respectively\&. With the +\fB\-s\fR +flag, they will edit the shadow versions of those files, +/etc/shadow +and +/etc/gshadow, respectively\&. The programs will set the appropriate locks to prevent file corruption\&. When looking for an editor, the programs will first try the environment variable +\fB$VISUAL\fR, then the environment variable +\fB$EDITOR\fR, and finally the default editor, +\fBvi\fR(1)\&. +.SH "选项" +.PP +The options which apply to the +\fBvipw\fR +and +\fBvigr\fR +commands are: +.PP +\fB\-g\fR, \fB\-\-group\fR +.RS 4 +编辑 group 数据库。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-p\fR, \fB\-\-passwd\fR +.RS 4 +编辑 passwd 数据库。 +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +安静模式。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shadow\fR +.RS 4 +编辑 shadow 或 gshadow 数据库。 +.RE +.SH "环境变量" +.PP +\fBVISUAL\fR +.RS 4 +要使用的编辑器。 +.RE +.PP +\fBEDITOR\fR +.RS 4 +Editor to be used if +\fBVISUAL\fR +is not set\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBvi\fR(1), +\fBgroup\fR(5), +\fBgshadow\fR(5) +, +\fBpasswd\fR(5), , +\fBshadow\fR(5)\&. |