From 333f7ecfa3e040191c66b2b92f6c117ca2cbac1d Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 14:50:00 +0200 Subject: Adding upstream version 1:4.8.1. Signed-off-by: Daniel Baumann --- man/zh_CN/man1/chage.1 | 189 ++++++++++++++++++ man/zh_CN/man1/chfn.1 | 163 ++++++++++++++++ man/zh_CN/man1/chsh.1 | 121 ++++++++++++ man/zh_CN/man1/expiry.1 | 74 +++++++ man/zh_CN/man1/gpasswd.1 | 232 ++++++++++++++++++++++ man/zh_CN/man1/groups.1 | 64 +++++++ man/zh_CN/man1/id.1 | 60 ++++++ man/zh_CN/man1/login.1 | 487 +++++++++++++++++++++++++++++++++++++++++++++++ man/zh_CN/man1/newgrp.1 | 98 ++++++++++ man/zh_CN/man1/passwd.1 | 365 +++++++++++++++++++++++++++++++++++ man/zh_CN/man1/sg.1 | 97 ++++++++++ man/zh_CN/man1/su.1 | 448 +++++++++++++++++++++++++++++++++++++++++++ 12 files changed, 2398 insertions(+) create mode 100644 man/zh_CN/man1/chage.1 create mode 100644 man/zh_CN/man1/chfn.1 create mode 100644 man/zh_CN/man1/chsh.1 create mode 100644 man/zh_CN/man1/expiry.1 create mode 100644 man/zh_CN/man1/gpasswd.1 create mode 100644 man/zh_CN/man1/groups.1 create mode 100644 man/zh_CN/man1/id.1 create mode 100644 man/zh_CN/man1/login.1 create mode 100644 man/zh_CN/man1/newgrp.1 create mode 100644 man/zh_CN/man1/passwd.1 create mode 100644 man/zh_CN/man1/sg.1 create mode 100644 man/zh_CN/man1/su.1 (limited to 'man/zh_CN/man1') diff --git a/man/zh_CN/man1/chage.1 b/man/zh_CN/man1/chage.1 new file mode 100644 index 0000000..0eae23d --- /dev/null +++ b/man/zh_CN/man1/chage.1 @@ -0,0 +1,189 @@ +'\" t +.\" Title: chage +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHAGE" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chage \- 更改用户密码过期信息 +.SH "大纲" +.HP \w'\fBchage\fR\ 'u +\fBchage\fR [\fI选项\fR] \fI登录\fR +.SH "描述" +.PP +The +\fBchage\fR +command changes the number of days between password changes and the date of the last password change\&. This information is used by the system to determine when a user must change their password\&. +.SH "选项" +.PP +The options which apply to the +\fBchage\fR +command are: +.PP +\fB\-d\fR, \fB\-\-lastday\fR\ \&\fILAST_DAY\fR +.RS 4 +Set the number of days since January 1st, 1970 when the password was last changed\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. +.RE +.PP +\fB\-E\fR, \fB\-\-expiredate\fR\ \&\fIEXPIRE_DATE\fR +.RS 4 +Set the date or number of days since January 1, 1970 on which the user\*(Aqs account will no longer be accessible\&. The date may also be expressed in the format YYYY\-MM\-DD (or the format more commonly used in your area)\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. +.sp +Passing the number +\fI\-1\fR +as the +\fIEXPIRE_DATE\fR +will remove an account expiration date\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-i\fR, \fB\-\-iso8601\fR +.RS 4 +When printing dates, use YYYY\-MM\-DD format\&. +.RE +.PP +\fB\-I\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +Set the number of days of inactivity after a password has expired before the account is locked\&. The +\fIINACTIVE\fR +option is the number of days of inactivity\&. A user whose account is locked must contact the system administrator before being able to use the system again\&. +.sp +Passing the number +\fI\-1\fR +as the +\fIINACTIVE\fR +will remove an account\*(Aqs inactivity\&. +.RE +.PP +\fB\-l\fR, \fB\-\-list\fR +.RS 4 +现实账户年龄信息。 +.RE +.PP +\fB\-m\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR +.RS 4 +Set the minimum number of days between password changes to +\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change their password at any time\&. +.RE +.PP +\fB\-M\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR +.RS 4 +Set the maximum number of days during which a password is valid\&. When +\fIMAX_DAYS\fR +plus +\fILAST_DAY\fR +is less than the current day, the user will be required to change their password before being able to use their account\&. This occurrence can be planned for in advance by use of the +\fB\-W\fR +option, which provides the user with advance warning\&. +.sp +Passing the number +\fI\-1\fR +as +\fIMAX_DAYS\fR +will remove checking a password\*(Aqs validity\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-W\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR +.RS 4 +Set the number of days of warning before a password change is required\&. The +\fIWARN_DAYS\fR +option is the number of days prior to the password expiring that a user will be warned their password is about to expire\&. +.RE +.PP +If none of the options are selected, +\fBchage\fR +operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of +\fI[ ]\fR +marks\&. +.SH "注意" +.PP +The +\fBchage\fR +program requires a shadow password file to be available\&. +.PP +The +\fBchage\fR +command is restricted to the root user, except for the +\fB\-l\fR +option, which may be used by an unprivileged user to determine when their password or account is due to expire\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "退出值" +.PP +The +\fBchage\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +permission denied +.RE +.PP +\fI2\fR +.RS 4 +invalid command syntax +.RE +.PP +\fI15\fR +.RS 4 +can\*(Aqt find the shadow password file +.RE +.SH "参见" +.PP +\fBpasswd\fR(5), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/chfn.1 b/man/zh_CN/man1/chfn.1 new file mode 100644 index 0000000..c0a2f2e --- /dev/null +++ b/man/zh_CN/man1/chfn.1 @@ -0,0 +1,163 @@ +'\" t +.\" Title: chfn +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHFN" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chfn \- 更改真名和信息 +.SH "大纲" +.HP \w'\fBchfn\fR\ 'u +\fBchfn\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBchfn\fR +command changes user fullname, office room number, office phone number, and home phone number information for a user\*(Aqs account\&. This information is typically printed by +\fBfinger\fR(1) +and similar programs\&. A normal user may only change the fields for her own account, subject to the restrictions in +/etc/login\&.defs\&. (The default configuration is to prevent users from changing their fullname\&.) The superuser may change any field for any account\&. Additionally, only the superuser may use the +\fB\-o\fR +option to change the undefined portions of the GECOS field\&. +.PP +These fields must not contain any colons\&. Except for the +\fIother\fR +field, they should not contain any comma or equal sign\&. It is also recommended to avoid non\-US\-ASCII characters, but this is only enforced for the phone numbers\&. The +\fIother\fR +field is used to store accounting information used by other applications\&. +.SH "选项" +.PP +The options which apply to the +\fBchfn\fR +command are: +.PP +\fB\-f\fR, \fB\-\-full\-name\fR\ \&\fIFULL_NAME\fR +.RS 4 +更改用户的全名 +.RE +.PP +\fB\-h\fR, \fB\-\-home\-phone\fR\ \&\fIHOME_PHONE\fR +.RS 4 +Change the user\*(Aqs home phone number\&. +.RE +.PP +\fB\-o\fR, \fB\-\-other\fR\ \&\fIOTHER\fR +.RS 4 +Change the user\*(Aqs other GECOS information\&. This field is used to store accounting information used by other applications, and can be changed only by a superuser\&. +.RE +.PP +\fB\-r\fR, \fB\-\-room\fR\ \&\fIROOM_NUMBER\fR +.RS 4 +Change the user\*(Aqs room number\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-u\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-w\fR, \fB\-\-work\-phone\fR\ \&\fIWORK_PHONE\fR +.RS 4 +Change the user\*(Aqs office phone number\&. +.RE +.PP +If none of the options are selected, +\fBchfn\fR +operates in an interactive fashion, prompting the user with the current values for all of the fields\&. Enter the new value to change the field, or leave the line blank to use the current value\&. The current value is displayed between a pair of +\fB[ ]\fR +marks\&. Without options, +\fBchfn\fR +prompts for the current user account\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCHFN_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchfn\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBCHFN_RESTRICT\fR (string) +.RS 4 +This parameter specifies which values in the +\fIgecos\fR +field of the +/etc/passwd +file may be changed by regular users using the +\fBchfn\fR +program\&. It can be any combination of letters +\fIf\fR, +\fIr\fR, +\fIw\fR, +\fIh\fR, for Full name, Room number, Work phone, and Home phone, respectively\&. For backward compatibility, +\fIyes\fR +is equivalent to +\fIrwh\fR +and +\fIno\fR +is equivalent to +\fIfrwh\fR\&. If not specified, only the superuser can make any changes\&. The most restrictive setting is better achieved by not installing +\fBchfn\fR +SUID\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.SH "文件" +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "参见" +.PP +\fBchsh\fR(1), +\fBlogin.defs\fR(5), +\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/chsh.1 b/man/zh_CN/man1/chsh.1 new file mode 100644 index 0000000..e9147a7 --- /dev/null +++ b/man/zh_CN/man1/chsh.1 @@ -0,0 +1,121 @@ +'\" t +.\" Title: chsh +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "CHSH" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +chsh \- 更改登录 shell +.SH "大纲" +.HP \w'\fBchsh\fR\ 'u +\fBchsh\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBchsh\fR +command changes the user login shell\&. This determines the name of the user\*(Aqs initial login command\&. A normal user may only change the login shell for her own account; the superuser may change the login shell for any account\&. +.SH "选项" +.PP +The options which apply to the +\fBchsh\fR +command are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +用户的新登录 shell 的名称。将此字段设置为空会让系统选择默认的登录 shell。 +.RE +.PP +If the +\fB\-s\fR +option is not selected, +\fBchsh\fR +operates in an interactive fashion, prompting the user with the current login shell\&. Enter the new value to change the shell, or leave the line blank to use the current one\&. The current shell is displayed between a pair of +\fI[ ]\fR +marks\&. +.SH "注意" +.PP +The only restriction placed on the login shell is that the command name must be listed in +/etc/shells, unless the invoker is the superuser, and then any value may be added\&. An account with a restricted login shell may not change her login shell\&. For this reason, placing +/bin/rsh +in +/etc/shells +is discouraged since accidentally changing to a restricted shell would prevent the user from ever changing her login shell back to its original value\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCHSH_AUTH\fR (boolean) +.RS 4 +If +\fIyes\fR, the +\fBchsh\fR +program will require authentication before making any changes, unless run by the superuser\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shells +.RS 4 +可用的登录 shell 的列表。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBchfn\fR(1), +\fBlogin.defs\fR(5), +\fBpasswd\fR(5)\&. diff --git a/man/zh_CN/man1/expiry.1 b/man/zh_CN/man1/expiry.1 new file mode 100644 index 0000000..afd3255 --- /dev/null +++ b/man/zh_CN/man1/expiry.1 @@ -0,0 +1,74 @@ +'\" t +.\" Title: expiry +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "EXPIRY" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +expiry \- check and enforce password expiration policy +.SH "大纲" +.HP \w'\fBexpiry\fR\ 'u +\fBexpiry\fR \fI选项\fR +.SH "描述" +.PP +The +\fBexpiry\fR +command checks (\fB\-c\fR) the current password expiration and forces (\fB\-f\fR) changes when required\&. It is callable as a normal user command\&. +.SH "选项" +.PP +The options which apply to the +\fBexpiry\fR +command are: +.PP +\fB\-c\fR, \fB\-\-check\fR +.RS 4 +Check the password expiration of the current user\&. +.RE +.PP +\fB\-f\fR, \fB\-\-force\fR +.RS 4 +如果用户密码过期,则强制用户修改密码。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.SH "参见" +.PP +\fBpasswd\fR(5), +\fBshadow\fR(5)\&. diff --git a/man/zh_CN/man1/gpasswd.1 b/man/zh_CN/man1/gpasswd.1 new file mode 100644 index 0000000..3b4f351 --- /dev/null +++ b/man/zh_CN/man1/gpasswd.1 @@ -0,0 +1,232 @@ +'\" t +.\" Title: gpasswd +.\" Author: Rafal Maszkowski +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GPASSWD" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +gpasswd \- administer /etc/group and /etc/gshadow +.SH "大纲" +.HP \w'\fBgpasswd\fR\ 'u +\fBgpasswd\fR [\fI选项\fR] \fIgroup\fR +.SH "描述" +.PP +The +\fBgpasswd\fR +command is used to administer +/etc/group, and /etc/gshadow\&. Every group can have +administrators, +members and a password\&. +.PP +System administrators can use the +\fB\-A\fR +option to define group administrator(s) and the +\fB\-M\fR +option to define members\&. They have all rights of group administrators and members\&. +.PP +\fBgpasswd\fR +called by +a group administrator +with a group name only prompts for the new password of the +\fIgroup\fR\&. +.PP +If a password is set the members can still use +\fBnewgrp\fR(1) +without a password, and non\-members must supply the password\&. +.SS "请注意组密码" +.PP +Group passwords are an inherent security problem since more than one person is permitted to know the password\&. However, groups are a useful tool for permitting co\-operation between different users\&. +.SH "选项" +.PP +Except for the +\fB\-A\fR +and +\fB\-M\fR +options, the options cannot be combined\&. +.PP +The options which apply to the +\fBgpasswd\fR +command are: +.PP +\fB\-a\fR, \fB\-\-add\fR\ \&\fIuser\fR +.RS 4 +Add the +\fIuser\fR +to the named +\fIgroup\fR\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR\ \&\fIuser\fR +.RS 4 +Remove the +\fIuser\fR +from the named +\fIgroup\fR\&. +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-Q\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-r\fR, \fB\-\-remove\-password\fR +.RS 4 +Remove the password from the named +\fIgroup\fR\&. The group password will be empty\&. Only group members will be allowed to use +\fBnewgrp\fR +to join the named +\fIgroup\fR\&. +.RE +.PP +\fB\-R\fR, \fB\-\-restrict\fR +.RS 4 +Restrict the access to the named +\fIgroup\fR\&. The group password is set to "!"\&. Only group members with a password will be allowed to use +\fBnewgrp\fR +to join the named +\fIgroup\fR\&. +.RE +.PP +\fB\-A\fR, \fB\-\-administrators\fR\ \&\fIuser\fR,\&.\&.\&. +.RS 4 +设置有管理权限的用户列表。 +.RE +.PP +\fB\-M\fR, \fB\-\-members\fR\ \&\fIuser\fR,\&.\&.\&. +.RS 4 +设置组成员列表。 +.RE +.SH "CAVEATS" +.PP +This tool only operates on the +/etc/group +and /etc/gshadow files\&. +Thus you cannot change any NIS or LDAP group\&. This must be performed on the corresponding server\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +默认值是 0,意味着组中的成员数没有限制。 +.sp +此功能(分割组)允许限制组文件中的行长度。这对于确保 NIS 组的行比长于 1024 字符。 +.sp +如果要强制这个限制,可以使用 25。 +.sp +注意:分割组可能不受所有工具的支持(甚至在 Shadow 工具集中)。您不应该使用这个变量,除非真的需要。 +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBnewgrp\fR(1), +\fBgroupadd\fR(8), +\fBgroupdel\fR(8), +\fBgroupmod\fR(8), +\fBgrpck\fR(8), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/groups.1 b/man/zh_CN/man1/groups.1 new file mode 100644 index 0000000..4b7982a --- /dev/null +++ b/man/zh_CN/man1/groups.1 @@ -0,0 +1,64 @@ +'\" t +.\" Title: groups +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "GROUPS" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +groups \- 现实当前组名 +.SH "大纲" +.HP \w'\fBgroups\fR\ 'u +\fBgroups\fR [\fI用户\fR] +.SH "描述" +.PP +The +\fBgroups\fR +command displays the current group names or ID values\&. If the value does not have a corresponding entry in +/etc/group, the value will be displayed as the numerical group value\&. The optional +\fIuser\fR +parameter will display the groups for the named +\fIuser\fR\&. +.SH "注意" +.PP +Systems which do not support concurrent group sets will have the information from +/etc/group +reported\&. The user must use +\fBnewgrp\fR +or +\fBsg\fR +to change his current real and effective group ID\&. +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.SH "参见" +.PP +\fBnewgrp\fR(1), +\fBgetgid\fR(2), +\fBgetgroups\fR(2), +\fBgetuid\fR(2)\&. diff --git a/man/zh_CN/man1/id.1 b/man/zh_CN/man1/id.1 new file mode 100644 index 0000000..637c0d5 --- /dev/null +++ b/man/zh_CN/man1/id.1 @@ -0,0 +1,60 @@ +'\" t +.\" Title: id +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "ID" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +id \- display current user and group ID names +.SH "大纲" +.HP \w'\fBid\fR\ 'u +\fBid\fR [\-a] +.SH "描述" +.PP +The +\fBid\fR +command displays the current real and effective user and group ID names or values\&. If the value does not have a corresponding entry in +/etc/passwd +or +/etc/group, the value will be displayed without the corresponding name\&. The optional +\fB\-a\fR +flag will display the group set on systems which support multiple concurrent group membership\&. +.SH "文件" +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.SH "参见" +.PP +\fBgetgid\fR(2), +\fBgetgroups\fR(2), +\fBgetuid\fR(2) diff --git a/man/zh_CN/man1/login.1 b/man/zh_CN/man1/login.1 new file mode 100644 index 0000000..7ecfde7 --- /dev/null +++ b/man/zh_CN/man1/login.1 @@ -0,0 +1,487 @@ +'\" t +.\" Title: login +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "LOGIN" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +login \- 在系统上启动回话 +.SH "大纲" +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] [\-h\ \fIhost\fR] [\fI用户名\fR] [\fIENV=VAR\fR...] +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] [\-h\ \fIhost\fR] \-f \fI用户名\fR +.HP \w'\fBlogin\fR\ 'u +\fBlogin\fR [\-p] \-r\ \fIhost\fR +.SH "描述" +.PP +The +\fBlogin\fR +program is used to establish a new session with the system\&. It is normally invoked automatically by responding to the +\fIlogin:\fR +prompt on the user\*(Aqs terminal\&. +\fBlogin\fR +may be special to the shell and may not be invoked as a sub\-process\&. When called from a shell, +\fBlogin\fR +should be executed as +\fBexec login\fR +which will cause the user to exit from the current shell (and thus will prevent the new logged in user to return to the session of the caller)\&. Attempting to execute +\fBlogin\fR +from any shell but the login shell will produce an error message\&. +.PP +The user is then prompted for a password, where appropriate\&. Echoing is disabled to prevent revealing the password\&. Only a small number of password failures are permitted before +\fBlogin\fR +exits and the communications link is severed\&. +.PP +If password aging has been enabled for your account, you may be prompted for a new password before proceeding\&. You will be forced to provide your old password and the new password before continuing\&. Please refer to +\fBpasswd\fR(1) +for more information\&. +.PP +After a successful login, you will be informed of any system messages and the presence of mail\&. You may turn off the printing of the system message file, +/etc/motd, by creating a zero\-length file +\&.hushlogin +in your login directory\&. The mail message will be one of "\fIYou have new mail\&.\fR", "\fIYou have mail\&.\fR", or "\fINo Mail\&.\fR" according to the condition of your mailbox\&. +.PP +Your user and group ID will be set according to their values in the +/etc/passwd +file\&. The value for +\fB$HOME\fR, +\fB$SHELL\fR, +\fB$PATH\fR, +\fB$LOGNAME\fR, and +\fB$MAIL\fR +are set according to the appropriate fields in the password entry\&. Ulimit, umask and nice values may also be set according to entries in the GECOS field\&. +.PP +On some installations, the environmental variable +\fB$TERM\fR +will be initialized to the terminal type on your tty line, as specified in +/etc/ttytype\&. +.PP +命令解释器的初始化脚本也可能执行。请参考手册中相应的章节来获取关于此功能的更多信息。 +.PP +在登录 shell 中以第一个字符是\(lq*\(rq标注的是子系统登录。给定的主目录将被用于用户实际登录的新文件系统的根。 +.PP +The +\fBlogin\fR +program is NOT responsible for removing users from the utmp file\&. It is the responsibility of +\fBgetty\fR(8) +and +\fBinit\fR(8) +to clean up apparent ownership of a terminal session\&. If you use +\fBlogin\fR +from the shell prompt without +\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. +.SH "选项" +.PP +\fB\-f\fR +.RS 4 +不要执行认证,用户已经预认证过。 +.sp +Note: In that case, +\fIusername\fR +is mandatory\&. +.RE +.PP +\fB\-h\fR +.RS 4 +此登录的远程主机名。 +.RE +.PP +\fB\-p\fR +.RS 4 +保留环境。 +.RE +.PP +\fB\-r\fR +.RS 4 +为 rlogin (远程登录)执行 autologin (自动登录)协议。 +.RE +.PP +The +\fB\-r\fR, +\fB\-h\fR +and +\fB\-f\fR +options are only used when +\fBlogin\fR +is invoked by root\&. +.SH "CAVEATS" +.PP +This version of +\fBlogin\fR +has many compilation options, only some of which may be in use at any particular site\&. +.PP +文件的位置由系统配置决定。 +.PP +The +\fBlogin\fR +program is NOT responsible for removing users from the utmp file\&. It is the responsibility of +\fBgetty\fR(8) +and +\fBinit\fR(8) +to clean up apparent ownership of a terminal session\&. If you use +\fBlogin\fR +from the shell prompt without +\fBexec\fR, the user you use will continue to appear to be logged in even after you log out of the "subsession"\&. +.PP +As with any program, +\fBlogin\fR\*(Aqs appearance can be faked\&. If non\-trusted users have physical access to a machine, an attacker could use this to obtain the password of the next person coming to sit in front of the machine\&. Under Linux, the SAK mechanism can be used by users to initiate a trusted path and prevent this kind of attack\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCONSOLE\fR (string) +.RS 4 +如果定义了,或者是包含设备名(没行一个)的文件的完整路径名,或者是\(lq:\(rq分隔的设备名列表。将只会在这写设备上允许 root 登录。 +.sp +如果没有定义,可以在任何设备上使用 root。 +.sp +指定的设备时不带 /dev/ 前缀。 +.RE +.PP +\fBCONSOLE_GROUPS\fR (string) +.RS 4 +List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. + +Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. +.RE +.PP +\fBDEFAULT_HOME\fR (boolean) +.RS 4 +如果不能 cd 到主目录时,说明是否允许登录。默认是否。 +.sp +If set to +\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. +.RE +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENV_PATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example +\fI/bin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/bin:/usr/bin\fR\&. +.RE +.PP +\fBENV_SUPATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example +\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.PP +\fBENVIRON_FILE\fR (string) +.RS 4 +如果此文件存在,并且可读,将会从中读取登录环境。所有行都必须是 name=value 的格式。 +.sp +以 # 开头的行将视为注释,并被忽略。 +.RE +.PP +\fBERASECHAR\fR (number) +.RS 4 +Terminal ERASE character (\fI010\fR += backspace, +\fI0177\fR += DEL)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBFAIL_DELAY\fR (number) +.RS 4 +登录失败后,等待多少秒才再允许登录。 +.RE +.PP +\fBFAILLOG_ENAB\fR (boolean) +.RS 4 +Enable logging and display of +/var/log/faillog +login failure info\&. +.RE +.PP +\fBFAKE_SHELL\fR (string) +.RS 4 +If set, +\fBlogin\fR +will execute this shell instead of the users\*(Aq shell specified in +/etc/passwd\&. +.RE +.PP +\fBFTMP_FILE\fR (string) +.RS 4 +如果定义,登录失败会以 utmp 格式记录在此文件中。 +.RE +.PP +\fBHUSHLOGIN_FILE\fR (string) +.RS 4 +If defined, this file can inhibit all the usual chatter during the login sequence\&. If a full pathname is specified, then hushed mode will be enabled if the user\*(Aqs name or shell are found in the file\&. If not a full pathname, then hushed mode will be enabled if the file exists in the user\*(Aqs home directory\&. +.RE +.PP +\fBISSUE_FILE\fR (string) +.RS 4 +如果定义了,此文件将在每次的登录提示之前现实。 +.RE +.PP +\fBKILLCHAR\fR (number) +.RS 4 +Terminal KILL character (\fI025\fR += CTRL/U)\&. +.sp +此值可以使用前缀\(lq0\(rq表示八进制,\(lq0x\(rq表示十六进制。 +.RE +.PP +\fBLASTLOG_ENAB\fR (boolean) +.RS 4 +允许记录和显示 /var/log/lastlog 登录时间信息。 +.RE +.PP +\fBLOGIN_RETRIES\fR (number) +.RS 4 +密码错误时,重试的最大次数。 +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.PP +\fBLOGIN_TIMEOUT\fR (number) +.RS 4 +最大登录时间(以秒为单位)。 +.RE +.PP +\fBLOG_OK_LOGINS\fR (boolean) +.RS 4 +允许记录成功登录。 +.RE +.PP +\fBLOG_UNKFAIL_ENAB\fR (boolean) +.RS 4 +在记录到登录失败时,允许记录未知用户名。 +.sp +注意:如果用户不小心将密码输入到了登录名中,记录未知用户名可能是一个安全隐患。 +.RE +.PP +\fBMAIL_CHECK_ENAB\fR (boolean) +.RS 4 +启用登录时检查和现实邮箱状态。 +.sp +如果 shell 的启动文件已经检查了邮件("mailx \-e" 或者其它同功能的工具),您应该禁用它。 +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBMOTD_FILE\fR (string) +.RS 4 +If defined, ":" delimited list of "message of the day" files to be displayed upon login\&. +.RE +.PP +\fBNOLOGINS_FILE\fR (string) +.RS 4 +If defined, name of file whose presence will inhibit non\-root logins\&. The contents of this file should be a message indicating why logins are inhibited\&. +.RE +.PP +\fBPORTTIME_CHECKS_ENAB\fR (boolean) +.RS 4 +Enable checking of time restrictions specified in +/etc/porttime\&. +.RE +.PP +\fBQUOTAS_ENAB\fR (boolean) +.RS 4 +Enable setting of resource limits from +/etc/limits +and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. +.RE +.PP +\fBTTYGROUP\fR (string), \fBTTYPERM\fR (string) +.RS 4 +The terminal permissions: the login tty will be owned by the +\fBTTYGROUP\fR +group, and the permissions will be set to +\fBTTYPERM\fR\&. +.sp +By default, the ownership of the terminal is set to the user\*(Aqs primary group and the permissions are set to +\fI0600\fR\&. +.sp +\fBTTYGROUP\fR +can be either the name of a group or a numeric group identifier\&. +.sp +If you have a +\fBwrite\fR +program which is "setgid" to a special group which owns the terminals, define TTYGROUP to the group number and TTYPERM to 0620\&. Otherwise leave TTYGROUP commented out and assign TTYPERM to either 622 or 600\&. +.RE +.PP +\fBTTYTYPE_FILE\fR (string) +.RS 4 +If defined, file which maps tty line to TERM environment parameter\&. Each line of the file is in a format something like "vt100 tty01"\&. +.RE +.PP +\fBULIMIT\fR (number) +.RS 4 +Default +\fBulimit\fR +value\&. +.RE +.PP +\fBUMASK\fR (number) +.RS 4 +文件模式创建掩码初始化为此值。如果没有指定,掩码初始化为 022。 +.sp +\fBuseradd\fR +and +\fBnewusers\fR +use this mask to set the mode of the home directory they create if +\fBHOME_MODE\fR +is not set\&. +.sp +It is also used by +\fBlogin\fR +to define users\*(Aq initial umask\&. Note that this mask can be overridden by the user\*(Aqs GECOS line (if +\fBQUOTAS_ENAB\fR +is set) or by the specification of a limit with the +\fIK\fR +identifier in +\fBlimits\fR(5)\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/var/run/utmp +.RS 4 +当前登录会话的列表。 +.RE +.PP +/var/log/wtmp +.RS 4 +先前的登录会话列表。 +.RE +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/motd +.RS 4 +System message of the day file\&. +.RE +.PP +/etc/nologin +.RS 4 +阻止非 root 用户登录。 +.RE +.PP +/etc/ttytype +.RS 4 +终端类型列表。 +.RE +.PP +$HOME/\&.hushlogin +.RS 4 +阻止现实系统信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "参见" +.PP +\fBmail\fR(1), +\fBpasswd\fR(1), +\fBsh\fR(1), +\fBsu\fR(1), +\fBlogin.defs\fR(5), +\fBnologin\fR(5), +\fBpasswd\fR(5), +\fBsecuretty\fR(5), +\fBgetty\fR(8)\&. diff --git a/man/zh_CN/man1/newgrp.1 b/man/zh_CN/man1/newgrp.1 new file mode 100644 index 0000000..c696e0c --- /dev/null +++ b/man/zh_CN/man1/newgrp.1 @@ -0,0 +1,98 @@ +'\" t +.\" Title: newgrp +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "NEWGRP" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +newgrp \- 登录到一个新组 +.SH "大纲" +.HP \w'\fBnewgrp\fR\ 'u +\fBnewgrp\fR [\-] [\fIgroup\fR] +.SH "描述" +.PP +The +\fBnewgrp\fR +command is used to change the current group ID during a login session\&. If the optional +\fB\-\fR +flag is given, the user\*(Aqs environment will be reinitialized as though the user had logged in, otherwise the current environment, including current working directory, remains unchanged\&. +.PP +\fBnewgrp\fR +changes the current real group ID to the named group, or to the default group listed in +/etc/passwd +if no group name is given\&. +\fBnewgrp\fR +also tries to add the group to the user groupset\&. If not root, the user will be prompted for a password if she does not have a password (in +/etc/shadow +if this user has an entry in the shadowed password file, or in +/etc/passwd +otherwise) and the group does, or if the user is not listed as a member and the group has a password\&. The user will be denied access if the group password is empty and the user is not listed as a member\&. +.PP +If there is an entry for this group in +/etc/gshadow, then the list of members and the password of this group will be taken from this file, otherwise, the entry in +/etc/group +is considered\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBSYSLOG_SG_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsg\fR +activity\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBid\fR(1), +\fBlogin\fR(1), +\fBsu\fR(1), +\fBsg\fR(1), +\fBgpasswd\fR(1), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/passwd.1 b/man/zh_CN/man1/passwd.1 new file mode 100644 index 0000000..5d934a1 --- /dev/null +++ b/man/zh_CN/man1/passwd.1 @@ -0,0 +1,365 @@ +'\" t +.\" Title: passwd +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "PASSWD" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +passwd \- 更改用户密码 +.SH "大纲" +.HP \w'\fBpasswd\fR\ 'u +\fBpasswd\fR [\fI选项\fR] [\fI登录\fR] +.SH "描述" +.PP +The +\fBpasswd\fR +command changes passwords for user accounts\&. A normal user may only change the password for their own account, while the superuser may change the password for any account\&. +\fBpasswd\fR +also changes the account or associated password validity period\&. +.SS "密码更改" +.PP +如果有旧密码,首先提示用户输入旧密码。加密这个密码然后和存储的密码进行比较。用户只有一次机会输入正确密码。允许超级用户略过这个步骤,以便更改忘记了的密码。 +.PP +After the password has been entered, password aging information is checked to see if the user is permitted to change the password at this time\&. If not, +\fBpasswd\fR +refuses to change the password and exits\&. +.PP +提示用户输入两次新密码。第二次和第一次进行比较,并且需要相同才能更改密码。 +.PP +然后,测试密码的负责程度。一般来讲,密码应该包含 6 到 8 位字符,从下边的一个或多个集合中选择: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +小写字母 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +数字 0 到 9 +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +标点符号 +.RE +.PP +Care must be taken not to include the system default erase or kill characters\&. +\fBpasswd\fR +will reject any password which is not suitably complex\&. +.SS "关于用户密码的提示" +.PP +The security of a password depends upon the strength of the encryption algorithm and the size of the key space\&. The legacy +\fIUNIX\fR +System encryption method is based on the NBS DES algorithm\&. More recent methods are now recommended (see +\fBENCRYPT_METHOD\fR)\&. The size of the key space depends upon the randomness of the password which is selected\&. +.PP +由于粗心地或处理选择密码,会危及密码的安全。由于这个原因,您不应该选择出现在词典中或者必须要写下来才能记住的密码。密码也不应该是一个名字、许可证号、生日或者街道号。所有这些可以用于猜测来损害系统安全。 +.PP +You can find advice on how to choose a strong password on http://en\&.wikipedia\&.org/wiki/Password_strength +.SH "选项" +.PP +The options which apply to the +\fBpasswd\fR +command are: +.PP +\fB\-a\fR, \fB\-\-all\fR +.RS 4 +This option can be used only with +\fB\-S\fR +and causes show status for all users\&. +.RE +.PP +\fB\-d\fR, \fB\-\-delete\fR +.RS 4 +删除用户密码(让它为空)。这是禁用一个用户密码的快速方法。它将设置给出名称的账户。 +.RE +.PP +\fB\-e\fR, \fB\-\-expire\fR +.RS 4 +让一个账户的密码立即过期。这可以强制一个用户下次登录时更改密码。 +.RE +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +现实帮助信息并退出。 +.RE +.PP +\fB\-i\fR, \fB\-\-inactive\fR\ \&\fIINACTIVE\fR +.RS 4 +This option is used to disable an account after the password has been expired for a number of days\&. After a user account has had an expired password for +\fIINACTIVE\fR +days, the user may no longer sign on to the account\&. +.RE +.PP +\fB\-k\fR, \fB\-\-keep\-tokens\fR +.RS 4 +表示密码更改只应该因为认证口令(密码)过期更改。用户希望保持他们尚未过期的口令。 +.RE +.PP +\fB\-l\fR, \fB\-\-lock\fR +.RS 4 +锁定指定账户的密码。此选项通过将密码更改为一个不可能与加密值匹配的值来禁用(它在密码开头添加一个\(lq!\(rq)。 +.sp +Note that this does not disable the account\&. The user may still be able to login using another authentication token (e\&.g\&. an SSH key)\&. To disable the account, administrators should use +\fBusermod \-\-expiredate 1\fR +(this set the account\*(Aqs expire date to Jan 2, 1970)\&. +.sp +被锁定了密码的用户不允许更改密码。 +.RE +.PP +\fB\-n\fR, \fB\-\-mindays\fR\ \&\fIMIN_DAYS\fR +.RS 4 +Set the minimum number of days between password changes to +\fIMIN_DAYS\fR\&. A value of zero for this field indicates that the user may change their password at any time\&. +.RE +.PP +\fB\-q\fR, \fB\-\-quiet\fR +.RS 4 +安静模式。 +.RE +.PP +\fB\-r\fR, \fB\-\-repository\fR\ \&\fIREPOSITORY\fR +.RS 4 +change password in +\fIREPOSITORY\fR +repository +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. +.RE +.PP +\fB\-S\fR, \fB\-\-status\fR +.RS 4 +显示账户状态信息。状态信息包含 7 个字段。首个字段是用户的登录名,第二个字段表示用户账户是否已经锁定密码(L)、没有密码 (NP)或者密码可用(P),第三个字段给出最后一次更改密码的日期。接下来的四个字段分别是密码的最小年龄、最大年龄、警告期和禁用期。这些年龄以天为单位计算。 +.RE +.PP +\fB\-u\fR, \fB\-\-unlock\fR +.RS 4 +Unlock the password of the named account\&. This option re\-enables a password by changing the password back to its previous value (to the value before using the +\fB\-l\fR +option)\&. +.RE +.PP +\fB\-w\fR, \fB\-\-warndays\fR\ \&\fIWARN_DAYS\fR +.RS 4 +Set the number of days of warning before a password change is required\&. The +\fIWARN_DAYS\fR +option is the number of days prior to the password expiring that a user will be warned that their password is about to expire\&. +.RE +.PP +\fB\-x\fR, \fB\-\-maxdays\fR\ \&\fIMAX_DAYS\fR +.RS 4 +Set the maximum number of days a password remains valid\&. After +\fIMAX_DAYS\fR, the password is required to be changed\&. +.sp +Passing the number +\fI\-1\fR +as +\fIMAX_DAYS\fR +will remove checking a password\*(Aqs validity\&. +.RE +.SH "CAVEATS" +.PP +密码复杂性检查在每台机器间不同。用户应该选择适合的尽量复杂的密码。 +.PP +在启动了 NIS 的系统上,如果没有登录 NIS 服务器,用户或许不能更改自己的密码。 +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBENCRYPT_METHOD\fR (string) +.RS 4 +这定义了系统加密密码的默认算法(如果没有在命令行上指定算法)。 +.sp +It can take one of these values: +\fIDES\fR +(default), +\fIMD5\fR, \fISHA256\fR, \fISHA512\fR\&. +.sp +Note: this parameter overrides the +\fBMD5_CRYPT_ENAB\fR +variable\&. +.RE +.PP +\fBMD5_CRYPT_ENAB\fR (boolean) +.RS 4 +Indicate if passwords must be encrypted using the MD5\-based algorithm\&. If set to +\fIyes\fR, new passwords will be encrypted using the MD5\-based algorithm compatible with the one used by recent releases of FreeBSD\&. It supports passwords of unlimited length and longer salt strings\&. Set to +\fIno\fR +if you need to copy encrypted passwords to other systems which don\*(Aqt understand the new algorithm\&. Default is +\fIno\fR\&. +.sp +This variable is superseded by the +\fBENCRYPT_METHOD\fR +variable or by any command line option used to configure the encryption algorithm\&. +.sp +This variable is deprecated\&. You should use +\fBENCRYPT_METHOD\fR\&. +.RE +.PP +\fBOBSCURE_CHECKS_ENAB\fR (boolean) +.RS 4 +对密码更改启用附加检查。 +.RE +.PP +\fBPASS_ALWAYS_WARN\fR (boolean) +.RS 4 +如果是 root,警告弱密码,但是仍然允许使用。 +.RE +.PP +\fBPASS_CHANGE_TRIES\fR (number) +.RS 4 +可以尝试更改密码的最大次数(太容易)。 +.RE +.PP +\fBPASS_MAX_LEN\fR (number), \fBPASS_MIN_LEN\fR (number) +.RS 4 +Number of significant characters in the password for crypt()\&. +\fBPASS_MAX_LEN\fR +is 8 by default\&. Don\*(Aqt change unless your crypt() is better\&. This is ignored if +\fBMD5_CRYPT_ENAB\fR +set to +\fIyes\fR\&. +.RE +.PP +\fBSHA_CRYPT_MIN_ROUNDS\fR (number), \fBSHA_CRYPT_MAX_ROUNDS\fR (number) +.RS 4 +When +\fBENCRYPT_METHOD\fR +is set to +\fISHA256\fR +or +\fISHA512\fR, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line)\&. +.sp +使用很多轮转,会让暴力破解更加困难。但是需要注意,认证用户时也会需要更多的 CPU 资源。 +.sp +如果没有指定,libc 会选择默认的轮转数(5000)。 +.sp +值必须在 1000 \- 999,999,999 之间。 +.sp +If only one of the +\fBSHA_CRYPT_MIN_ROUNDS\fR +or +\fBSHA_CRYPT_MAX_ROUNDS\fR +values is set, then this value will be used\&. +.sp +If +\fBSHA_CRYPT_MIN_ROUNDS\fR +> +\fBSHA_CRYPT_MAX_ROUNDS\fR, the highest value will be used\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +The +\fBpasswd\fR +command exits with the following values: +.PP +\fI0\fR +.RS 4 +success +.RE +.PP +\fI1\fR +.RS 4 +permission denied +.RE +.PP +\fI2\fR +.RS 4 +invalid combination of options +.RE +.PP +\fI3\fR +.RS 4 +unexpected failure, nothing done +.RE +.PP +\fI4\fR +.RS 4 +unexpected failure, +passwd +file missing +.RE +.PP +\fI5\fR +.RS 4 +passwd +file busy, try again +.RE +.PP +\fI6\fR +.RS 4 +invalid argument to option +.RE +.SH "参见" +.PP +\fBchpasswd\fR(8), +\fBpasswd\fR(5), +\fBshadow\fR(5), +\fBlogin.defs\fR(5), +\fBusermod\fR(8)\&. diff --git a/man/zh_CN/man1/sg.1 b/man/zh_CN/man1/sg.1 new file mode 100644 index 0000000..bda6a5e --- /dev/null +++ b/man/zh_CN/man1/sg.1 @@ -0,0 +1,97 @@ +'\" t +.\" Title: sg +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SG" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +sg \- 以不同的组 ID 执行命令 +.SH "大纲" +.HP \w'\fBsg\fR\ 'u +\fBsg\fR [\-] [group\ [\-c\ ]\ command] +.SH "描述" +.PP +The +\fBsg\fR +command works similar to +\fBnewgrp\fR +but accepts a command\&. The command will be executed with the +/bin/sh +shell\&. With most shells you may run +\fBsg\fR +from, you need to enclose multi\-word commands in quotes\&. Another difference between +\fBnewgrp\fR +and +\fBsg\fR +is that some shells treat +\fBnewgrp\fR +specially, replacing themselves with a new instance of a shell that +\fBnewgrp\fR +creates\&. This doesn\*(Aqt happen with +\fBsg\fR, so upon exit from a +\fBsg\fR +command you are returned to your previous group ID\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBSYSLOG_SG_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsg\fR +activity\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/group +.RS 4 +组账户信息。 +.RE +.PP +/etc/gshadow +.RS 4 +安全组账户信息。 +.RE +.SH "参见" +.PP +\fBid\fR(1), +\fBlogin\fR(1), +\fBnewgrp\fR(1), +\fBsu\fR(1), +\fBgpasswd\fR(1), +\fBgroup\fR(5), \fBgshadow\fR(5)\&. diff --git a/man/zh_CN/man1/su.1 b/man/zh_CN/man1/su.1 new file mode 100644 index 0000000..c4d29c1 --- /dev/null +++ b/man/zh_CN/man1/su.1 @@ -0,0 +1,448 @@ +'\" t +.\" Title: su +.\" Author: Julianne Frances Haugh +.\" Generator: DocBook XSL Stylesheets v1.79.1 +.\" Date: 2020-01-23 +.\" Manual: 用户命令 +.\" Source: shadow-utils 4.8.1 +.\" Language: Chinese Simplified +.\" +.TH "SU" "1" "2020-01-23" "shadow\-utils 4\&.8\&.1" "用户命令" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "名称" +su \- 更改用户 ID 或成为超级用户 +.SH "大纲" +.HP \w'\fBsu\fR\ 'u +\fBsu\fR [\fI选项\fR] [\fI\-\fR] [\fI用户名\fR\ [\ \fIargs\fR\ ]] +.SH "描述" +.PP +The +\fBsu\fR +command is used to become another user during a login session\&. Invoked without a +\fBusername\fR, +\fBsu\fR +defaults to becoming the superuser\&. The +\fB\-\fR +option may be used to provide an environment similar to what the user would expect had the user logged in directly\&. The +\fB\-c\fR +option may be used to treat the next argument as a command by most shells\&. +.PP +Options are recognized everywhere in the argument list\&. You can use the +\fB\-\-\fR +argument to stop option parsing\&. The +\fB\-\fR +option is special: it is also recognized after +\fB\-\-\fR, but has to be placed before +\fBusername\fR\&. +.PP +如果合适,将提示用户输入一个密码。输入无效的密码会产生一个错误消息。所有的尝试,无论成功还是失败,都会被记录,以检测对系统的滥用。 +.PP +The current environment is passed to the new shell\&. The value of +\fB$PATH\fR +is reset to +/bin:/usr/bin +for normal users, or +/sbin:/bin:/usr/sbin:/usr/bin +for the superuser\&. This may be changed with the +\fBENV_PATH\fR +and +\fBENV_SUPATH\fR +definitions in +/etc/login\&.defs\&. +.PP +在登录 shell 中以第一个字符是\(lq*\(rq标注的是子系统登录。给定的主目录将被用于用户实际登录的新文件系统的根。 +.SH "选项" +.PP +The options which apply to the +\fBsu\fR +command are: +.PP +\fB\-c\fR, \fB\-\-command\fR\ \&\fICOMMAND\fR +.RS 4 +Specify a command that will be invoked by the shell using its +\fB\-c\fR\&. +.sp +The executed command will have no controlling terminal\&. This option cannot be used to execute interactive programs which need a controlling TTY\&. +.RE +.PP +\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR +.RS 4 +提供一个类似于用户直接登录的环境,用户可能会希望这样。 +.sp +When +\fB\-\fR +is used, it must be specified before any +\fBusername\fR\&. For portability it is recommended to use it as last option, before any +\fBusername\fR\&. The other forms (\fB\-l\fR +and +\fB\-\-login\fR) do not have this restriction\&. +.RE +.PP +\fB\-s\fR, \fB\-\-shell\fR\ \&\fISHELL\fR +.RS 4 +将使用的 shell。 +.sp +The invoked shell is chosen from (highest priority first): +.PP +.RS 4 +The shell specified with \-\-shell\&. +.RE +.PP +.RS 4 +If +\fB\-\-preserve\-environment\fR +is used, the shell specified by the +\fB$SHELL\fR +environment variable\&. +.RE +.PP +.RS 4 +The shell indicated in the +/etc/passwd +entry for the target user\&. +.RE +.PP +.RS 4 +/bin/sh +if a shell could not be found by any above method\&. +.RE +.sp +If the target user has a restricted shell (i\&.e\&. the shell field of this user\*(Aqs entry in +/etc/passwd +is not listed in +/etc/shells), then the +\fB\-\-shell\fR +option or the +\fB$SHELL\fR +environment variable won\*(Aqt be taken into account, unless +\fBsu\fR +is called by root\&. +.RE +.PP +\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve\-environment\fR +.RS 4 +Preserve the current environment, except for: +.PP +\fB$PATH\fR +.RS 4 +reset according to the +/etc/login\&.defs +options +\fBENV_PATH\fR +or +\fBENV_SUPATH\fR +(see below); +.RE +.PP +\fB$IFS\fR +.RS 4 +reset to +\(lq\(rq, if it was set\&. +.RE +.sp +If the target user has a restricted shell, this option has no effect (unless +\fBsu\fR +is called by root)\&. +.sp +Note that the default behavior for the environment is the following: +.PP +.RS 4 +The +\fB$HOME\fR, +\fB$SHELL\fR, +\fB$USER\fR, +\fB$LOGNAME\fR, +\fB$PATH\fR, and +\fB$IFS\fR +environment variables are reset\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is not used, the environment is copied, except for the variables above\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, the +\fB$TERM\fR, +\fB$COLORTERM\fR, +\fB$DISPLAY\fR, and +\fB$XAUTHORITY\fR +environment variables are copied if they were set\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, the +\fB$TZ\fR, +\fB$HZ\fR, and +\fB$MAIL\fR +environment variables are set according to the +/etc/login\&.defs +options +\fBENV_TZ\fR, +\fBENV_HZ\fR, +\fBMAIL_DIR\fR, and +\fBMAIL_FILE\fR +(see below)\&. +.RE +.PP +.RS 4 +If +\fB\-\-login\fR +is used, other environment variables might be set by the +\fBENVIRON_FILE\fR +file (see below)\&. +.RE +.sp +.RE +.SH "CAVEATS" +.PP +This version of +\fBsu\fR +has many compilation options, only some of which may be in use at any particular site\&. +.SH "配置文件" +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of this tool: +.PP +\fBCONSOLE\fR (string) +.RS 4 +如果定义了,或者是包含设备名(没行一个)的文件的完整路径名,或者是\(lq:\(rq分隔的设备名列表。将只会在这写设备上允许 root 登录。 +.sp +如果没有定义,可以在任何设备上使用 root。 +.sp +指定的设备时不带 /dev/ 前缀。 +.RE +.PP +\fBCONSOLE_GROUPS\fR (string) +.RS 4 +List of groups to add to the user\*(Aqs supplementary groups set when logging in on the console (as determined by the CONSOLE setting)\&. Default is none\&. + +Use with caution \- it is possible for users to gain permanent access to these groups, even when not logged in on the console\&. +.RE +.PP +\fBDEFAULT_HOME\fR (boolean) +.RS 4 +如果不能 cd 到主目录时,说明是否允许登录。默认是否。 +.sp +If set to +\fIyes\fR, the user will login in the root (/) directory if it is not possible to cd to her home directory\&. +.RE +.PP +\fBENV_HZ\fR (string) +.RS 4 +If set, it will be used to define the HZ environment variable when a user login\&. The value must be preceded by +\fIHZ=\fR\&. A common value on Linux is +\fIHZ=100\fR\&. +.RE +.PP +\fBENVIRON_FILE\fR (string) +.RS 4 +如果此文件存在,并且可读,将会从中读取登录环境。所有行都必须是 name=value 的格式。 +.sp +以 # 开头的行将视为注释,并被忽略。 +.RE +.PP +\fBENV_PATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when a regular user login\&. The value is a colon separated list of paths (for example +\fI/bin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/bin:/usr/bin\fR\&. +.RE +.PP +\fBENV_SUPATH\fR (string) +.RS 4 +If set, it will be used to define the PATH environment variable when the superuser login\&. The value is a colon separated list of paths (for example +\fI/sbin:/bin:/usr/sbin:/usr/bin\fR) and can be preceded by +\fIPATH=\fR\&. The default value is +\fIPATH=/sbin:/bin:/usr/sbin:/usr/bin\fR\&. +.RE +.PP +\fBENV_TZ\fR (string) +.RS 4 +If set, it will be used to define the TZ environment variable when a user login\&. The value can be the name of a timezone preceded by +\fITZ=\fR +(for example +\fITZ=CST6CDT\fR), or the full path to the file containing the timezone specification (for example +/etc/tzname)\&. +.sp +If a full path is specified but the file does not exist or cannot be read, the default is to use +\fITZ=CST6CDT\fR\&. +.RE +.PP +\fBLOGIN_STRING\fR (string) +.RS 4 +此字符串用于提示输入密码。默认是 "Password: ",或者翻译了的结果(汉语中翻译为了\(lq密码:\(rq)。如果设置了此变量,提示不会被翻译。 +.sp +If the string contains +\fI%s\fR, this will be replaced by the user\*(Aqs name\&. +.RE +.PP +\fBMAIL_CHECK_ENAB\fR (boolean) +.RS 4 +启用登录时检查和现实邮箱状态。 +.sp +如果 shell 的启动文件已经检查了邮件("mailx \-e" 或者其它同功能的工具),您应该禁用它。 +.RE +.PP +\fBMAIL_DIR\fR (string) +.RS 4 +邮箱目录。修改或删除用户账户时需要处理邮箱,如果没有指定,将使用编译时指定的默认值。 +.RE +.PP +\fBMAIL_FILE\fR (string) +.RS 4 +定义用户邮箱文件的位置(相对于主目录)。 +.RE +.PP +The +\fBMAIL_DIR\fR +and +\fBMAIL_FILE\fR +variables are used by +\fBuseradd\fR, +\fBusermod\fR, and +\fBuserdel\fR +to create, move, or delete the user\*(Aqs mail spool\&. +.PP +If +\fBMAIL_CHECK_ENAB\fR +is set to +\fIyes\fR, they are also used to define the +\fBMAIL\fR +environment variable\&. +.PP +\fBQUOTAS_ENAB\fR (boolean) +.RS 4 +Enable setting of resource limits from +/etc/limits +and ulimit, umask, and niceness from the user\*(Aqs passwd gecos field\&. +.RE +.PP +\fBSULOG_FILE\fR (string) +.RS 4 +如果定义了,所有的 su 活动都会记录到此文件。 +.RE +.PP +\fBSU_NAME\fR (string) +.RS 4 +如果定义了,就是运行\(lqsu \-\(rq时显示的命令名称。例如,如果定义为\(lqsu\(rq,那么\(lqps\(rq会显示此命令为\(lq\-su\(rq。如果没有定义,\(lqps\(rq将会显示实际执行的 shell,例如类似于\(lq\-sh\(rq。 +.RE +.PP +\fBSU_WHEEL_ONLY\fR (boolean) +.RS 4 +If +\fIyes\fR, the user must be listed as a member of the first gid 0 group in +/etc/group +(called +\fIroot\fR +on most Linux systems) to be able to +\fBsu\fR +to uid 0 accounts\&. If the group doesn\*(Aqt exist or is empty, no one will be able to +\fBsu\fR +to uid 0\&. +.RE +.PP +\fBSYSLOG_SU_ENAB\fR (boolean) +.RS 4 +Enable "syslog" logging of +\fBsu\fR +activity \- in addition to sulog file logging\&. +.RE +.PP +\fBUSERGROUPS_ENAB\fR (boolean) +.RS 4 +如果 uid 和 gid 相同,用户名和主用户名也相同,使非 root 组的组掩码位和属主位相同 (如:022 \-> 002, 077 \-> 007)。 +.sp +If set to +\fIyes\fR, +\fBuserdel\fR +will remove the user\*(Aqs group if it contains no more members, and +\fBuseradd\fR +will create by default a group with the name of the user\&. +.RE +.SH "文件" +.PP +/etc/passwd +.RS 4 +用户账户信息。 +.RE +.PP +/etc/shadow +.RS 4 +安全用户账户信息。 +.RE +.PP +/etc/login\&.defs +.RS 4 +Shadow 密码套件配置。 +.RE +.SH "退出值" +.PP +On success, +\fBsu\fR +returns the exit value of the command it executed\&. +.PP +If this command was terminated by a signal, +\fBsu\fR +returns the number of this signal plus 128\&. +.PP +If su has to kill the command (because it was asked to terminate, and the command did not terminate in time), +\fBsu\fR +returns 255\&. +.PP +Some exit values from +\fBsu\fR +are independent from the executed command: +.PP +\fI0\fR +.RS 4 +success (\fB\-\-help\fR +only) +.RE +.PP +\fI1\fR +.RS 4 +System or authentication failure +.RE +.PP +\fI126\fR +.RS 4 +The requested command was not found +.RE +.PP +\fI127\fR +.RS 4 +The requested command could not be executed +.RE +.SH "参见" +.PP +\fBlogin\fR(1), +\fBlogin.defs\fR(5), +\fBsg\fR(1), +\fBsh\fR(1)\&. -- cgit v1.2.3