diff options
Diffstat (limited to 'man/man8/pwconv.8')
| -rw-r--r-- | man/man8/pwconv.8 | 193 |
1 files changed, 193 insertions, 0 deletions
diff --git a/man/man8/pwconv.8 b/man/man8/pwconv.8 new file mode 100644 index 0000000..147f21f --- /dev/null +++ b/man/man8/pwconv.8 @@ -0,0 +1,193 @@ +'\" t +.\" Title: pwconv +.\" Author: Marek MichaĆkiewicz +.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/> +.\" Date: 11/08/2022 +.\" Manual: System Management Commands +.\" Source: shadow-utils 4.13 +.\" Language: English +.\" +.TH "PWCONV" "8" "11/08/2022" "shadow\-utils 4\&.13" "System Management Commands" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +pwconv, pwunconv, grpconv, grpunconv \- convert to and from shadow passwords and groups +.SH "SYNOPSIS" +.HP \w'\fBpwconv\fR\ 'u +\fBpwconv\fR [\fIoptions\fR] +.HP \w'\fBpwunconv\fR\ 'u +\fBpwunconv\fR [\fIoptions\fR] +.HP \w'\fBgrpconv\fR\ 'u +\fBgrpconv\fR [\fIoptions\fR] +.HP \w'\fBgrpunconv\fR\ 'u +\fBgrpunconv\fR [\fIoptions\fR] +.SH "DESCRIPTION" +.PP +The +\fBpwconv\fR +command creates +\fIshadow\fR +from +\fIpasswd\fR +and an optionally existing +\fIshadow\fR\&. +.PP +The +\fBpwunconv\fR +command creates +\fIpasswd\fR +from +\fIpasswd\fR +and +\fIshadow\fR +and then removes +\fIshadow\fR\&. +.PP +The +\fBgrpconv\fR +command creates +\fIgshadow\fR +from +\fIgroup\fR +and an optionally existing +\fIgshadow\fR\&. +.PP +The +\fBgrpunconv\fR +command creates +\fIgroup\fR +from +\fIgroup\fR +and +\fIgshadow\fR +and then removes +\fIgshadow\fR\&. +.PP +These four programs all operate on the normal and shadow password and group files: +/etc/passwd, +/etc/group, +/etc/shadow, and +/etc/gshadow\&. +.PP +Each program acquires the necessary locks before conversion\&. +\fBpwconv\fR +and +\fBgrpconv\fR +are similar\&. First, entries in the shadowed file which don\*(Aqt exist in the main file are removed\&. Then, shadowed entries which don\*(Aqt have `x\*(Aq as the password in the main file are updated\&. Any missing shadowed entries are added\&. Finally, passwords in the main file are replaced with `x\*(Aq\&. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand\&. +.PP +\fBpwconv\fR +will use the values of +\fIPASS_MIN_DAYS\fR, +\fIPASS_MAX_DAYS\fR, and +\fIPASS_WARN_AGE\fR +from +/etc/login\&.defs +when adding new entries to +/etc/shadow\&. +.PP +Likewise +\fBpwunconv\fR +and +\fBgrpunconv\fR +are similar\&. Passwords in the main file are updated from the shadowed file\&. Entries which exist in the main file but not in the shadowed file are left alone\&. Finally, the shadowed file is removed\&. Some password aging information is lost by +\fBpwunconv\fR\&. It will convert what it can\&. +.SH "OPTIONS" +.PP +The options which apply to the +\fBpwconv\fR, +\fBpwunconv\fR, +\fBgrpconv\fR, and +\fBgrpunconv\fR +commands are: +.PP +\fB\-h\fR, \fB\-\-help\fR +.RS 4 +Display help message and exit\&. +.RE +.PP +\fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR +.RS 4 +Apply changes in the +\fICHROOT_DIR\fR +directory and use the configuration files from the +\fICHROOT_DIR\fR +directory\&. Only absolute paths are supported\&. +.RE +.SH "BUGS" +.PP +Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways\&. Please run +\fBpwck\fR +and +\fBgrpck\fR +to correct any such errors before converting to or from shadow passwords or groups\&. +.SH "CONFIGURATION" +.PP +The following configuration variable in +/etc/login\&.defs +changes the behavior of +\fBgrpconv\fR +and +\fBgrpunconv\fR: +.PP +\fBMAX_MEMBERS_PER_GROUP\fR (number) +.RS 4 +Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in +/etc/group +(with the same name, same password, and same GID)\&. +.sp +The default value is 0, meaning that there are no limits in the number of members in a group\&. +.sp +This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. +.sp +If you need to enforce such limit, you can use 25\&. +.sp +Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. +.RE +.PP +The following configuration variables in +/etc/login\&.defs +change the behavior of +\fBpwconv\fR: +.PP +\fBPASS_MAX_DAYS\fR (number) +.RS 4 +The maximum number of days a password may be used\&. If the password is older than this, a password change will be forced\&. If not specified, \-1 will be assumed (which disables the restriction)\&. +.RE +.PP +\fBPASS_MIN_DAYS\fR (number) +.RS 4 +The minimum number of days allowed between password changes\&. Any password changes attempted sooner than this will be rejected\&. If not specified, 0 will be assumed (which disables the restriction)\&. +.RE +.PP +\fBPASS_WARN_AGE\fR (number) +.RS 4 +The number of days warning given before a password expires\&. A zero means warning is given only upon the day of expiration, a negative value means no warning is given\&. If not specified, no warning will be provided\&. +.RE +.SH "FILES" +.PP +/etc/login\&.defs +.RS 4 +Shadow password suite configuration\&. +.RE +.SH "SEE ALSO" +.PP +\fBgrpck\fR(8), +\fBlogin.defs\fR(5), +\fBpwck\fR(8)\&. |