|
|
57b0e3 |
diff -up shadow-4.1.5.1/man/chage.1.xml.manfix shadow-4.1.5.1/man/chage.1.xml
|
|
|
57b0e3 |
--- shadow-4.1.5.1/man/chage.1.xml.manfix 2012-05-25 13:45:27.000000000 +0200
|
|
|
57b0e3 |
+++ shadow-4.1.5.1/man/chage.1.xml 2018-04-24 16:43:48.545743715 +0200
|
|
|
57b0e3 |
@@ -102,6 +102,9 @@
|
|
|
57b0e3 |
Set the number of days since January 1st, 1970 when the password
|
|
|
57b0e3 |
was last changed. The date may also be expressed in the format
|
|
|
57b0e3 |
YYYY-MM-DD (or the format more commonly used in your area).
|
|
|
57b0e3 |
+ If the <replaceable>LAST_DAY</replaceable> is set to
|
|
|
57b0e3 |
+ <emphasis>0</emphasis> the user is forced to change his password
|
|
|
57b0e3 |
+ on the next log on.
|
|
|
57b0e3 |
</para>
|
|
|
57b0e3 |
</listitem>
|
|
|
57b0e3 |
</varlistentry>
|
|
|
57b0e3 |
@@ -123,6 +126,13 @@
|
|
|
57b0e3 |
<replaceable>EXPIRE_DATE</replaceable> will remove an account
|
|
|
57b0e3 |
expiration date.
|
|
|
57b0e3 |
</para>
|
|
|
57b0e3 |
+ <para>
|
|
|
57b0e3 |
+ For example the following command can be used
|
|
|
57b0e3 |
+ to set an account to expire in 180 days:
|
|
|
57b0e3 |
+ </para>
|
|
|
57b0e3 |
+ <programlisting>
|
|
|
57b0e3 |
+ chage -E $(date -d +180days +%Y-%m-%d)
|
|
|
57b0e3 |
+ </programlisting>
|
|
|
57b0e3 |
</listitem>
|
|
|
57b0e3 |
</varlistentry>
|
|
|
57b0e3 |
<varlistentry>
|
|
|
9b7f02 |
diff -up shadow-4.1.5.1/man/groupmems.8.xml.manfix shadow-4.1.5.1/man/groupmems.8.xml
|
|
|
9b7f02 |
--- shadow-4.1.5.1/man/groupmems.8.xml.manfix 2012-05-25 13:45:28.000000000 +0200
|
|
|
9b7f02 |
+++ shadow-4.1.5.1/man/groupmems.8.xml 2015-12-18 12:27:08.466909647 +0100
|
|
|
9b7f02 |
@@ -194,6 +194,13 @@
|
|
|
9b7f02 |
$ chown root.groups groupmems
|
|
|
9b7f02 |
$ groupmems -g groups -a gk4
|
|
|
9b7f02 |
</programlisting>
|
|
|
9b7f02 |
+
|
|
|
9b7f02 |
+ <para>
|
|
|
9b7f02 |
+ In the Red Hat Enterprise Linux 7 the <command>groupmems</command>
|
|
|
9b7f02 |
+ command is not setuid and regular users cannot use it to manipulate
|
|
|
9b7f02 |
+ the membership of their own group. This might change in future
|
|
|
9b7f02 |
+ major releases of the Red Hat Enterprise Linux.
|
|
|
9b7f02 |
+ </para>
|
|
|
9b7f02 |
</refsect1>
|
|
|
9b7f02 |
|
|
|
9b7f02 |
<refsect1 id='configuration'>
|
|
|
9b7f02 |
diff -up shadow-4.1.5.1/man/ja/man5/login.defs.5.manfix shadow-4.1.5.1/man/ja/man5/login.defs.5
|
|
|
9b7f02 |
--- shadow-4.1.5.1/man/ja/man5/login.defs.5.manfix 2012-05-25 13:45:27.000000000 +0200
|
|
|
9b7f02 |
+++ shadow-4.1.5.1/man/ja/man5/login.defs.5 2015-12-18 12:34:08.080715842 +0100
|
|
|
9b7f02 |
@@ -147,10 +147,6 @@ 以下の参照表は、
|
|
|
9b7f02 |
shadow パスワード機能のどのプログラムが
|
|
|
9b7f02 |
どのパラメータを使用するかを示したものである。
|
|
|
9b7f02 |
.na
|
|
|
9b7f02 |
-.IP chfn 12
|
|
|
9b7f02 |
-CHFN_AUTH CHFN_RESTRICT
|
|
|
9b7f02 |
-.IP chsh 12
|
|
|
9b7f02 |
-CHFN_AUTH
|
|
|
9b7f02 |
.IP groupadd 12
|
|
|
9b7f02 |
GID_MAX GID_MIN
|
|
|
9b7f02 |
.IP newusers 12
|
|
|
78f74e |
diff -up shadow-4.1.5.1/man/login.defs.5.xml.manfix shadow-4.1.5.1/man/login.defs.5.xml
|
|
|
78f74e |
--- shadow-4.1.5.1/man/login.defs.5.xml.manfix 2012-05-25 13:45:28.000000000 +0200
|
|
|
827aa9 |
+++ shadow-4.1.5.1/man/login.defs.5.xml 2014-08-29 13:31:38.364812323 +0200
|
|
|
78f74e |
@@ -160,6 +160,17 @@
|
|
|
78f74e |
long numeric parameters is machine-dependent.
|
|
|
78f74e |
</para>
|
|
|
78f74e |
|
|
|
78f74e |
+ <para>
|
|
|
78f74e |
+ Please note that the parameters in this configuration file control the
|
|
|
78f74e |
+ behavior of the tools from the shadow-utils component. None of these
|
|
|
78f74e |
+ tools uses the PAM mechanism, and the utilities that use PAM (such as the
|
|
|
78f74e |
+ passwd command) should be configured elsewhere. The only values that
|
|
|
78f74e |
+ affect PAM modules are <emphasis>ENCRYPT_METHOD</emphasis> and <emphasis>SHA_CRYPT_MAX_ROUNDS</emphasis>
|
|
|
78f74e |
+ for pam_unix module, <emphasis>FAIL_DELAY</emphasis> for pam_faildelay module,
|
|
|
78f74e |
+ and <emphasis>UMASK</emphasis> for pam_umask module. Refer to
|
|
|
78f74e |
+ pam(8) for more information.
|
|
|
78f74e |
+ </para>
|
|
|
78f74e |
+
|
|
|
78f74e |
<para>The following configuration items are provided:</para>
|
|
|
78f74e |
|
|
|
78f74e |
<variablelist remap='IP'>
|
|
|
9b7f02 |
@@ -248,26 +258,6 @@
|
|
|
9b7f02 |
</listitem>
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
<varlistentry>
|
|
|
9b7f02 |
- <term>chfn</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- <phrase condition="no_pam">CHFN_AUTH</phrase>
|
|
|
9b7f02 |
- CHFN_RESTRICT
|
|
|
9b7f02 |
- <phrase condition="no_pam">LOGIN_STRING</phrase>
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
- <varlistentry>
|
|
|
9b7f02 |
- <term>chgpasswd</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
|
|
|
9b7f02 |
- <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
|
|
|
9b7f02 |
- SHA_CRYPT_MIN_ROUNDS</phrase>
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
- <varlistentry>
|
|
|
9b7f02 |
<term>chpasswd</term>
|
|
|
9b7f02 |
<listitem>
|
|
|
9b7f02 |
<para>
|
|
|
9b7f02 |
@@ -278,14 +268,6 @@
|
|
|
9b7f02 |
</para>
|
|
|
9b7f02 |
</listitem>
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
- <varlistentry condition="no_pam">
|
|
|
9b7f02 |
- <term>chsh</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- CHSH_AUTH LOGIN_STRING
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
|
|
|
9b7f02 |
|
|
|
9b7f02 |
<varlistentry>
|
|
|
9b7f02 |
@@ -346,34 +328,6 @@
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
|
|
|
9b7f02 |
|
|
|
9b7f02 |
- <varlistentry>
|
|
|
9b7f02 |
- <term>login</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- <phrase condition="no_pam">CONSOLE</phrase>
|
|
|
9b7f02 |
- CONSOLE_GROUPS DEFAULT_HOME
|
|
|
9b7f02 |
- <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
|
|
|
9b7f02 |
- ENV_TZ ENVIRON_FILE</phrase>
|
|
|
9b7f02 |
- ERASECHAR FAIL_DELAY
|
|
|
9b7f02 |
- <phrase condition="no_pam">FAILLOG_ENAB</phrase>
|
|
|
9b7f02 |
- FAKE_SHELL
|
|
|
9b7f02 |
- <phrase condition="no_pam">FTMP_FILE</phrase>
|
|
|
9b7f02 |
- HUSHLOGIN_FILE
|
|
|
9b7f02 |
- <phrase condition="no_pam">ISSUE_FILE</phrase>
|
|
|
9b7f02 |
- KILLCHAR
|
|
|
9b7f02 |
- <phrase condition="no_pam">LASTLOG_ENAB</phrase>
|
|
|
9b7f02 |
- LOGIN_RETRIES
|
|
|
9b7f02 |
- <phrase condition="no_pam">LOGIN_STRING</phrase>
|
|
|
9b7f02 |
- LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
|
|
|
9b7f02 |
- <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
|
|
|
9b7f02 |
- MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
|
|
|
9b7f02 |
- QUOTAS_ENAB</phrase>
|
|
|
9b7f02 |
- TTYGROUP TTYPERM TTYTYPE_FILE
|
|
|
9b7f02 |
- <phrase condition="no_pam">ULIMIT UMASK</phrase>
|
|
|
9b7f02 |
- USERGROUPS_ENAB
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
|
|
|
9b7f02 |
<varlistentry>
|
|
|
9b7f02 |
<term>newgrp / sg</term>
|
|
|
9b7f02 |
@@ -399,17 +353,6 @@
|
|
|
9b7f02 |
</listitem>
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
|
|
|
9b7f02 |
- <varlistentry condition="no_pam">
|
|
|
9b7f02 |
- <term>passwd</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB
|
|
|
9b7f02 |
- PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN
|
|
|
9b7f02 |
- <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
|
|
|
9b7f02 |
- SHA_CRYPT_MIN_ROUNDS</phrase>
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
<varlistentry>
|
|
|
9b7f02 |
<term>pwck</term>
|
|
|
9b7f02 |
<listitem>
|
|
|
9b7f02 |
@@ -436,32 +379,6 @@
|
|
|
9b7f02 |
</para>
|
|
|
9b7f02 |
</listitem>
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
- <varlistentry>
|
|
|
9b7f02 |
- <term>su</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- <phrase condition="no_pam">CONSOLE</phrase>
|
|
|
9b7f02 |
- CONSOLE_GROUPS DEFAULT_HOME
|
|
|
9b7f02 |
- <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
|
|
|
9b7f02 |
- ENV_PATH ENV_SUPATH
|
|
|
9b7f02 |
- <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
|
|
|
9b7f02 |
- MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
|
|
|
9b7f02 |
- SULOG_FILE SU_NAME
|
|
|
9b7f02 |
- <phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
|
|
|
9b7f02 |
- SYSLOG_SU_ENAB
|
|
|
9b7f02 |
- <phrase condition="no_pam">USERGROUPS_ENAB</phrase>
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
- <varlistentry>
|
|
|
9b7f02 |
- <term>sulogin</term>
|
|
|
9b7f02 |
- <listitem>
|
|
|
9b7f02 |
- <para>
|
|
|
9b7f02 |
- ENV_HZ
|
|
|
9b7f02 |
- <phrase condition="no_pam">ENV_TZ</phrase>
|
|
|
9b7f02 |
- </para>
|
|
|
9b7f02 |
- </listitem>
|
|
|
9b7f02 |
- </varlistentry>
|
|
|
9b7f02 |
<varlistentry>
|
|
|
9b7f02 |
<term>useradd</term>
|
|
|
9b7f02 |
<listitem>
|
|
|
9f90df |
diff -up shadow-4.1.5.1/man/useradd.8.xml.manfix shadow-4.1.5.1/man/useradd.8.xml
|
|
|
9b7f02 |
--- shadow-4.1.5.1/man/useradd.8.xml.manfix 2015-12-17 14:05:47.930742412 +0100
|
|
|
9b7f02 |
+++ shadow-4.1.5.1/man/useradd.8.xml 2015-12-17 14:05:47.945742754 +0100
|
|
|
9b7f02 |
@@ -134,8 +134,8 @@
|
|
|
9b7f02 |
<replaceable>HOME_DIR</replaceable> is not specified.
|
|
|
9b7f02 |
<replaceable>BASE_DIR</replaceable> is
|
|
|
9b7f02 |
concatenated with the account name to define the home directory.
|
|
|
9b7f02 |
- If the <option>-m</option> option is not used,
|
|
|
9b7f02 |
- <replaceable>BASE_DIR</replaceable> must exist.
|
|
|
9b7f02 |
+ The <replaceable>BASE_DIR</replaceable> must exist otherwise
|
|
|
9b7f02 |
+ the home directory cannot be created.
|
|
|
9b7f02 |
</para>
|
|
|
9b7f02 |
<para>
|
|
|
9b7f02 |
If this option is not specified, <command>useradd</command>
|
|
|
9f90df |
@@ -161,7 +161,7 @@
|
|
|
9f90df |
</varlistentry>
|
|
|
9f90df |
<varlistentry>
|
|
|
9f90df |
<term>
|
|
|
9f90df |
- <option>-d</option>, <option>--home</option>
|
|
|
9f90df |
+ <option>-d</option>, <option>--home-dir</option>
|
|
|
9f90df |
<replaceable>HOME_DIR</replaceable>
|
|
|
9f90df |
</term>
|
|
|
9f90df |
<listitem>
|
|
|
9b7f02 |
@@ -171,8 +171,7 @@
|
|
|
9b7f02 |
login directory. The default is to append the
|
|
|
9b7f02 |
<replaceable>LOGIN</replaceable> name to
|
|
|
9b7f02 |
<replaceable>BASE_DIR</replaceable> and use that as the login
|
|
|
9b7f02 |
- directory name. The directory <replaceable>HOME_DIR</replaceable>
|
|
|
9b7f02 |
- does not have to exist but will not be created if it is missing.
|
|
|
9b7f02 |
+ directory name.
|
|
|
9b7f02 |
</para>
|
|
|
9b7f02 |
</listitem>
|
|
|
9b7f02 |
</varlistentry>
|
|
|
9b7f02 |
@@ -358,11 +357,16 @@
|
|
|
9f90df |
<option>CREATE_HOME</option> is not enabled, no home
|
|
|
9f90df |
directories are created.
|
|
|
9f90df |
</para>
|
|
|
9f90df |
+ <para>
|
|
|
9f90df |
+ The directory where the user's home directory is created must
|
|
|
9f90df |
+ exist and have proper SELinux context and permissions. Otherwise
|
|
|
9f90df |
+ the user's home directory cannot be created or accessed.
|
|
|
9f90df |
+ </para>
|
|
|
9f90df |
</listitem>
|
|
|
9f90df |
</varlistentry>
|
|
|
9f90df |
<varlistentry>
|
|
|
9f90df |
<term>
|
|
|
9f90df |
- <option>-M</option>
|
|
|
9f90df |
+ <option>-M</option>, <option>--no-create-home</option>
|
|
|
9f90df |
</term>
|
|
|
9f90df |
<listitem>
|
|
|
9f90df |
<para>
|
|
|
827aa9 |
diff -up shadow-4.1.5.1/man/usermod.8.xml.manfix shadow-4.1.5.1/man/usermod.8.xml
|
|
|
827aa9 |
--- shadow-4.1.5.1/man/usermod.8.xml.manfix 2012-05-25 13:45:29.000000000 +0200
|
|
|
827aa9 |
+++ shadow-4.1.5.1/man/usermod.8.xml 2014-08-29 13:33:40.814632618 +0200
|
|
|
827aa9 |
@@ -132,7 +132,8 @@
|
|
|
827aa9 |
If the <option>-m</option>
|
|
|
827aa9 |
option is given, the contents of the current home directory will
|
|
|
827aa9 |
be moved to the new home directory, which is created if it does
|
|
|
827aa9 |
- not already exist.
|
|
|
827aa9 |
+ not already exist. If the current home directory does not exist
|
|
|
827aa9 |
+ the new home directory will not be created.
|
|
|
827aa9 |
</para>
|
|
|
827aa9 |
</listitem>
|
|
|
827aa9 |
</varlistentry>
|
|
|
827aa9 |
@@ -261,7 +262,8 @@
|
|
|
827aa9 |
<listitem>
|
|
|
827aa9 |
<para>
|
|
|
827aa9 |
Move the content of the user's home directory to the new
|
|
|
827aa9 |
- location.
|
|
|
827aa9 |
+ location. If the current home directory does not exist
|
|
|
827aa9 |
+ the new home directory will not be created.
|
|
|
827aa9 |
</para>
|
|
|
827aa9 |
<para>
|
|
|
827aa9 |
This option is only valid in combination with the
|