Print this page
2989 Eliminate use of LOGNAME_MAX in ON
1166 useradd have warning with name more 8 chars
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man1m/useradd.1m
+++ new/usr/src/man/man1m/useradd.1m
1 1 '\" te
2 +.\" Copyright (c) 2013 Gary Mills
2 3 .\" Copyright (c) 2008 Sun Microsystems, Inc. All Rights Reserved.
3 4 .\" Copyright 1989 AT&T
4 5 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
5 6 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
6 7 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 -.TH USERADD 1M "Feb 19, 2008"
8 +.TH USERADD 1M "Apr 16, 2013"
8 9 .SH NAME
9 10 useradd \- administer a new user login on the system
10 11 .SH SYNOPSIS
11 12 .LP
12 13 .nf
13 14 \fBuseradd\fR [\fB-A\fR \fIauthorization\fR [,\fIauthorization...\fR]]
14 15 [\fB-b\fR \fIbase_dir\fR] [\fB-c\fR \fIcomment\fR] [\fB-d\fR \fIdir\fR] [\fB-e\fR \fIexpire\fR]
15 16 [\fB-f\fR \fIinactive\fR] [\fB-g\fR \fIgroup\fR] [\fB-G\fR \fIgroup\fR [,\fIgroup\fR]...]
16 17 [\fB-K\fR \fIkey=value\fR] [\fB-m\fR [\fB-k\fR \fIskel_dir\fR]] [\fB-p\fR \fIprojname\fR]
17 18 [\fB-P\fR \fIprofile\fR [,\fIprofile...\fR]] [\fB-R\fR \fIrole\fR [,\fIrole...\fR]]
18 19 [\fB-s\fR \fIshell\fR] [\fB-u\fR \fIuid\fR [\fB-o\fR]] \fIlogin\fR
19 20 .fi
20 21
21 22 .LP
22 23 .nf
23 24 \fBuseradd\fR \fB-D\fR [\fB-A\fR \fIauthorization\fR [,\fIauthorization...\fR]]
24 25 [\fB-b\fR \fIbase_dir\fR] [\fB-s\fR \fIshell\fR [\fB-k\fR \fIskel_dir\fR]] [\fB-e\fR \fIexpire\fR]
25 26 [\fB-f\fR \fIinactive\fR] [\fB-g\fR \fIgroup\fR] [\fB-K\fR \fIkey=value\fR] [\fB-p\fR \fIprojname\fR]
26 27 [\fB-P\fR \fIprofile\fR [,\fIprofile...\fR]] [\fB-R\fR \fIrole\fR [,\fIrole...\fR]]
27 28 .fi
28 29
29 30 .SH DESCRIPTION
30 31 .sp
31 32 .LP
32 33 \fBuseradd\fR adds a new user to the \fB/etc/passwd\fR and \fB/etc/shadow\fR
33 34 and \fB/etc/user_attr\fR files. The \fB-A\fR and \fB-P\fR options respectively
34 35 assign authorizations and profiles to the user. The \fB-R\fR option assigns
35 36 roles to a user. The \fB-p\fR option associates a project with a user. The
36 37 \fB-K\fR option adds a \fIkey=value\fR pair to \fB/etc/user_attr\fR for the
37 38 user. Multiple \fIkey=value\fR pairs may be added with multiple \fB-K\fR
38 39 options.
39 40 .sp
40 41 .LP
41 42 \fBuseradd\fR also creates supplementary group memberships for the user
42 43 (\fB-G\fR option) and creates the home directory (\fB-m\fR option) for the user
43 44 if requested. The new login remains locked until the \fBpasswd\fR(1) command is
44 45 executed.
45 46 .sp
46 47 .LP
47 48 Specifying \fBuseradd\fR \fB-D\fR with the \fB-s\fR, \fB-k\fR,\fB-g\fR,
48 49 \fB-b\fR, \fB-f\fR, \fB-e\fR, \fB-A\fR, \fB-P\fR, \fB-p\fR, \fB-R\fR, or
49 50 \fB-K\fR option (or any combination of these options) sets the default values
50 51 for the respective fields. See the \fB-D\fR option, below. Subsequent
51 52 \fBuseradd\fR commands without the \fB-D\fR option use these arguments.
|
↓ open down ↓ |
34 lines elided |
↑ open up ↑ |
52 53 .sp
53 54 .LP
54 55 The system file entries created with this command have a limit of 2048
55 56 characters per line. Specifying long arguments to several options can exceed
56 57 this limit.
57 58 .sp
58 59 .LP
59 60 \fBuseradd\fR requires that usernames be in the format described in
60 61 \fBpasswd\fR(4). A warning message is displayed if these restrictions are not
61 62 met. See \fBpasswd\fR(4) for the requirements for usernames.
63 +.LP
64 +To change the action of \fBuseradd\fR when the traditional login name
65 +length limit of eight characters is exceeded, edit the file
66 +\fB/etc/default/useradd\fR by removing the \fB#\fR (pound sign) before the
67 +appropriate \fBEXCEED_TRAD=\fR entry, and adding it before the others.
62 68 .SH OPTIONS
63 69 .sp
64 70 .LP
65 71 The following options are supported:
66 72 .sp
67 73 .ne 2
68 74 .na
69 75 \fB\fB-A\fR \fIauthorization\fR\fR
70 76 .ad
71 77 .sp .6
72 78 .RS 4n
73 79 One or more comma separated authorizations defined in \fBauth_attr\fR(4). Only
74 80 a user or role who has \fBgrant\fR rights to the authorization can assign it to
75 81 an account.
76 82 .RE
77 83
78 84 .sp
79 85 .ne 2
80 86 .na
81 87 \fB\fB-b\fR \fIbase_dir\fR\fR
82 88 .ad
83 89 .sp .6
84 90 .RS 4n
85 91 The base directory for new login home directories (see the \fB-d\fR option
86 92 below. When a new user account is being created, \fIbase_dir\fR must already
87 93 exist unless the \fB-m\fR option or the \fB-d\fR option is also specified.
88 94 .RE
89 95
90 96 .sp
91 97 .ne 2
92 98 .na
93 99 \fB\fB-c\fR \fIcomment\fR\fR
94 100 .ad
95 101 .sp .6
96 102 .RS 4n
97 103 Any text string. It is generally a short description of the login, and is
98 104 currently used as the field for the user's full name. This information is
99 105 stored in the user's \fB/etc/passwd\fR entry.
100 106 .RE
101 107
102 108 .sp
103 109 .ne 2
104 110 .na
105 111 \fB\fB-d\fR \fIdir\fR\fR
106 112 .ad
107 113 .sp .6
108 114 .RS 4n
109 115 The home directory of the new user. It defaults to
110 116 \fIbase_dir\fR/\fIaccount_name\fR, where \fIbase_dir\fR is the base directory
111 117 for new login home directories and \fIaccount_name\fR is the new login name.
112 118 .RE
113 119
114 120 .sp
115 121 .ne 2
116 122 .na
117 123 \fB\fB-D\fR\fR
118 124 .ad
119 125 .sp .6
120 126 .RS 4n
121 127 Display the default values for \fBgroup\fR, \fBbase_dir\fR, \fBskel_dir\fR,
122 128 \fBshell\fR, \fBinactive\fR, \fBexpire\fR, \fBproj\fR, \fBprojname\fR and
123 129 \fBkey=value\fR pairs. When used with the \fB-g\fR, \fB-b\fR, \fB-f\fR,
124 130 \fB-e\fR, \fB-A\fR, \fB-P\fR, \fB-p\fR, \fB-R\fR, or \fB-K\fR options, the
125 131 \fB-D\fR option sets the default values for the specified fields. The default
126 132 values are:
127 133 .sp
128 134 .ne 2
129 135 .na
130 136 \fBgroup\fR
131 137 .ad
132 138 .sp .6
133 139 .RS 4n
134 140 \fBother\fR (\fBGID\fR of 1)
135 141 .RE
136 142
137 143 .sp
138 144 .ne 2
139 145 .na
140 146 \fBbase_dir\fR
141 147 .ad
142 148 .sp .6
143 149 .RS 4n
144 150 \fB/home\fR
145 151 .RE
146 152
147 153 .sp
148 154 .ne 2
149 155 .na
150 156 \fBskel_dir\fR
151 157 .ad
152 158 .sp .6
153 159 .RS 4n
154 160 \fB/etc/skel\fR
155 161 .RE
156 162
157 163 .sp
158 164 .ne 2
159 165 .na
160 166 \fBshell\fR
161 167 .ad
162 168 .sp .6
163 169 .RS 4n
164 170 \fB/bin/sh\fR
165 171 .RE
166 172
167 173 .sp
168 174 .ne 2
169 175 .na
170 176 \fBinactive\fR
171 177 .ad
172 178 .sp .6
173 179 .RS 4n
174 180 \fB0\fR
175 181 .RE
176 182
177 183 .sp
178 184 .ne 2
179 185 .na
180 186 \fBexpire\fR
181 187 .ad
182 188 .sp .6
183 189 .RS 4n
184 190 null
185 191 .RE
186 192
187 193 .sp
188 194 .ne 2
189 195 .na
190 196 \fBauths\fR
191 197 .ad
192 198 .sp .6
193 199 .RS 4n
194 200 null
195 201 .RE
196 202
197 203 .sp
198 204 .ne 2
199 205 .na
200 206 \fBprofiles\fR
201 207 .ad
202 208 .sp .6
203 209 .RS 4n
204 210 null
205 211 .RE
206 212
207 213 .sp
208 214 .ne 2
209 215 .na
210 216 \fBproj\fR
211 217 .ad
212 218 .sp .6
213 219 .RS 4n
214 220 \fB3\fR
215 221 .RE
216 222
217 223 .sp
218 224 .ne 2
219 225 .na
220 226 \fBprojname\fR
221 227 .ad
222 228 .sp .6
223 229 .RS 4n
224 230 \fBdefault\fR
225 231 .RE
226 232
227 233 .sp
228 234 .ne 2
229 235 .na
230 236 \fBkey=value (pairs defined in \fBuser_attr\fR(4)\fR
231 237 .ad
232 238 .sp .6
233 239 .RS 4n
234 240 not present
235 241 .RE
236 242
237 243 .sp
238 244 .ne 2
239 245 .na
240 246 \fBroles\fR
241 247 .ad
242 248 .sp .6
243 249 .RS 4n
244 250 null
245 251 .RE
246 252
247 253 .RE
248 254
249 255 .sp
250 256 .ne 2
251 257 .na
252 258 \fB\fB-e\fR \fIexpire\fR\fR
253 259 .ad
254 260 .sp .6
255 261 .RS 4n
256 262 Specify the expiration date for a login. After this date, no user will be able
257 263 to access this login. The expire option argument is a date entered using one of
258 264 the date formats included in the template file \fB/etc/datemsk\fR. See
259 265 \fBgetdate\fR(3C).
260 266 .sp
261 267 If the date format that you choose includes spaces, it must be quoted. For
262 268 example, you can enter \fB10/6/90\fR or \fBOctober 6, 1990\fR. A null value
263 269 (\fB" "\fR) defeats the status of the expired date. This option is useful for
264 270 creating temporary logins.
265 271 .RE
266 272
267 273 .sp
268 274 .ne 2
269 275 .na
270 276 \fB\fB-f\fR \fIinactive\fR\fR
271 277 .ad
272 278 .sp .6
273 279 .RS 4n
274 280 The maximum number of days allowed between uses of a login ID before that
275 281 \fBID\fR is declared invalid. Normal values are positive integers. A value of
276 282 \fB0\fR defeats the status.
277 283 .RE
278 284
279 285 .sp
280 286 .ne 2
281 287 .na
282 288 \fB\fB-g\fR \fIgroup\fR\fR
283 289 .ad
284 290 .sp .6
285 291 .RS 4n
286 292 An existing group's integer \fBID\fR or character-string name. Without the
287 293 \fB-D\fR option, it defines the new user's primary group membership and
288 294 defaults to the default group. You can reset this default value by invoking
289 295 \fBuseradd\fR \fB-D\fR \fB-g\fR \fIgroup\fR. GIDs 0-99 are reserved for
290 296 allocation by the Solaris Operating System.
291 297 .RE
292 298
293 299 .sp
294 300 .ne 2
295 301 .na
296 302 \fB\fB-G\fR \fIgroup\fR\fR
297 303 .ad
298 304 .sp .6
299 305 .RS 4n
300 306 An existing group's integer \fBID\fR or character-string name. It defines the
301 307 new user's supplementary group membership. Duplicates between \fIgroup\fR with
302 308 the \fB-g\fR and \fB-G\fR options are ignored. No more than \fBNGROUPS_MAX\fR
303 309 groups can be specified. GIDs 0-99 are reserved for allocation by the Solaris
304 310 Operating System.
305 311 .RE
306 312
307 313 .sp
308 314 .ne 2
309 315 .na
310 316 \fB\fB-K\fR \fIkey=value\fR\fR
311 317 .ad
312 318 .sp .6
313 319 .RS 4n
314 320 A \fIkey=value\fR pair to add to the user's attributes. Multiple \fB-K\fR
315 321 options may be used to add multiple \fIkey=value\fR pairs. The generic \fB-K\fR
316 322 option with the appropriate key may be used instead of the specific implied key
317 323 options (\fB-A\fR, \fB-P\fR, \fB-R\fR, \fB-p\fR). See \fBuser_attr\fR(4) for a
318 324 list of valid \fIkey=value\fR pairs. The "type" key is not a valid key for this
319 325 option. Keys may not be repeated.
320 326 .RE
321 327
322 328 .sp
323 329 .ne 2
324 330 .na
325 331 \fB\fB-k\fR \fIskel_dir\fR\fR
326 332 .ad
327 333 .sp .6
328 334 .RS 4n
329 335 A directory that contains skeleton information (such as \fB\&.profile\fR) that
330 336 can be copied into a new user's home directory. This directory must already
331 337 exist. The system provides the \fB/etc/skel\fR directory that can be used for
332 338 this purpose.
333 339 .RE
334 340
335 341 .sp
336 342 .ne 2
337 343 .na
338 344 \fB\fB-m\fR\fR
339 345 .ad
340 346 .sp .6
341 347 .RS 4n
342 348 Create the new user's home directory if it does not already exist. If the
343 349 directory already exists, it must have read, write, and execute permissions by
344 350 \fIgroup\fR, where \fIgroup\fR is the user's primary group.
345 351 .RE
346 352
347 353 .sp
348 354 .ne 2
349 355 .na
350 356 \fB\fB-o\fR\fR
351 357 .ad
352 358 .sp .6
353 359 .RS 4n
354 360 This option allows a \fBUID\fR to be duplicated (non-unique).
355 361 .RE
356 362
357 363 .sp
358 364 .ne 2
359 365 .na
360 366 \fB\fB-P\fR \fIprofile\fR\fR
361 367 .ad
362 368 .sp .6
363 369 .RS 4n
364 370 One or more comma-separated execution profiles defined in \fBprof_attr\fR(4).
365 371 .RE
366 372
367 373 .sp
368 374 .ne 2
369 375 .na
370 376 \fB\fB-p\fR \fIprojname\fR\fR
371 377 .ad
372 378 .sp .6
373 379 .RS 4n
374 380 Name of the project with which the added user is associated. See the
375 381 \fIprojname\fR field as defined in \fBproject\fR(4).
376 382 .RE
377 383
378 384 .sp
379 385 .ne 2
380 386 .na
381 387 \fB\fB-R\fR \fIrole\fR\fR
382 388 .ad
383 389 .sp .6
384 390 .RS 4n
385 391 One or more comma-separated execution profiles defined in \fBuser_attr\fR(4).
386 392 Roles cannot be assigned to other roles.
387 393 .RE
388 394
389 395 .sp
390 396 .ne 2
391 397 .na
392 398 \fB\fB-s\fR \fIshell\fR\fR
393 399 .ad
394 400 .sp .6
395 401 .RS 4n
396 402 Full pathname of the program used as the user's shell on login. It defaults to
397 403 an empty field causing the system to use \fB/bin/sh\fR as the default. The
398 404 value of \fIshell\fR must be a valid executable file.
399 405 .RE
400 406
401 407 .sp
402 408 .ne 2
403 409 .na
404 410 \fB\fB-u\fR \fIuid\fR\fR
405 411 .ad
406 412 .sp .6
407 413 .RS 4n
408 414 The \fBUID\fR of the new user. This \fBUID\fR must be a non-negative decimal
|
↓ open down ↓ |
337 lines elided |
↑ open up ↑ |
409 415 integer below \fBMAXUID\fR as defined in \fB<sys/param.h>\fR\&. The \fBUID\fR
410 416 defaults to the next available (unique) number above the highest number
411 417 currently assigned. For example, if \fBUID\fRs 100, 105, and 200 are assigned,
412 418 the next default \fBUID\fR number will be 201. \fBUID\fRs \fB0\fR-\fB99\fR are
413 419 reserved for allocation by the Solaris Operating System.
414 420 .RE
415 421
416 422 .SH FILES
417 423 .sp
418 424 .LP
425 +\fB/etc/default/useradd\fR
426 +.sp
427 +.LP
419 428 \fB/etc/datemsk\fR
420 429 .sp
421 430 .LP
422 431 \fB/etc/passwd\fR
423 432 .sp
424 433 .LP
425 434 \fB/etc/shadow\fR
426 435 .sp
427 436 .LP
428 437 \fB/etc/group\fR
429 438 .sp
430 439 .LP
431 440 \fB/etc/skel\fR
432 441 .sp
433 442 .LP
434 443 \fB/usr/include/limits.h\fR
435 444 .sp
436 445 .LP
437 446 \fB/etc/user_attr\fR
438 447 .SH ATTRIBUTES
439 448 .sp
440 449 .LP
441 450 See \fBattributes\fR(5) for descriptions of the following attributes:
442 451 .sp
443 452
444 453 .sp
445 454 .TS
446 455 box;
447 456 c | c
448 457 l | l .
449 458 ATTRIBUTE TYPE ATTRIBUTE VALUE
450 459 _
451 460 Interface Stability Committed
452 461 .TE
453 462
454 463 .SH SEE ALSO
455 464 .sp
456 465 .LP
457 466 \fBpasswd\fR(1), \fBprofiles\fR(1), \fBroles\fR(1), \fBusers\fR(1B),
458 467 \fBgroupadd\fR(1M), \fBgroupdel\fR(1M), \fBgroupmod\fR(1M), \fBgrpck\fR(1M),
459 468 \fBlogins\fR(1M), \fBpwck\fR(1M), \fBuserdel\fR(1M), \fBusermod\fR(1M),
460 469 \fBgetdate\fR(3C), \fBauth_attr\fR(4), \fBpasswd\fR(4), \fBprof_attr\fR(4),
461 470 \fBproject\fR(4), \fBuser_attr\fR(4), \fBattributes\fR(5)
462 471 .SH DIAGNOSTICS
463 472 .sp
464 473 .LP
465 474 In case of an error, \fBuseradd\fR prints an error message and exits with a
466 475 non-zero status.
467 476 .sp
468 477 .LP
469 478 The following indicates that \fBlogin\fR specified is already in use:
470 479 .sp
471 480 .in +2
472 481 .nf
473 482 UX: useradd: ERROR: login is already in use. Choose another.
474 483 .fi
475 484 .in -2
476 485 .sp
477 486
478 487 .sp
479 488 .LP
480 489 The following indicates that the \fIuid\fR specified with the \fB-u\fR option
481 490 is not unique:
482 491 .sp
483 492 .in +2
484 493 .nf
485 494 UX: useradd: ERROR: uid \fIuid\fR is already in use. Choose another.
486 495 .fi
487 496 .in -2
488 497 .sp
489 498
490 499 .sp
491 500 .LP
492 501 The following indicates that the \fIgroup\fR specified with the \fB-g\fR option
493 502 is already in use:
494 503 .sp
495 504 .in +2
496 505 .nf
497 506 UX: useradd: ERROR: group \fIgroup\fR does not exist. Choose another.
498 507 .fi
499 508 .in -2
500 509 .sp
501 510
502 511 .sp
503 512 .LP
504 513 The following indicates that the \fIuid\fR specified with the \fB-u\fR option
505 514 is in the range of reserved \fBUID\fRs (from \fB0\fR-\fB99\fR):
506 515 .sp
507 516 .in +2
508 517 .nf
509 518 UX: useradd: WARNING: uid \fIuid\fR is reserved.
510 519 .fi
511 520 .in -2
512 521 .sp
513 522
514 523 .sp
515 524 .LP
516 525 The following indicates that the \fIuid\fR specified with the \fB-u\fR option
517 526 exceeds \fBMAXUID\fR as defined in \fB<sys/param.h>\fR:
518 527 .sp
519 528 .in +2
520 529 .nf
521 530 UX: useradd: ERROR: uid \fIuid\fR is too big. Choose another.
522 531 .fi
523 532 .in -2
524 533 .sp
525 534
526 535 .sp
527 536 .LP
528 537 The following indicates that the \fB/etc/passwd\fR or \fB/etc/shadow\fR files
529 538 do not exist:
530 539 .sp
531 540 .in +2
532 541 .nf
533 542 UX: useradd: ERROR: Cannot update system files - login cannot be created.
534 543 .fi
535 544 .in -2
536 545 .sp
537 546
538 547 .SH NOTES
539 548 .sp
540 549 .LP
541 550 The \fBuseradd\fR utility adds definitions to only the local \fB/etc/group\fR,
542 551 \fBetc/passwd\fR, \fB/etc/passwd\fR, \fB/etc/shadow\fR, \fB/etc/project\fR, and
543 552 \fB/etc/user_attr\fR files. If a network name service such as \fBNIS\fR or
544 553 \fBNIS+\fR is being used to supplement the local \fB/etc/passwd\fR file with
545 554 additional entries, \fBuseradd\fR cannot change information supplied by the
546 555 network name service. However \fBuseradd\fR will verify the uniqueness of the
547 556 user name (or role) and user id and the existence of any group names specified
548 557 against the external name service.
|
↓ open down ↓ |
120 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX