mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-22 22:01:05 +01:00
215c0a5158
On systems utilizing ZFS, default to creating a ZFS dataset for a new user's home directory if the parent directory resides on a ZFS dataset. Add a flag that disables this behavior if the administrator explicitly does not want it. If run during installation from within a chroot, set mountpoint to legacy after dataset creation and mount directly into the chroot. Then umount and reset the mountpoint to inherit from parent. Also support ZFS default encryption on user's home directory. Feedback by: delphij Reviewed by: imp, kevans Pull Request: https://github.com/freebsd/freebsd-src/pull/881
222 lines
5.7 KiB
Groff
222 lines
5.7 KiB
Groff
.\"
|
|
.\" Copyright (c) 2004 Tom Rhodes
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.Dd April 12, 2007
|
|
.Dt ADDUSER.CONF 5
|
|
.Os
|
|
.Sh NAME
|
|
.Nm adduser.conf
|
|
.Nd
|
|
.Xr adduser 8
|
|
configuration file
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Pa /etc/adduser.conf
|
|
file is automatically generated by the
|
|
.Xr adduser 8
|
|
utility when invoked with the
|
|
.Fl C
|
|
command-line option.
|
|
It is not meant to be edited by hand.
|
|
.Pp
|
|
The
|
|
.Pa /etc/adduser.conf
|
|
file is used to pre-set certain configuration options for
|
|
the
|
|
.Xr adduser 8
|
|
utility.
|
|
When
|
|
.Xr adduser 8
|
|
is invoked, it will check to see if this file exists, and
|
|
if so, the configuration will be used or offered as the
|
|
default settings.
|
|
The
|
|
.Nm
|
|
file offers three types of configuration:
|
|
.Bl -bullet
|
|
.It
|
|
Default settings offered by
|
|
.Xr adduser 8 .
|
|
These options are specified in the configuration file and offered
|
|
as the default during every invocation of the
|
|
.Xr adduser 8
|
|
utility.
|
|
.It
|
|
Configuration options which can be set in
|
|
.Nm ,
|
|
but overridden by passing a flag to
|
|
.Xr adduser 8 .
|
|
.It
|
|
Configuration supported by
|
|
.Xr adduser 8
|
|
but not offered by a flag or during initial invocation.
|
|
.El
|
|
.Pp
|
|
In the first case, these options can be set in
|
|
.Nm
|
|
but will still be offered when
|
|
.Xr adduser 8
|
|
is invoked.
|
|
In the second case,
|
|
.Xr adduser 8
|
|
will read the configuration data unless a flag
|
|
has been passed to override it.
|
|
For example, the
|
|
.Va defaultshell
|
|
option.
|
|
In the third case, the configuration will be utilized, but the
|
|
user will never be prompted to modify the default setting by
|
|
either a flag or an
|
|
.Xr adduser 8
|
|
prompt.
|
|
For example, the
|
|
.Va upwexpire
|
|
setting.
|
|
.Pp
|
|
The following configuration options can be set in
|
|
.Nm :
|
|
.Bl -tag -width ".Va defaultgroups" -offset indent
|
|
.It Va defaultLgroup
|
|
The default group new users will be added to.
|
|
.It Va defaultclass
|
|
The default class to place users in as described in
|
|
.Xr login.conf 5 .
|
|
.It Va defaultgroups
|
|
This option is used to specify what other groups the new account
|
|
should be added to.
|
|
.It Va passwdtype
|
|
May be one of
|
|
.Cm no , none , random ,
|
|
or
|
|
.Cm yes ,
|
|
as described in
|
|
.Xr adduser 8 .
|
|
As such, the text is not duplicated here and may be
|
|
read in
|
|
.Xr adduser 8 .
|
|
.It Va homeprefix
|
|
The default home directory prefix, usually
|
|
.Pa /home .
|
|
.It Va defaultshell
|
|
The user's default shell which may be any of the shells listed in
|
|
.Xr shells 5 .
|
|
.It Va udotdir
|
|
Defines the location of the default shell and environment
|
|
configuration files.
|
|
.It Va msgfile
|
|
Location of the default new user message file.
|
|
This message will be sent to all new users if specified
|
|
here or at the
|
|
.Xr adduser 8
|
|
prompt.
|
|
.It Va disableflag
|
|
The default message enclosed in brackets for the
|
|
lock account prompt.
|
|
.It Va upwexpire
|
|
The default password expiration time.
|
|
Format of the date is either a
|
|
.Ux
|
|
time in decimal, or a date in
|
|
.Sm off
|
|
.Ar dd No - Ar mmm No - Ar yy Op Ar yy
|
|
.Sm on
|
|
format, where
|
|
.Ar dd
|
|
is the day,
|
|
.Ar mmm
|
|
is the month in either numeric or
|
|
alphabetic format, and
|
|
.Ar yy Ns Op Ar yy
|
|
is either a two or four digit year.
|
|
This option also accepts a relative date in the form of
|
|
.Sm off
|
|
.Ar n Op Ar m h d w o y
|
|
.Sm on
|
|
where
|
|
.Ar n
|
|
is a decimal, octal (leading 0) or hexadecimal (leading 0x) digit
|
|
followed by the number of Minutes, Hours, Days, Weeks, Months or
|
|
Years from the current date at
|
|
which the expiration time is to be set.
|
|
.It Va uexpire
|
|
The default account expire time.
|
|
The format is similar to the
|
|
.Va upwexpire
|
|
option.
|
|
.It Va ugecos
|
|
The default information to be held in the GECOS field of
|
|
.Pa /etc/master.passwd .
|
|
.It Va uidstart
|
|
The default user ID setting.
|
|
This must be a number above 1000 and fewer than 65534.
|
|
.It Va Zflag
|
|
Do not attempt to create ZFS home dataset.
|
|
.El
|
|
.Sh EXAMPLES
|
|
The following is an example
|
|
.Nm
|
|
file created with the
|
|
.Fl C
|
|
.Xr adduser 8
|
|
flag and modified.
|
|
.Bd -literal -offset indent
|
|
# Configuration file for adduser(8).
|
|
# NOTE: only *some* variables are saved.
|
|
# Last Modified on Fri Mar 30 14:04:05 EST 2004.
|
|
|
|
defaultLgroup=
|
|
defaultclass=
|
|
defaultgroups=
|
|
passwdtype=yes
|
|
homeprefix=/home
|
|
defaultshell=/bin/csh
|
|
udotdir=/usr/share/skel
|
|
msgfile=/etc/adduser.msg
|
|
disableflag=
|
|
upwexpire=91d # Expire passwords 91 days after creation.
|
|
.Ed
|
|
.Sh SEE ALSO
|
|
.Xr group 5 ,
|
|
.Xr passwd 5 ,
|
|
.Xr adduser 8 ,
|
|
.Xr pw 8 ,
|
|
.Xr rmuser 8
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
manual page first appeared in
|
|
.Fx 5.3 .
|
|
.Sh AUTHORS
|
|
This manual page was written by
|
|
.An Tom Rhodes Aq Mt trhodes@FreeBSD.org .
|
|
.Sh BUGS
|
|
The internal variables documented here may change without notice.
|
|
Do not rely on them.
|
|
To modify this file invoke
|
|
.Xr adduser 8
|
|
with the
|
|
.Fl C
|
|
option instead.
|