X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsysusers.d.xml;h=ac2db98853a367e2926c7593e80920b263901f6f;hb=13790add4bf648fed816361794d8277a75253410;hp=af31ec078dd3dbe189280c0dca94b1f4325795b9;hpb=21236ab51082668914b933041893a1cf45218a3d;p=elogind.git
diff --git a/man/sysusers.d.xml b/man/sysusers.d.xml
index af31ec078..ac2db9885 100644
--- a/man/sysusers.d.xml
+++ b/man/sysusers.d.xml
@@ -19,7 +19,8 @@
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
-->
-
+
sysusers.d
@@ -53,40 +54,38 @@
Description
systemd-sysusers uses the
- files from /usr/lib/sysusers.d/
+ files from sysusers.d directory
to create system users and groups at package
- installation or boot time. This tool may be used for
- allocating system users and groups only, it is not
+ installation or boot time. This tool may be used to
+ allocate system users and groups only, it is not
useful for creating non-system users and groups, as it
- accessed /etc/passwd and
+ accesses /etc/passwd and
/etc/group directly, bypassing
- any more complex user database, for example any
+ any more complex user databases, for example any
database involving NIS or LDAP.
-
- File Format
-
- Each file shall be named in the style of
- package.conf.
+ Configuration Format
- All files are sorted by their filename in
- lexicographic order, regardless of which of the
- directories they reside in. If multiple files specify
- the same user or group, the entry in the file with the
- lexicographically earliest name will be applied, all
- all other conflicting entries will be logged as
- errors. Users and groups are
- processed in the order they are listed.
+ Each configuration file shall be named in the
+ style of
+ package.conf
+ or
+ package-part.conf.
+ The second variant should be used when it is desirable
+ to make it easy to override just this part of
+ configuration.
The file format is one line per user or group
- containing name, ID and GECOS field description:
+ containing name, ID, GECOS field description and home directory:
# Type Name ID GECOS
u httpd 440 "HTTP User"
u authd /usr/bin/authd "Authorization user"
-g input - -
+g input - -
+m authd input
+u root 0 "Superuser" /root
Type
@@ -105,12 +104,14 @@ g input - -
group will be set to the group
bearing the same name. The
user's shell will be set to
- /sbin/login,
- the home directory to
- /. The
- account will be created
- disabled, so that logins are
- not allowed.
+ /sbin/nologin,
+ the home directory to the
+ specified home directory, or
+ / if none
+ is given. The account will be
+ created disabled, so that
+ logins are not
+ allowed.
@@ -125,6 +126,34 @@ g input - -
created with no password
set.
+
+
+ m
+ Add a user to
+ a group. If the user or group
+ are not existing yet, they
+ will be implicitly
+ created.
+
+
+
+ r
+ Add a range of
+ numeric UIDs/GIDs to the pool
+ to allocate new UIDs and GIDs
+ from. If no line of this type
+ is specified the range of
+ UIDs/GIDs is set to some
+ compiled-in default. Note that
+ both UIDs and GIDs are
+ allocated from the same pool,
+ in order to ensure that users
+ and groups of the same name
+ are likely to carry the same
+ numeric UID and
+ GID.
+
+
@@ -132,7 +161,7 @@ g input - -
Name
The name field specifies the user or
- group name. It should be be shorter than 256
+ group name. It should be shorter than 31
characters and avoid any non-ASCII characters,
and not begin with a numeric character. It is
strongly recommended to pick user and group
@@ -141,22 +170,43 @@ g input - -
scheme to guarantee this is by prefixing all
system and group names with the underscore,
and avoiding too generic names.
+
+ For m lines this
+ field should contain the user name to add to a
+ group.
+
+ For lines of type r
+ this field should be set to
+ -.
ID
- The numeric 32bit UID or GID of the
- user/group. Do not use IDs 65535 or
+ For u and
+ g the numeric 32bit UID or
+ GID of the user/group. Do not use IDs 65535 or
4294967295, as they have special placeholder
- meanings. Specify "-" for automatic UID/GID
- allocation for the user or
+ meanings. Specify - for
+ automatic UID/GID allocation for the user or
group. Alternatively, specify an absolute path
in the file system. In this case the UID/GID
is read from the path's owner/group. This is
useful to create users whose UID/GID match the
owners of pre-existing files (such as SUID or
SGID binaries).
+
+ For m lines this
+ field should contain the group name to add to
+ a user to.
+
+ For lines of type r
+ this field should be set to a UID/GID range in
+ the format FROM-TO where
+ both values are formatted as decimal ASCII
+ numbers. Alternatively, a single UID/GID may
+ be specified formatted as decimal ASCII
+ numbers.
@@ -165,10 +215,44 @@ g input - -
A short, descriptive string for users to
be created, enclosed in quotation marks. Note
that this field may not contain colons.
+
+ Only applies to lines of type
+ u and should otherwise be
+ left unset, or be set to
+ -.
+
+
+
+ Home Directory
+
+ The home directory for a new system
+ user. If omitted defaults to the root
+ directory. It is recommended to not
+ unnecessarily specify home directories for
+ system users, unless software strictly
+ requires one to be set.
+
+ Only applies to lines of type
+ u and should otherwise be
+ left unset, or be set to
+ -.
+
+
+
+ Idempotence
+
+ Note that systemd-sysusers
+ will do nothing if the specified users or groups
+ already exist, so normally there no reason to override
+ sysusers.d vendor configuration,
+ except to block certain users or groups from being
+ created.
+
+
See Also