xref: /openbsd/usr.sbin/user/usermgmt.conf.5 (revision 42e2d2b6) 
1*42e2d2b6Sjmc.\" $OpenBSD: usermgmt.conf.5,v 1.14 2016/11/30 20:26:37 jmc Exp $
28124f21aSmillert.\" $NetBSD: usermgmt.conf.5,v 1.3 2002/10/02 13:49:11 grant Exp $
38124f21aSmillert.\"
48124f21aSmillert.\" Copyright (c) 2002 The NetBSD Foundation, Inc.
58124f21aSmillert.\" All rights reserved.
68124f21aSmillert.\"
78124f21aSmillert.\" This document is derived from works contributed to The NetBSD Foundation
88124f21aSmillert.\" by Grant Beattie.
98124f21aSmillert.\"
108124f21aSmillert.\" Redistribution and use in source and binary forms, with or without
118124f21aSmillert.\" modification, are permitted provided that the following conditions
128124f21aSmillert.\" are met:
138124f21aSmillert.\" 1. Redistributions of source code must retain the above copyright
148124f21aSmillert.\"    notice, this list of conditions and the following disclaimer.
158124f21aSmillert.\" 2. Redistributions in binary form must reproduce the above copyright
168124f21aSmillert.\"    notice, this list of conditions and the following disclaimer in the
178124f21aSmillert.\"    documentation and/or other materials provided with the distribution.
188124f21aSmillert.\" 3. The name of the author may not be used to endorse or promote products
198124f21aSmillert.\"    derived from this software without specific prior written permission.
208124f21aSmillert.\"
218124f21aSmillert.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
228124f21aSmillert.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
238124f21aSmillert.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
248124f21aSmillert.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
258124f21aSmillert.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
268124f21aSmillert.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
278124f21aSmillert.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
288124f21aSmillert.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
298124f21aSmillert.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
308124f21aSmillert.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
318124f21aSmillert.\" SUCH DAMAGE.
328124f21aSmillert.\"
33*42e2d2b6Sjmc.Dd $Mdocdate: November 30 2016 $
348124f21aSmillert.Dt USERMGMT.CONF 5
358124f21aSmillert.Os
368124f21aSmillert.Sh NAME
378124f21aSmillert.Nm usermgmt.conf
388124f21aSmillert.Nd user management tools configuration file
398124f21aSmillert.Sh DESCRIPTION
408124f21aSmillertThe
418124f21aSmillert.Nm usermgmt.conf
428124f21aSmillertfile defines the default values used by the user management tools,
438124f21aSmillert.Xr user 8 .
448124f21aSmillert.Pp
458124f21aSmillertOptions in this file can be set by manually editing
468124f21aSmillert.Pa /etc/usermgmt.conf
478124f21aSmillertor using the
488124f21aSmillert.Fl D
498124f21aSmillertoption to
508124f21aSmillert.Xr useradd 8 .
518124f21aSmillert.Bl -tag -width preserveX
528124f21aSmillert.It Ic base_dir
530f5c715dSsobradoSets the base directory name, in which new users' home directories
548124f21aSmillertare created when using the
558124f21aSmillert.Fl m
568124f21aSmillertoption to
578124f21aSmillert.Xr useradd 8 .
588124f21aSmillert.It Ic class
590f5c715dSsobradoSets the default login class for new users.
608124f21aSmillertSee
618124f21aSmillert.Xr login.conf 5
628124f21aSmillertfor more information on user login classes.
638124f21aSmillert.It Ic expire
640f5c715dSsobradoSets the default time at which the new accounts expire.
658124f21aSmillertBoth the
668124f21aSmillert.Ar expire
678124f21aSmillertand
688124f21aSmillert.Ar inactive
698124f21aSmillertfields should be entered in the form
708124f21aSmillert.Dq month day year ,
718124f21aSmillertwhere month is the month name (the first three characters are
728124f21aSmillertsufficient), day is the day of the month, and year is the year.
734dda51ceSjmcTime in seconds since the Epoch (UTC) is also valid.
748124f21aSmillertA value of 0 can be used to disable this feature.
758124f21aSmillert.It Ic group
760f5c715dSsobradoSets the default primary group for new users.
77*42e2d2b6SjmcIf this is the special string
78*42e2d2b6Sjmc.Cm =uid ,
79*42e2d2b6Sjmca group is created with the same numeric ID as the UID;
80*42e2d2b6Sjmcif such a group already exists a warning is given
81*42e2d2b6Sjmcand no group is created.
824fb31a24SjmcIt has the format:
83696927d1Sjmc.Bd -ragged -offset indent
848124f21aSmillert.Ic group
85*42e2d2b6Sjmc.Ar gid | name | Cm =uid
868124f21aSmillert.Ed
878124f21aSmillert.It Ic inactive
880f5c715dSsobradoSets the default time at which the passwords of new accounts expire.
898124f21aSmillertA value of 0 can be used to disable this feature.
908124f21aSmillertAlso see the
918124f21aSmillert.Ar expire
928124f21aSmillertfield.
938124f21aSmillert.It Ic password
94cda7d927StbSpecifies a default password encrypted with
95cda7d927Stb.Xr encrypt 1 .
968124f21aSmillert.It Ic preserve
978124f21aSmillertIf this value is one of
988124f21aSmillert.Ql true ,
998124f21aSmillert.Ql yes ,
1008124f21aSmillertor a non-zero number, then the user login information will be
1018124f21aSmillertpreserved when removing a user with
1028124f21aSmillert.Xr userdel 8 .
1038124f21aSmillert.It Ic range
1040f5c715dSsobradoSpecifies the UID boundaries for new users.
1058124f21aSmillertIf unspecified, the default is
1068124f21aSmillert.Dq 1000..60000 .
1078124f21aSmillertIt has the format:
108b5ceb444Sjmc.Bd -unfilled -offset indent
1098124f21aSmillert.Ic range Ar starting-uid Ns Li .. Ns Ar ending-uid
1108124f21aSmillert.Ed
1118124f21aSmillert.It Ic shell
1120f5c715dSsobradoSets the default login shell for new users.
1138124f21aSmillert.It Ic skel_dir
1140f5c715dSsobradoSets the default skeleton directory in which to find files
1158124f21aSmillertwith which to populate the new user's home directory.
1168124f21aSmillert.El
1178124f21aSmillert.Sh FILES
1188124f21aSmillert.Bl -tag -width /etc/usermgmt.conf -compact
1198124f21aSmillert.It Pa /etc/usermgmt.conf
1208124f21aSmillert.It Pa /etc/skel/*
1218124f21aSmillert.It Pa /etc/login.conf
1228124f21aSmillert.El
1238124f21aSmillert.Sh SEE ALSO
1248124f21aSmillert.Xr login.conf 5 ,
1258124f21aSmillert.Xr passwd 5 ,
1268124f21aSmillert.Xr user 8 ,
1278124f21aSmillert.Xr useradd 8 ,
1288124f21aSmillert.Xr userdel 8 ,
1298124f21aSmillert.Xr usermod 8
130a44f4117Sjmc.Sh STANDARDS
131a44f4117SjmcOther implementations of the
132a44f4117Sjmc.Xr user 8
133a44f4117Sjmcutilities use the
134a44f4117Sjmc.Ar inactive-time
135a44f4117Sjmcparameter to refer to the maximum number of days allowed between logins (this
136a44f4117Sjmcis used to lock "stale" accounts that have not been used for a period of time).
137a44f4117SjmcHowever, on
138a44f4117Sjmc.Ox
139a44f4117Sjmcsystems this parameter refers instead to the password change time.
140a44f4117SjmcThis is due to differences in the
141a44f4117Sjmc.Xr passwd 5
142a44f4117Sjmcdatabase compared to other operating systems.
1438124f21aSmillert.Sh HISTORY
1448124f21aSmillertThe
1458124f21aSmillert.Nm
1468124f21aSmillertconfiguration file first appeared in
1478124f21aSmillert.Ox 2.7 .
148