1 --- shadow-4.0.16/lib/getdef.c~ 2006-06-08 00:19:27.452506888 +0300
2 +++ shadow-4.0.16/lib/getdef.c 2006-06-08 00:21:20.945057953 +0300
7 + {"SYS_GID_MAX", NULL},
8 + {"SYS_GID_MIN", NULL},
9 {"HUSHLOGIN_FILE", NULL},
11 {"LOGIN_RETRIES", NULL},
13 {"TTYTYPE_FILE", NULL},
16 + {"SYS_UID_MAX", NULL},
17 + {"SYS_UID_MIN", NULL},
19 {"USERDEL_CMD", NULL},
20 {"USERGROUPS_ENAB", NULL},
21 --- shadow-4.0.6/src/useradd.c 2004-11-18 21:45:00.713398344 +0100
22 +++ shadow-4.0.16/src/useradd.c 2006-06-08 01:17:05.580340031 +0300
25 * These defaults are used if there is no defaults file.
27 -static gid_t def_group = 100;
28 +static gid_t def_group = 1000;
29 static const char *def_gname = "other";
30 -static const char *def_home = "/home";
31 -static const char *def_shell = "";
32 +static const char *def_home = "/home/users";
33 +static const char *def_shell = "/dev/null";
34 static const char *def_template = SKEL_DIR;
35 static const char *def_create_mail_spool = "no";
38 #define VALID(s) (strcspn (s, ":\n") == strlen (s))
40 static const char *user_name = "";
41 -static const char *user_pass = "!";
42 +static const char *user_pass = "!!";
44 static gid_t user_gid;
45 static const char *user_comment = "";
47 mflg = 0, /* create user's home directory if it doesn't exist */
48 nflg = 0, /* create a group having the same name as the user */
49 oflg = 0, /* permit non-unique user ID to be specified with -u */
50 + rflg = 0, /* create system account (wuth lower uid) */
51 sflg = 0, /* shell program for new account */
52 uflg = 0; /* specify user ID for new account */
56 " -p, --password PASSWORD use encrypted password for the new user\n"
58 + " -r create a system account, with uid lower than usual\n"
59 " -s, --shell SHELL the login shell for the new user account\n"
60 " -u, --uid UID force use the UID for the new user account\n"));
64 uid_min = getdef_unum ("UID_MIN", 1000);
65 uid_max = getdef_unum ("UID_MAX", 60000);
67 + uid_min = getdef_unum ("UID_MIN", 500);
68 + uid_max = getdef_unum ("UID_MAX", 60000);
70 + uid_min = getdef_unum ("SYS_UID_MIN", 1);
71 + uid_max = getdef_unum ("SYS_UID_MAX", 499);
75 * Start with some UID value if the user didn't provide us with
80 - getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
81 + getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:r",
82 long_options, NULL)) != -1) {
89 + case 'r': /* create system account */
95 --- shadow-4.0.16/src/groupadd.c 2006-06-09 21:26:14.039716861 +0300
96 +++ shadow-4.0.18.1/src/groupadd.c 2006-11-11 18:38:27.453562057 +0200
98 static int oflg = 0; /* permit non-unique group ID to be specified with -g */
99 static int gflg = 0; /* ID value for the new group */
100 static int fflg = 0; /* if group already exists, do nothing and exit(0) */
101 +static int rflg = 0; /* add system group (with lower gid) */
104 extern int gr_dbm_mode;
106 " -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
107 " -o, --non-unique allow create group with duplicate\n"
108 " (non-unique) GID\n"
109 + " -r create a system account, with gid lower than usual\n"
114 const struct group *grp;
115 gid_t gid_min, gid_max;
117 - gid_min = getdef_unum ("GID_MIN", 1000);
118 - gid_max = getdef_unum ("GID_MAX", 60000);
120 + gid_min = getdef_unum ("GID_MIN", 500);
121 + gid_max = getdef_unum ("GID_MAX", 60000);
123 + gid_min = getdef_unum ("SYS_GID_MIN", 10);
124 + gid_max = getdef_unum ("SYS_GID_MAX", 499);
128 * Start with some GID value if the user didn't provide us with
133 - getopt_long (argc, argv, "fg:hK:o", long_options,
134 + getopt_long (argc, argv, "fg:hK:or", long_options,
135 &option_index)) != -1) {
143 + /* create system group */
149 --- shadow-4.0.16/man/groupadd.8~ 2006-06-09 23:20:28.053339201 +0300
150 +++ shadow-4.0.16/man/groupadd.8 2006-06-09 23:22:17.115785750 +0300
152 groupadd \- create a new group
155 -\fBgroupadd\fR [\-g\ \fIGID\fR\ [\-o]] [\-f] [\-K\ \fIKEY\fR=\fIVALUE\fR] \fIgroup\fR
156 +\fBgroupadd\fR [\-g\ \fIGID\fR\ [\-o]] [\-f] [\-r] [\-K\ \fIKEY\fR=\fIVALUE\fR] \fIgroup\fR
163 This option permits to add group with non\-unique GID.
166 +This flag is used to create a system group, with gid lower than usual
167 +(chosen between SYS_GID_MIN and SYS_GID_MAX).
171 --- shadow-4.0.16/man/useradd.8~ 2006-06-09 23:05:41.393444193 +0300
172 +++ shadow-4.0.16/man/useradd.8 2006-06-09 23:05:43.273486388 +0300
174 The encrypted password, as returned by
175 \fBcrypt\fR(3). The default is to disable the account.
178 +The number of days after a password has expired before the account will be disabled.
180 \fB\-s\fR, \fB\-\-shell\fR \fISHELL\fR
181 The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell.
183 --- shadow-4.0.16/man/pl/groupadd.8~ 2006-06-09 21:27:27.071352380 +0300
184 +++ shadow-4.0.16/man/pl/groupadd.8 2006-06-09 21:29:35.034218035 +0300
187 groupadd \- twórz nową grupę
189 -\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] \fIgrupa\fR
190 +\fBgroupadd\fR [\fB\-g\fR \fIgid\fR [\fB\-o\fR]] [\fB\-f\fR] [\fB-r\fR] \fIgrupa\fR
192 Polecenie \fBgroupadd\fR tworzy nowe konto grupy posługując się
193 wartościami podanymi w wierszu poleceń i domyślnymi wartościami z systemu.
195 podana groupa już istnieje. Z opcją \fB\-g\fR, jeśli podany gid już istnieje,
196 wybierany jest inny (unikalny) gid (czyli \fB\-g\fR jest wyłączane).
199 +Ta opcja s¿u¿y do zak¿adania grup systemowych, z identyfikatorami ni¿szymi
200 +ni¿ zwykle (wybieranymi z przedzia¿u od SYS_GID_MIN do SYS_GID_MAX).
203 Numeryczna wartość identyfikatora grupy. Wartość ta musi być niepowtarzalna,
204 chyba że użyto opcji \fB\-o\fR. Wartość ID grupy nie może być ujemna. Domyślnie
205 --- shadow-4.0.16/man/pl/useradd.8~ 2006-06-09 22:52:54.696249131 +0300
206 +++ shadow-4.0.16/man/pl/useradd.8 2006-06-09 23:00:57.427074349 +0300
208 .IP "\fB\-p\fR \fIpasswd\fR"
209 Zakodowane hasło w postaci zwracanej przez \fBcrypt\fR(3).
210 Domyślnym działaniem jest blokowanie konta.
212 +Tworzenie konta systemowego, z identyfikatorem ni¿szym ni¿ zwykle
213 +(wybieranym z przedzia¿u od SYS_UID_MIN do SYS_UID_MAX).
214 .IP "\fB\-s\fR \fIpowłoka\fR"
215 Nazwa powłoki (shell) użytkownika. Ustawienie tego pola na puste
216 powoduje, że system wybierze domyślną powłokę logowania.