update and create new users in batch
' newusers 'u newusers [ options ][ file ]
The newusers command reads a file (or the standard input by default) and uses this information to update a set of existing users or to create new users . Each line is in the same format as the standard password file (see passwd (5))with the exceptions explained below:
pw_name This is the name of the user .
pw_passwd This field will be encrypted and used as the new value of the encrypted password .
pw_uid This field is used to define the UID of the user . If the field is empty, a new (unused) UID will be defined automatically by newusers . If this field contains a number, this number will be used as the UID . If this field contains the name of an existing user (or the name of a user created before by newusers ),the UID of the specified user will be used . If the UID of an existing user is changed, the files ownership of the user (Aqs file should be fixed manually .
pw_gid This field is used to define the primary group ID for the user . If this field contains the name of an existing group (or a group created before by newusers ),the GID of this group will be used as the primary group ID for the user . If this field is a number, this number will be used as the primary group ID of the user . If no groups exist with this GID, a new group will be created with this GID, and the name of the user . If this field is empty, a new group will be created with the name of the user and a GID will be automatically defined by newusers to be used as the primary group ID for the user and as the GID for the new group . If this field contains the name of a group which does not exist (and was not created before by newusers ),a new group will be created with the specified name and a GID will be automatically defined by newusers to be used as the primary group ID for the user and GID for the new group .
pw_gecos This field is copied in the GECOS field of the user .
pw_dir This field is used to define the home directory of the user . If this field does not specify an existing directory, the specified directory is created, with ownership set to the user being created or updated and its primary group . If the home directory of an existing user is changed, newusers does not move or copy the content of the old directory to the new location . This should be done manually .
pw_shell This field defines the shell of the user . No checks are performed on this field .
newusers first tries to create or change all the specified users, and then write these changes to the user or group databases . If an error occurs (except in the final writes to the databases), no changes are committed to the databases .
During this first pass, users are created with a locked password (and passwords are not changed for the users which are not created) . A second pass is used to update the passwords using PAM . Failures to update a password are reported, but will not stop the other password updates .
This command is intended to be used in a large system environment where many accounts are updated at a single time .
The options which apply to the newusers command are:
-h , --help Display help message and exit .
-r , --system Create a system account .
-R , --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory .
The input file must be protected since it contains unencrypted passwords .
The following configuration variables in /etc/login .defs change the behavior of this tool:
GID_MAX (number), GID_MIN (number) Range of group IDs used for the creation of regular groups by useradd , groupadd ,or newusers .
MAX_MEMBERS_PER_GROUP (number) Maximum members per group entry . When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name, same password, and same GID) . The default value is 0, meaning that there are no limits in the number of members in a group . This feature (split group) permits to limit the length of lines in the group file . This is useful to make sure that lines for NIS groups are not larger than 1024 characters . If you need to enforce such limit, you can use 25 . Note: split groups may not be supported by all tools (even in the Shadow toolsuite) . You should not use this variable unless you really need it .
PASS_MAX_DAYS (number) The maximum number of days a password may be used . If the password is older than this, a password change will be forced . If not specified, -1 will be assumed (which disables the restriction) .
PASS_MIN_DAYS (number) The minimum number of days allowed between password changes . Any password changes attempted sooner than this will be rejected . If not specified, -1 will be assumed (which disables the restriction) .
PASS_WARN_AGE (number) The number of days warning given before a password expires . A zero means warning is given only upon the day of expiration, a negative value means no warning is given . If not specified, no warning will be provided .
SUB_GID_MIN (number), SUB_GID_MAX (number), SUB_GID_COUNT (number) If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate group IDs) allocate SUB_GID_COUNT unused group IDs from the range SUB_GID_MIN to SUB_GID_MAX for each new user . The default values for SUB_GID_MIN , SUB_GID_MAX , SUB_GID_COUNT are respectively 100000, 600100000 and 65536 .
SUB_UID_MIN (number), SUB_UID_MAX (number), SUB_UID_COUNT (number) If /etc/subuid exists, the commands useradd and newusers (unless the user already have subordinate user IDs) allocate SUB_UID_COUNT unused user IDs from the range SUB_UID_MIN to SUB_UID_MAX for each new user . The default values for SUB_UID_MIN , SUB_UID_MAX , SUB_UID_COUNT are respectively 100000, 600100000 and 65536 .
SYS_GID_MAX (number), SYS_GID_MIN (number) Range of group IDs used for the creation of system groups by useradd , groupadd ,or newusers . The default value for SYS_GID_MIN (resp . SYS_GID_MAX )is 101 (resp . GID_MIN -1) .
SYS_UID_MAX (number), SYS_UID_MIN (number) Range of user IDs used for the creation of system users by useradd or newusers . The default value for SYS_UID_MIN (resp . SYS_UID_MAX )is 101 (resp . UID_MIN -1) .
UID_MAX (number), UID_MIN (number) Range of user IDs used for the creation of regular users by useradd or newusers . The default value for UID_MIN (resp . UID_MAX )is 1000 (resp . 60000) .
UMASK (number) The file mode creation mask is initialized to this value . If not specified, the mask will be initialized to 022 . useradd and newusers use this mask to set the mode of the home directory they create It is also used by pam_umask as the default umask value .
/etc/passwd User account information .
/etc/shadow Secure user account information .
/etc/group Group account information .
/etc/gshadow Secure group account information .
/etc/login .defs Shadow password suite configuration .
/etc/pam .d/newusers PAM configuration for newusers .
/etc/subgid Per user subordinate group IDs .
/etc/subuid Per user subordinate user IDs .