|
|
@@ -23,8 +23,7 @@
|
|
|
<sect2 role="package">
|
|
|
<title/>
|
|
|
|
|
|
- <para>The Shadow package contains programs for handling passwords in a secure
|
|
|
- way.</para>
|
|
|
+ <para>Shadow 软件包包含安全地处理密码的程序。</para>
|
|
|
|
|
|
<segmentedlist>
|
|
|
<segtitle>&buildtime;</segtitle>
|
|
|
@@ -42,42 +41,41 @@
|
|
|
<title>安装Shadow</title>
|
|
|
|
|
|
<note>
|
|
|
- <para>If you would like to enforce the use of strong passwords, refer to
|
|
|
- <ulink url="&blfs-book;postlfs/cracklib.html"/> for installing
|
|
|
- CrackLib prior to building Shadow. Then add
|
|
|
- <parameter>--with-libcrack</parameter> to the <command>configure</command>
|
|
|
- command below.</para>
|
|
|
+ <para>如果您希望强制使用强密码,参考
|
|
|
+ <ulink url="&blfs-book;postlfs/cracklib.html"/> 以在构建 Shadow 前安装
|
|
|
+ CrackLib,然后为下面的 <command>configure</command> 命令附加
|
|
|
+ <parameter>--with-libcrack</parameter> 参数。</para>
|
|
|
</note>
|
|
|
|
|
|
- <para>Disable the installation of the <command>groups</command> program
|
|
|
- and its man pages, as Coreutils provides a better version. Also
|
|
|
- Prevent the installation of manual pages that were already installed by the
|
|
|
- <xref linkend="man-pages"/> package:</para>
|
|
|
+ <para>禁止该软件包安装 <command>groups</command>
|
|
|
+ 程序和它的 man 页面,因为 Coreutils 会提供更好的版本。
|
|
|
+ 同样,避免安装 <xref linkend="man-pages"/>
|
|
|
+ 软件包已经提供的 man 页面:</para>
|
|
|
|
|
|
<screen><userinput remap="pre">sed -i 's/groups$(EXEEXT) //' src/Makefile.in
|
|
|
find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \;
|
|
|
find man -name Makefile.in -exec sed -i 's/getspnam\.3 / /' {} \;
|
|
|
find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;</userinput></screen>
|
|
|
|
|
|
- <para id="shadow-login_defs">Instead of using the default
|
|
|
- <emphasis>crypt</emphasis> method, use the more secure
|
|
|
- <emphasis>SHA-512</emphasis> method of password encryption, which also
|
|
|
- allows passwords longer than 8 characters. It is also necessary to change
|
|
|
- the obsolete <filename class="directory">/var/spool/mail</filename> location
|
|
|
- for user mailboxes that Shadow uses by default to the <filename
|
|
|
- class="directory">/var/mail</filename> location used currently:</para>
|
|
|
+ <para id="shadow-login_defs"> 不使用默认的
|
|
|
+ <emphasis>crypt</emphasis> 加密方法,使用更安全的
|
|
|
+ <emphasis>SHA-512</emphasis> 方法加密密码,
|
|
|
+ 该方法也允许长度超过 8 个字符的密码。另外,还需要把 Shadow
|
|
|
+ 默认使用的用户邮箱位置
|
|
|
+ <filename class="directory">/var/spool/mail</filename>
|
|
|
+ 改为当前普遍使用的 <filename class="directory">/var/mail</filename>
|
|
|
+ 目录:</para>
|
|
|
|
|
|
<screen><userinput remap="pre">sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
|
|
|
-e 's@/var/spool/mail@/var/mail@' etc/login.defs</userinput></screen>
|
|
|
|
|
|
<note>
|
|
|
- <para>If you chose to build Shadow with Cracklib support, run the following:</para>
|
|
|
+ <para>如果您选择构建有 Cracklib 支持的 Shadow,执行下列命令:</para>
|
|
|
|
|
|
<screen role="nodump"><userinput>sed -i 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' etc/login.defs</userinput></screen>
|
|
|
</note>
|
|
|
|
|
|
- <para>Make a minor change to make the first group number generated
|
|
|
- by useradd 1000:</para>
|
|
|
+ <para>进行微小的改动,使 useradd 使用 1000 作为第一个组编号:</para>
|
|
|
|
|
|
<screen><userinput remap="pre">sed -i 's/1000/999/' etc/useradd</userinput></screen>
|
|
|
|
|
|
@@ -86,13 +84,13 @@ find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;</userinput></s
|
|
|
<screen><userinput remap="configure">./configure --sysconfdir=/etc --with-group-name-max-length=32</userinput></screen>
|
|
|
|
|
|
<variablelist>
|
|
|
- <title>The meaning of the configure option:</title>
|
|
|
+ <title>配置选项的含义:</title>
|
|
|
|
|
|
<varlistentry>
|
|
|
<term><parameter>--with-group-name-max-length=32</parameter></term>
|
|
|
<listitem>
|
|
|
- <para>The maximum user name is 32 characters. Make the maximum
|
|
|
- group name the same.</para>
|
|
|
+ <para>最长用户名可以有 32 个字符,设定组名称最大长度为相同值。
|
|
|
+ </para>
|
|
|
</listitem>
|
|
|
</varlistentry>
|
|
|
|
|
|
@@ -108,7 +106,7 @@ find man -name Makefile.in -exec sed -i 's/passwd\.5 / /' {} \;</userinput></s
|
|
|
|
|
|
<screen><userinput remap="install">make install</userinput></screen>
|
|
|
|
|
|
- <para>Move a misplaced program to its proper location:</para>
|
|
|
+ <para>将一个安装位置不正确的程序移动到正确位置:</para>
|
|
|
|
|
|
<screen><userinput remap="install">mv -v /usr/bin/passwd /bin</userinput></screen>
|
|
|
|
|
|
@@ -121,31 +119,43 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
</sect2>
|
|
|
|
|
|
<sect2 id="conf-shadow" role="configuration">
|
|
|
- <title>Configuring Shadow</title>
|
|
|
+ <title>配置 Shadow</title>
|
|
|
|
|
|
<indexterm zone="conf-shadow">
|
|
|
<primary sortas="a-Shadow">Shadow</primary>
|
|
|
<secondary>configuring</secondary>
|
|
|
</indexterm>
|
|
|
|
|
|
- <para>This package contains utilities to add, modify, and delete users and
|
|
|
+ <!--para>This package contains utilities to add, modify, and delete users and
|
|
|
groups; set and change their passwords; and perform other administrative
|
|
|
tasks. For a full explanation of what <emphasis>password shadowing</emphasis>
|
|
|
means, see the <filename>doc/HOWTO</filename> file within the unpacked
|
|
|
source tree. If using Shadow support, keep in mind that programs which need
|
|
|
to verify passwords (display managers, FTP programs, pop3 daemons, etc.)
|
|
|
must be Shadow-compliant. That is, they need to be able to work with
|
|
|
- shadowed passwords.</para>
|
|
|
-
|
|
|
- <para>To enable shadowed passwords, run the following command:</para>
|
|
|
+ shadowed passwords.</para-->
|
|
|
+ <para>该软件包包含用于添加、修改、删除用户和组,设定和修改它们的密码,
|
|
|
+ 以及进行其他管理任务的工具。如果希望查阅关于
|
|
|
+ <emphasis>password shadowing</emphasis> 的详细解释,
|
|
|
+ 阅读解压得到源代码目录树中的 <filename>doc/HOWTO</filename>
|
|
|
+ 文件。如果使用 Shadow 支持,记住所有需要验证密码的程序
|
|
|
+ (如显示管理器、FTP 程序、pop3 守护进程等)都必须和 Shadow
|
|
|
+ 兼容。换句话说,它们必须能使用 Shadow 加密的密码。</para>
|
|
|
+ <note><title>译注</title>
|
|
|
+ <para>大多数 Linux 程序要么本身支持 Shadow,要么通过 Linux PAM
|
|
|
+ 支持 Shadow。为了提高安全性,建议启用 Shadow 加密。
|
|
|
+ </para>
|
|
|
+ </note>
|
|
|
+
|
|
|
+ <para>执行下列命令,对用户密码启用 Shadow 加密:</para>
|
|
|
|
|
|
<screen><userinput>pwconv</userinput></screen>
|
|
|
|
|
|
- <para>To enable shadowed group passwords, run:</para>
|
|
|
+ <para>执行命令,对组密码启用 Shadow 加密:</para>
|
|
|
|
|
|
<screen><userinput>grpconv</userinput></screen>
|
|
|
|
|
|
- <para>Shadow's stock configuration for the <command>useradd</command>
|
|
|
+ <!--para>Shadow's stock configuration for the <command>useradd</command>
|
|
|
utility has a few caveats that need some explanation. First, the default
|
|
|
action for the <command>useradd</command> utility is to create the user and
|
|
|
a group of the same name as the user. By default the user ID (UID) and
|
|
|
@@ -155,15 +165,25 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
to pass the <parameter>-g</parameter> parameter to
|
|
|
<command>useradd</command>. The default parameters are stored in the
|
|
|
<filename>/etc/default/useradd</filename> file. You may need to modify two
|
|
|
- parameters in this file to suit your particular needs.</para>
|
|
|
+ parameters in this file to suit your particular needs.</para-->
|
|
|
+ <para>Shadow 为 <command>useradd</command>
|
|
|
+ 提供的配置文件有一些需要解释的事项。首先,<command>useradd</command>
|
|
|
+ 的默认操作是创建一个用户,以及一个名字和用户名相同的组。
|
|
|
+ 默认情况下,用户 ID (UID)和组 ID (GID)会从 1000 开始。
|
|
|
+ 这意味着,如果您不向 <command>useradd</command> 传递参数,
|
|
|
+ 每个用户都会属于一个不同的组。如果您不希望这样,
|
|
|
+ 就要向 <command>useradd</command> 传递 <parameter>-g</parameter>
|
|
|
+ 参数。默认参数保存在 <filename>/etc/default/useradd</filename>
|
|
|
+ 文件中,您可以编辑其中的两个参数,以满足您的特定需求:
|
|
|
+ </para>
|
|
|
|
|
|
<variablelist>
|
|
|
- <title><filename>/etc/default/useradd</filename> Parameter Explanations</title>
|
|
|
+ <title><filename>/etc/default/useradd</filename> 参数解释</title>
|
|
|
|
|
|
<varlistentry>
|
|
|
<term><parameter>GROUP=1000</parameter></term>
|
|
|
<listitem>
|
|
|
- <para>This parameter sets the beginning of the group numbers used in
|
|
|
+ <!--para>This parameter sets the beginning of the group numbers used in
|
|
|
the /etc/group file. You can modify it to anything you desire. Note
|
|
|
that <command>useradd</command> will never reuse a UID or GID. If the
|
|
|
number identified in this parameter is used, it will use the next
|
|
|
@@ -172,19 +192,34 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
without the <parameter>-g</parameter> parameter, you'll get a message
|
|
|
displayed on the terminal that says:
|
|
|
<computeroutput>useradd: unknown GID 1000</computeroutput>. You may
|
|
|
- disregard this message and group number 1000 will be used.</para>
|
|
|
+ disregard this message and group number 1000 will be used.</para-->
|
|
|
+ <para>该参数设定 /etc/group 文件中使用的第一个组编号,
|
|
|
+ 您可以将它修改为您希望的任何值。注意
|
|
|
+ <command>useradd</command> 绝不会重用 UID 或 GID,
|
|
|
+ 如果该参数指定的数字已经被使用了,它就会使用下一个可用的数字。
|
|
|
+ 另外,如果在您第一次不加 <parameter>-g</parameter>
|
|
|
+ 参数使用 <command>useradd</command> 时没有编号 1000 的组,
|
|
|
+ 您就会在终端看到一条消息:
|
|
|
+ <computeroutput>useradd: unknown GID 1000</computeroutput>。
|
|
|
+ 您可以忽略这条消息,它会使用组编号 1000 。</para>
|
|
|
</listitem>
|
|
|
</varlistentry>
|
|
|
<varlistentry>
|
|
|
<term><parameter>CREATE_MAIL_SPOOL=yes</parameter></term>
|
|
|
<listitem>
|
|
|
- <para>This parameter causes <command>useradd</command> to create a
|
|
|
+ <!--para>This parameter causes <command>useradd</command> to create a
|
|
|
mailbox file for the newly created user. <command>useradd</command>
|
|
|
will make the group ownership of this file to the
|
|
|
<systemitem class="groupname">mail</systemitem> group with 0660
|
|
|
permissions. If you would prefer that these mailbox files are not
|
|
|
created by <command>useradd</command>, issue the following
|
|
|
- command:</para>
|
|
|
+ command:</para-->
|
|
|
+ <para>该参数使得 <command>useradd</command>
|
|
|
+ 为新创建的用户建立邮箱文件。<command>useradd</command>
|
|
|
+ 会使得 <systemitem class="groupname">mail</systemitem>
|
|
|
+ 为拥有该文件的组,并为文件赋予 0660 访问权限。
|
|
|
+ 如果您不希望 <command>useradd</command> 创建这些邮箱文件,
|
|
|
+ 执行下列命令:</para>
|
|
|
|
|
|
<screen><userinput>sed -i 's/yes/no/' /etc/default/useradd</userinput></screen>
|
|
|
</listitem>
|
|
|
@@ -196,10 +231,10 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
</sect2>
|
|
|
|
|
|
<sect2 role="configuration">
|
|
|
- <title>Setting the root password</title>
|
|
|
+ <title>设定 root 密码</title>
|
|
|
|
|
|
- <para>Choose a password for user <emphasis>root</emphasis> and set it
|
|
|
- by running:</para>
|
|
|
+ <para>为用户 <emphasis>root</emphasis> 选择一个密码,
|
|
|
+ 并执行下列命令设定它:</para>
|
|
|
|
|
|
<screen role="nodump"><userinput>passwd root</userinput></screen>
|
|
|
|
|
|
@@ -216,8 +251,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<seg>chage, chfn, chgpasswd, chpasswd, chsh, expiry, faillog, gpasswd,
|
|
|
groupadd, groupdel, groupmems, groupmod, grpck, grpconv, grpunconv,
|
|
|
lastlog, login, logoutd, newgidmap, newgrp, newuidmap, newusers,
|
|
|
- nologin, passwd, pwck, pwconv, pwunconv, sg (link to newgrp), su,
|
|
|
- useradd, userdel, usermod, vigr (link to vipw), and vipw</seg>
|
|
|
+ nologin, passwd, pwck, pwconv, pwunconv, sg (到 newgrp的链接), su,
|
|
|
+ useradd, userdel, usermod, vigr (到 vipw 的链接), 以及 vipw</seg>
|
|
|
<seg>/etc/default</seg>
|
|
|
</seglistitem>
|
|
|
</segmentedlist>
|
|
|
@@ -230,8 +265,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="chage">
|
|
|
<term><command>chage</command></term>
|
|
|
<listitem>
|
|
|
- <para>Used to change the maximum number of days between obligatory
|
|
|
- password changes</para>
|
|
|
+ <para>用于修改强制性密码更新的最大天数</para>
|
|
|
<indexterm zone="ch-system-shadow chage">
|
|
|
<primary sortas="b-chage">chage</primary>
|
|
|
</indexterm>
|
|
|
@@ -241,7 +275,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="chfn">
|
|
|
<term><command>chfn</command></term>
|
|
|
<listitem>
|
|
|
- <para>Used to change a user's full name and other information</para>
|
|
|
+ <para>用于修改用户全名和其他信息</para>
|
|
|
<indexterm zone="ch-system-shadow chfn">
|
|
|
<primary sortas="b-chfn">chfn</primary>
|
|
|
</indexterm>
|
|
|
@@ -251,7 +285,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="chgpasswd">
|
|
|
<term><command>chgpasswd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Used to update group passwords in batch mode</para>
|
|
|
+ <para>用于批量更新组密码</para>
|
|
|
<indexterm zone="ch-system-shadow chgpasswd">
|
|
|
<primary sortas="b-chgpasswd">chgpasswd</primary>
|
|
|
</indexterm>
|
|
|
@@ -261,7 +295,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="chpasswd">
|
|
|
<term><command>chpasswd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Used to update user passwords in batch mode</para>
|
|
|
+ <para>用于批量更新用户密码</para>
|
|
|
<indexterm zone="ch-system-shadow chpasswd">
|
|
|
<primary sortas="b-chpasswd">chpasswd</primary>
|
|
|
</indexterm>
|
|
|
@@ -271,7 +305,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="chsh">
|
|
|
<term><command>chsh</command></term>
|
|
|
<listitem>
|
|
|
- <para>Used to change a user's default login shell</para>
|
|
|
+ <para>用于改变用户的默认登录 shell</para>
|
|
|
<indexterm zone="ch-system-shadow chsh">
|
|
|
<primary sortas="b-chsh">chsh</primary>
|
|
|
</indexterm>
|
|
|
@@ -281,7 +315,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="expiry">
|
|
|
<term><command>expiry</command></term>
|
|
|
<listitem>
|
|
|
- <para>Checks and enforces the current password expiration policy</para>
|
|
|
+ <para>检查并强制当前密码过期策略</para>
|
|
|
<indexterm zone="ch-system-shadow expiry">
|
|
|
<primary sortas="b-expiry">expiry</primary>
|
|
|
</indexterm>
|
|
|
@@ -291,9 +325,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="faillog">
|
|
|
<term><command>faillog</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to examine the log of login failures, to set a maximum
|
|
|
- number of failures before an account is blocked, or to reset the
|
|
|
- failure count</para>
|
|
|
+ <para>用于检查失败登录日志,设定锁定账户的最大失败次数,
|
|
|
+ 或重置失败次数</para>
|
|
|
<indexterm zone="ch-system-shadow faillog">
|
|
|
<primary sortas="b-faillog">faillog</primary>
|
|
|
</indexterm>
|
|
|
@@ -303,8 +336,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="gpasswd">
|
|
|
<term><command>gpasswd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to add and delete members and administrators to
|
|
|
- groups</para>
|
|
|
+ <para>用于增加或删除组的用户和管理员</para>
|
|
|
<indexterm zone="ch-system-shadow gpasswd">
|
|
|
<primary sortas="b-gpasswd">gpasswd</primary>
|
|
|
</indexterm>
|
|
|
@@ -314,7 +346,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="groupadd">
|
|
|
<term><command>groupadd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Creates a group with the given name</para>
|
|
|
+ <para>以指定名称创建组</para>
|
|
|
<indexterm zone="ch-system-shadow groupadd">
|
|
|
<primary sortas="b-groupadd">groupadd</primary>
|
|
|
</indexterm>
|
|
|
@@ -324,7 +356,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="groupdel">
|
|
|
<term><command>groupdel</command></term>
|
|
|
<listitem>
|
|
|
- <para>Deletes the group with the given name</para>
|
|
|
+ <para>删除指定的组</para>
|
|
|
<indexterm zone="ch-system-shadow groupdel">
|
|
|
<primary sortas="b-groupdel">groupdel</primary>
|
|
|
</indexterm>
|
|
|
@@ -334,8 +366,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="groupmems">
|
|
|
<term><command>groupmems</command></term>
|
|
|
<listitem>
|
|
|
- <para>Allows a user to administer his/her own group membership list
|
|
|
- without the requirement of super user privileges.</para>
|
|
|
+ <para>在不需要超级用户权限的情况下,
|
|
|
+ 允许用户管理自己的组成员列表</para>
|
|
|
<indexterm zone="ch-system-shadow groupmems">
|
|
|
<primary sortas="b-groupmems">groupmems</primary>
|
|
|
</indexterm>
|
|
|
@@ -345,7 +377,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="groupmod">
|
|
|
<term><command>groupmod</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to modify the given group's name or GID</para>
|
|
|
+ <para>用于修改给定的组名称或 GID</para>
|
|
|
<indexterm zone="ch-system-shadow groupmod">
|
|
|
<primary sortas="b-groupmod">groupmod</primary>
|
|
|
</indexterm>
|
|
|
@@ -355,9 +387,9 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="grpck">
|
|
|
<term><command>grpck</command></term>
|
|
|
<listitem>
|
|
|
- <para>Verifies the integrity of the group files
|
|
|
- <filename>/etc/group</filename> and
|
|
|
- <filename>/etc/gshadow</filename></para>
|
|
|
+ <para>验证组文件
|
|
|
+ <filename>/etc/group</filename> 和
|
|
|
+ <filename>/etc/gshadow</filename> 的完整性</para>
|
|
|
<indexterm zone="ch-system-shadow grpck">
|
|
|
<primary sortas="b-grpck">grpck</primary>
|
|
|
</indexterm>
|
|
|
@@ -367,8 +399,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="grpconv">
|
|
|
<term><command>grpconv</command></term>
|
|
|
<listitem>
|
|
|
- <para>Creates or updates the shadow group file from the normal
|
|
|
- group file</para>
|
|
|
+ <para>根据普通组文件创建或更新加密组文件</para>
|
|
|
<indexterm zone="ch-system-shadow grpconv">
|
|
|
<primary sortas="b-grpconv">grpconv</primary>
|
|
|
</indexterm>
|
|
|
@@ -378,8 +409,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="grpunconv">
|
|
|
<term><command>grpunconv</command></term>
|
|
|
<listitem>
|
|
|
- <para>Updates <filename>/etc/group</filename> from
|
|
|
- <filename>/etc/gshadow</filename> and then deletes the latter</para>
|
|
|
+ <para>根据 <filename>/etc/gshadow</filename> 文件更新
|
|
|
+ <filename>/etc/gshadow</filename> 文件,并删除前者</para>
|
|
|
<indexterm zone="ch-system-shadow grpunconv">
|
|
|
<primary sortas="b-grpunconv">grpunconv</primary>
|
|
|
</indexterm>
|
|
|
@@ -389,8 +420,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="lastlog">
|
|
|
<term><command>lastlog</command></term>
|
|
|
<listitem>
|
|
|
- <para>Reports the most recent login of all users or of a
|
|
|
- given user</para>
|
|
|
+ <para>报告所有用户或给定用户最后一次登录的信息</para>
|
|
|
<indexterm zone="ch-system-shadow lastlog">
|
|
|
<primary sortas="b-lastlog">lastlog</primary>
|
|
|
</indexterm>
|
|
|
@@ -400,7 +430,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="login">
|
|
|
<term><command>login</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used by the system to let users sign on</para>
|
|
|
+ <para>被系统用于允许用户登录</para>
|
|
|
<indexterm zone="ch-system-shadow login">
|
|
|
<primary sortas="b-login">login</primary>
|
|
|
</indexterm>
|
|
|
@@ -410,8 +440,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="logoutd">
|
|
|
<term><command>logoutd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is a daemon used to enforce restrictions on log-on time
|
|
|
- and ports</para>
|
|
|
+ <para>是一个限制登录时间和端口的守护进程</para>
|
|
|
<indexterm zone="ch-system-shadow logoutd">
|
|
|
<primary sortas="b-logoutd">logoutd</primary>
|
|
|
</indexterm>
|
|
|
@@ -421,7 +450,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="newgidmap">
|
|
|
<term><command>newgidmap</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to set the gid mapping of a user namespace</para>
|
|
|
+ <para>用于设定一个用户命名空间的 gid 映射</para>
|
|
|
<indexterm zone="ch-system-shadow newgidmap">
|
|
|
<primary sortas="b-newgidmap">newgidmap</primary>
|
|
|
</indexterm>
|
|
|
@@ -431,7 +460,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="newgrp">
|
|
|
<term><command>newgrp</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to change the current GID during a login session</para>
|
|
|
+ <para>用于在登录会话中修改当前 GID</para>
|
|
|
<indexterm zone="ch-system-shadow newgrp">
|
|
|
<primary sortas="b-newgrp">newgrp</primary>
|
|
|
</indexterm>
|
|
|
@@ -441,7 +470,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="newuidmap">
|
|
|
<term><command>newuidmap</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to set the uid mapping of a user namespace</para>
|
|
|
+ <para>用于设定用户命名空间的 uid 映射</para>
|
|
|
<indexterm zone="ch-system-shadow newuidmap">
|
|
|
<primary sortas="b-newuidmap">newuidmap</primary>
|
|
|
</indexterm>
|
|
|
@@ -451,8 +480,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="newusers">
|
|
|
<term><command>newusers</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to create or update an entire series of user
|
|
|
- accounts</para>
|
|
|
+ <para>用于批量创建或更新用户账户</para>
|
|
|
<indexterm zone="ch-system-shadow newusers">
|
|
|
<primary sortas="b-newusers">newusers</primary>
|
|
|
</indexterm>
|
|
|
@@ -462,9 +490,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="nologin">
|
|
|
<term><command>nologin</command></term>
|
|
|
<listitem>
|
|
|
- <para>Displays a message that an account is not available; it is designed
|
|
|
- to be used as the default shell for accounts that have been
|
|
|
- disabled</para>
|
|
|
+ <para>显示一条账户不可用的消息,
|
|
|
+ 它被设计为用来当作被禁用的账户的默认 shell</para>
|
|
|
<indexterm zone="ch-system-shadow nologin">
|
|
|
<primary sortas="b-nologin">nologin</primary>
|
|
|
</indexterm>
|
|
|
@@ -474,7 +501,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="passwd">
|
|
|
<term><command>passwd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to change the password for a user or group account</para>
|
|
|
+ <para>用于修改用户或组账户的密码</para>
|
|
|
<indexterm zone="ch-system-shadow passwd">
|
|
|
<primary sortas="b-passwd">passwd</primary>
|
|
|
</indexterm>
|
|
|
@@ -484,9 +511,9 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="pwck">
|
|
|
<term><command>pwck</command></term>
|
|
|
<listitem>
|
|
|
- <para>Verifies the integrity of the password files
|
|
|
- <filename>/etc/passwd</filename> and
|
|
|
- <filename>/etc/shadow</filename></para>
|
|
|
+ <para>检验密码文件
|
|
|
+ <filename>/etc/passwd</filename> 和
|
|
|
+ <filename>/etc/shadow</filename> 的完整性</para>
|
|
|
<indexterm zone="ch-system-shadow pwck">
|
|
|
<primary sortas="b-pwck">pwck</primary>
|
|
|
</indexterm>
|
|
|
@@ -496,8 +523,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="pwconv">
|
|
|
<term><command>pwconv</command></term>
|
|
|
<listitem>
|
|
|
- <para>Creates or updates the shadow password file from the normal
|
|
|
- password file</para>
|
|
|
+ <para>从普通密码文件创建或更新加密密码文件</para>
|
|
|
<indexterm zone="ch-system-shadow pwconv">
|
|
|
<primary sortas="b-pwconv">pwconv</primary>
|
|
|
</indexterm>
|
|
|
@@ -507,8 +533,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="pwunconv">
|
|
|
<term><command>pwunconv</command></term>
|
|
|
<listitem>
|
|
|
- <para>Updates <filename>/etc/passwd</filename> from
|
|
|
- <filename>/etc/shadow</filename> and then deletes the latter</para>
|
|
|
+ <para>根据 <filename>/etc/shadow</filename> 更新
|
|
|
+ <filename>/etc/shadow</filename> 并删除前者</para>
|
|
|
<indexterm zone="ch-system-shadow pwunconv">
|
|
|
<primary sortas="b-pwunconv">pwunconv</primary>
|
|
|
</indexterm>
|
|
|
@@ -518,8 +544,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="sg">
|
|
|
<term><command>sg</command></term>
|
|
|
<listitem>
|
|
|
- <para>Executes a given command while the user's GID
|
|
|
- is set to that of the given group</para>
|
|
|
+ <para>在用户 GID 设为给定组 ID 的情况下,执行给定命令</para>
|
|
|
<indexterm zone="ch-system-shadow sg">
|
|
|
<primary sortas="b-sg">sg</primary>
|
|
|
</indexterm>
|
|
|
@@ -529,7 +554,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="su">
|
|
|
<term><command>su</command></term>
|
|
|
<listitem>
|
|
|
- <para>Runs a shell with substitute user and group IDs</para>
|
|
|
+ <para>用替换的用户和组 ID 运行 shell</para>
|
|
|
<indexterm zone="ch-system-shadow su">
|
|
|
<primary sortas="b-su">su</primary>
|
|
|
</indexterm>
|
|
|
@@ -539,8 +564,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="useradd">
|
|
|
<term><command>useradd</command></term>
|
|
|
<listitem>
|
|
|
- <para>Creates a new user with the given name, or updates the default
|
|
|
- new-user information</para>
|
|
|
+ <para>以指定名称创建新用户,或更新新用户默认信息</para>
|
|
|
<indexterm zone="ch-system-shadow useradd">
|
|
|
<primary sortas="b-useradd">useradd</primary>
|
|
|
</indexterm>
|
|
|
@@ -550,7 +574,7 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="userdel">
|
|
|
<term><command>userdel</command></term>
|
|
|
<listitem>
|
|
|
- <para>Deletes the given user account</para>
|
|
|
+ <para>删除给定用户</para>
|
|
|
<indexterm zone="ch-system-shadow userdel">
|
|
|
<primary sortas="b-userdel">userdel</primary>
|
|
|
</indexterm>
|
|
|
@@ -560,8 +584,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="usermod">
|
|
|
<term><command>usermod</command></term>
|
|
|
<listitem>
|
|
|
- <para>Is used to modify the given user's login name, User
|
|
|
- Identification (UID), shell, initial group, home directory, etc.</para>
|
|
|
+ <para>修改给定用户的登录名称、用户 ID、shell、初始组、
|
|
|
+ home 目录等信息</para>
|
|
|
<indexterm zone="ch-system-shadow usermod">
|
|
|
<primary sortas="b-usermod">usermod</primary>
|
|
|
</indexterm>
|
|
|
@@ -571,8 +595,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="vigr">
|
|
|
<term><command>vigr</command></term>
|
|
|
<listitem>
|
|
|
- <para>Edits the <filename>/etc/group</filename> or
|
|
|
- <filename>/etc/gshadow</filename> files</para>
|
|
|
+ <para>编辑 <filename>/etc/group</filename> 或
|
|
|
+ <filename>/etc/gshadow</filename> 文件</para>
|
|
|
<indexterm zone="ch-system-shadow vigr">
|
|
|
<primary sortas="b-vigr">vigr</primary>
|
|
|
</indexterm>
|
|
|
@@ -582,8 +606,8 @@ ln -sfv ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen> -->
|
|
|
<varlistentry id="vipw">
|
|
|
<term><command>vipw</command></term>
|
|
|
<listitem>
|
|
|
- <para>Edits the <filename>/etc/passwd</filename> or
|
|
|
- <filename>/etc/shadow</filename> files</para>
|
|
|
+ <para>编辑 <filename>/etc/passwd</filename> 或
|
|
|
+ <filename>/etc/shadow</filename> 文件</para>
|
|
|
<indexterm zone="ch-system-shadow vipw">
|
|
|
<primary sortas="b-vipw">vipw</primary>
|
|
|
</indexterm>
|
Xi Ruoyao