.rn '' }` ''' $RCSfile$$Revision$$Date$ ''' ''' $Log$ ''' Revision 1.1.2.1 2006/02/18 16:51:34 stsp2 ''' adding uClinux-dist CVS snapshot from 2005-10-14 ''' ''' .de Sh .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp .if t .sp .5v .if n .sp .. .de Ip .br .ie \\n(.$>=3 .ne \\$3 .el .ne 3 .IP "\\$1" \\$2 .. .de Vb .ft CW .nf .ne \\$1 .. .de Ve .ft R .fi .. ''' ''' ''' Set up \*(-- to give an unbreakable dash; ''' string Tr holds user defined translation string. ''' Bell System Logo is used as a dummy character. ''' .tr \(*W-|\(bv\*(Tr .ie n \{\ .ds -- \(*W- .ds PI pi .if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch .if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch .ds L" "" .ds R" "" ''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of ''' \*(L" and \*(R", except that they are used on ".xx" lines, ''' such as .IP and .SH, which do another additional levels of ''' double-quote interpretation .ds M" """ .ds S" """ .ds N" """"" .ds T" """"" .ds L' ' .ds R' ' .ds M' ' .ds S' ' .ds N' ' .ds T' ' 'br\} .el\{\ .ds -- \(em\| .tr \*(Tr .ds L" `` .ds R" '' .ds M" `` .ds S" '' .ds N" `` .ds T" '' .ds L' ` .ds R' ' .ds M' ` .ds S' ' .ds N' ` .ds T' ' .ds PI \(*p 'br\} .\" If the F register is turned on, we'll generate .\" index entries out stderr for the following things: .\" TH Title .\" SH Header .\" Sh Subsection .\" Ip Item .\" X<> Xref (embedded .\" Of course, you have to process the output yourself .\" in some meaninful fashion. .if \nF \{ .de IX .tm Index:\\$1\t\\n%\t"\\$2" .. .nr % 0 .rr F .\} .TH TINYLOGIN 1 "version 0.80" "26/Dec/2000" "TinyLogin" .UC .if n .hy 0 .if n .na .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .de CQ \" put $1 in typewriter font .ft CW 'if n "\c 'if t \\&\\$1\c 'if n \\&\\$1\c 'if n \&" \\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7 '.ft R .. .\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2 . \" AM - accent mark definitions .bd B 3 . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds ? ? . ds ! ! . ds / . ds q .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10' . ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' . ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#] .ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u' .ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u' .ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#] .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E .ds oe o\h'-(\w'o'u*4/10)'e .ds Oe O\h'-(\w'O'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds v \h'-1'\o'\(aa\(ga' . ds _ \h'-1'^ . ds . \h'-1'. . ds 3 3 . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE . ds oe oe . ds Oe OE .\} .rm #[ #] #H #V #F C .SH "NAME" tinylogin \- a multi-call binary for login and user account administration .SH "SYNOPSIS" .PP .Vb 1 \& tinylogin [arguments...] # or .Ve .Vb 1 \& [arguments...] # if symlinked .Ve .SH "DESCRIPTION" TinyLogin is a suite of tiny Unix utilities for handling logging into, being authenticated by, changing one's password for, and otherwise maintaining users and groups on an embedded system. It also provides shadow password support to enhance system security. TinyLogin is, as the name implies, very small, and makes an excellent complement to BusyBox on an embedded System. It can be used without BusyBox, of course, but I envision them being used together most of the time. .PP Why is something like TinyLogin useful? .PP .Vb 9 \& [andersen@slag]$ du -ch `which addgroup adduser delgroup deluser getty login passwd su sulogin` \& 0 /usr/sbin/addgroup \& 24k /usr/sbin/adduser \& 16k /sbin/getty \& 36k /bin/login \& 28k /usr/bin/passwd \& 24k /bin/su \& 12k /sbin/sulogin \& 140k total .Ve .Vb 2 \& [andersen@slag]$ ls -sh ./tinylogin \& 40k ./tinylogin* .Ve `nuff said. .PP TinyLogin is a curious blend of code from a whole bunch of folks. It was originally cobbled together by Sean Bastille based in part on the May of 1998 version of the shadow utilities, which can be downloaded from: ftp://ftp.ists.pwr.wroc.pl/pub/linux/shadow/ The build system, and the way in which TinyLogin invokes its component applications has been totally rewritten, based on the build system used for BusyBox. The code has also been majorly reworked to make it more internally consistent, to make it use fewer global variables, etc, by Erik Andersen. .PP TinyLogin may be used and distributed under the terms of GNU General Public License, with the addition of the special terms enumerated below by the shadow utilities license (a BSD style license which allows me to make future releases under the GPL). .Sh "\s-1HACKING\s0" TinyLogin, like BusyBox, is now modularized to easily allow you to build only the components you need, thereby reducing binary size. To turn off unwanted TinyLogin components, simply edit the file tinylogin.def.h and comment out the parts you do not want using \*(C+ style (//) comments. .PP After the build is complete a tinylogin.links file is generated which is then used by \*(L'make install\*(R' to create symlinks to the tinylogin binary for all compiled in functions. By default, \*(L'make install\*(R' will place a symlink forest into `pwd`/_install unless you have defined the \s-1PREFIX\s0 environment variable. .SH "MAKING IT WORK" I often get email from people wondering why tinylogin doesn't work. It is almost always the case that they compiled with \*(L"USE_SYSTEM_PWD_GRP = true\*(R" in the Makefile, and they are using GNU Libc, and have either failed to install /etc/nsswitch.conf, have badly configured their /etc/nsswitch.conf file, or have a properly configured /etc/nsswitch.conf file but have not installed the libraries the GNU Libc is looking for (which is determined based on the contents of the /etc/nsswitch.conf file). To avoid these problems, I recommend that unless you have a very good reason, you should always leave the Makefile's \*(L"USE_SYSTEM_PWD_GRP = false\*(R" setting in place. This will cause tinylogin to directly use the system's password and group files. This way, you do not need to worry about GNU Libc's NSS at all (thereby making your embedded system even smaller). If you absolutely must use GNU libc NSS for authentication you must include something such as the following in your embedded systems\*(R' /etc/nsswitch.conf file: .PP .Vb 6 \& # /etc/nsswitch.conf \& # Note that if you are doing networking, \& # other entries will also be needed. \& passwd: compat \& group: compat \& shadow: compat .Ve Furthermore, you will also need to include the library /lib/libnss_compat so that GNU Libc can find it when it is needed (it is dynamicaly loaded, so \*(L'ldd\*(R' won't tell you that you need it -- which is why I've devoted this entire section of the manual to tell you you need it). If you want to do something more complicated, such as authenticating vs a remote LDAP database, well tinylogin can work just fine with that type of setup using GNU libc NSS, but setting it up is your problem, not mine. .SH "COMMANDS" Currently defined functions include: .PP adduser, addgroup, deluser, delgroup, login, su, sulogin, passwd, getty .Ip "\(bu adduser" 4 Add a user to the system .Sp Usage: adduser [\s-1OPTIONS\s0]... <\s-1USER\s0> .Sp Options: .Sp .Vb 3 \& -h specify home directory \& -s specify shell \& -g specify GECOS string .Ve Default values are as follows: .Sp .Vb 3 \& HOME=/home/$USER \& SHELL=/bin/sh \& GECOS="Embedix,,," .Ve Description: .Sp This utility adds a user to /etc/passwd and /etc/group. If shadow is enabled /etc/shadow and /etc/gshadow are also updated w/ appropriate information. The group name is set to the same value as the user name. To set the initial password, adduser executes passwd which presents an interactive prompt. This makes adduser inappropriate for batch account creation. .Sp Normally, something like adduser is implemented in a scripting language, but this one was implemented in C. The rationale for this was that in a small system, one might not have space for certain Unix shell utilities that are normally taken for granted or that one might not have space for even a minimal perl installation. Such limitations could make making a robust adduser implementation difficult, so the only viable option left was to do it in C. .Sp When implementing adduser, the semantics of Debian's adduser perl script were used as a reference, so those of you familiar with that should notice similarities. .Ip "\(bu addgroup" 4 Add a group to the system .Sp Usage: addgroup [\s-1OPTIONS\s0]... <\s-1GROUP\s0> .Sp Options: .Sp .Vb 1 \& -g specify gid .Ve Description: .Sp This utility adds a group to /etc/group and if necessary, /etc/gshadow as well. If the \s-1GID\s0 is not specified, addgroup will try to find the next available gid within the range of [100..64000]. .Ip "\(bu deluser" 4 Delete a user from the system .Sp Usage: deluser <\s-1USER\s0> .Sp Description: .Sp This utility only takes one parameter which is the user name. It will search /etc/passwd and delete the user's account if it exists. .Sp \fB\s-1NOTE\s0\fR: Although adduser adds both users and groups, deluser only deletes users. .Ip "\(bu delgroup" 4 Delete a group from the system .Sp Usage: delgroup <\s-1USER\s0> .Sp Description: .Sp This utility only takes one parameter which is the group name. It will search /etc/passwd and delete the group if it exists. .Sp \fB\s-1NOTE\s0\fR: Although adduser adds both users and groups, delgroup only deletes groups. .Ip "\(bu login" 4 Begin session on the system .Sp Usage: login .Ip "\(bu su" 4 Change uid or become root .Sp Note that for su to work, the tinylogin binary must be setuid root. .Ip "\(bu sulogin" 4 Single-user login .Ip "\(bu passwd" 4 Change user password .Ip "\(bu getty" 4 Opens a tty and invokes /bin/login .SH "SEE ALSO" \fIbusybox\fR\|(1), \fIpam\fR\|(8) .SH "AUTHORS" Erik Andersen .PP Sean Bastille .PP John Beppu .PP Julianne Frances Haugh .rn }` '' .IX Title "TINYLOGIN 1" .IX Name "tinylogin - a multi-call binary for login and user account administration" .IX Header "NAME" .IX Header "SYNOPSIS" .IX Header "DESCRIPTION" .IX Subsection "\s-1HACKING\s0" .IX Header "MAKING IT WORK" .IX Header "COMMANDS" .IX Item "\(bu adduser" .IX Item "\(bu addgroup" .IX Item "\(bu deluser" .IX Item "\(bu delgroup" .IX Item "\(bu login" .IX Item "\(bu su" .IX Item "\(bu sulogin" .IX Item "\(bu passwd" .IX Item "\(bu getty" .IX Header "SEE ALSO" .IX Header "AUTHORS"