Provided by: chiark-scripts_4.0.0_all bug

NAME

       sync-accounts - synchronise accounts and passwords

SYNOPSIS

       sync-accounts [options] [source ...]

DESCRIPTION

       sync-accounts  is a tool for copying account information into the local
       system’s password  and  group  databases,  or  equivalent,  from  other
       systems.   It  can be used to slave individual accounts, whole systems,
       or various partial combinations.

       By default, when invoked, sync-accounts reads is configuration file and
       updates  all of the local details it is configured to synchronise, from
       all relevant sources.

       If one or more  sources  are  named  as  command-line  arguments,  only
       information from those sources is installed locally.

       See  sync-accounts(5)  for  detailed  information about sync-accounts’s
       behaviour and configuration.

OPTIONS

       -Cconfig-file
              Reads config-file instead of /etc/sync-accounts.

       -q     Instead of updating local information, sync-accounts displays  a
              summary  of  which  accounts  are  synchronised or not, and from
              where.

       -n     Causes sync-accounts not to actually install the new information
              in  the  local  password  and group databases.  Instead, updated
              versions are written to  the  files  passwd  and  group  in  the
              current directory.  With -n new accounts are not created at all.
              The system databases are not locked.

SECURITY

       sync-accounts is not resistant to malicious data in the local  password
       and  group  databases,  or  its  configuration  file  or  command  line
       arguments.

       Malicious data in source information will not be able to  take  control
       of  sync-accounts,  but  will be copied to the local databases if sync-
       accounts is configured to do so.

       To update the local databases, sync-accounts must be run as root.   For
       -q  and  -n  sync-accounts still needs to be able to successfuly invoke
       the commands specified in the configuration for getpasswd and getgroup.

EXIT STATUS

       0      All went well and there were no warnings.

       any other
              There  were  problems.   The local databases may or may not have
              been updated.

FILES

       /etc/sync-accounts
              Default configuration file.  (Override with -C.)

       sync-accounts-createuser
              Default command invoked by sync-accounts to create local  users.

       /home  Default location for created users’ home directories.

       /bin/sh
              Default shell for created users.

       /etc/passwd, /etc/group, /etc/shadow, /etc/master.passwd
              Local account databases, depending on configuration.

       /etc/shadow-non-existent
              Must not exist.

ENVIRONMENT

       EDITOR, VISUAL
              Manipulated  by  sync-ccounts  when  it is reinvoking itself via
              vipw or  vigr,  according  to  lockpasswd  runvia  or  lockgroup
              runvia.

       SYNC_ACCOUNTS_*
              Used  by  sync-accounts  for its own purposes.  Do not set these
              variables.

       Setting variables used  by  vipw(8)  and  vigr(8),  apart  from  EDITOR
       and/orVISUAL will affect the operation of sync-accounts.  Avoid messing
       with these if possible.

       PATH is used to find subprograms such as  sync-accounts-createuser  and
       vipw/vigr.

BUGS

       Using  sync-accounts  does  not give particularly prompt propagation of
       changed account information.

       There is no  simple  mechanism  for  automatically  getting  the  right
       configuration  details  for  accessing  the local system’s password and
       group databases.

       All the systems sharing account information using sync-accounts need to
       be using compatible encrypted-password schemes.

AUTHOR

       sync-accounts  and  this  manpage are part of the sync-accounts package
       which was written by Ian  Jackson  <ian@chiark.greenend.org.uk>.   They
       are         Copyright         1999-2000,2002         Ian        Jackson
       <ian@davenant.greenend.org.uk>,   and   Copyright   2000-2001   nCipher
       Corporation Ltd.

       The  sync-accounts  package  is  free software; you can redistribute it
       and/or modify it under the terms of the GNU General Public  License  as
       published  by  the  Free  Software Foundation; either version 2, or (at
       your option) any later version.

       This is distributed in the hope that it will be useful, but WITHOUT ANY
       WARRANTY;  without  even  the  implied  warranty  of MERCHANTABILITY or
       FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General  Public  License
       for more details.

       You should have received a copy of the GNU General Public License along
       with this program; if not, write to the Free Software Foundation, Inc.,
       59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

SEE ALSO

       sync-accounts(5),     grab-account(8),     sync-accounts-createuser(8),
       passwd(5), group(5), shadow(5), master.passwd(5), vipw(8), vigr(8)