'\" t .\" Title: grpck .\" Author: Julianne Frances Haugh .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 05/17/2017 .\" Manual: System Management Commands .\" Source: shadow-utils 4.4 .\" Language: English .\" .TH "GRPCK" "8" "05/17/2017" "shadow\-utils 4\&.4" "System Management Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" grpck \- verify integrity of group files .SH "SYNOPSIS" .HP \w'\fBgrpck\fR\ 'u \fBgrpck\fR [options] [\fIgroup\fR\ [\ \fIshadow\fR\ ]] .SH "DESCRIPTION" .PP The \fBgrpck\fR command verifies the integrity of the groups information\&. It checks that all entries in /etc/group and /etc/gshadow have the proper format and contain valid data\&. The user is prompted to delete entries that are improperly formatted or which have other uncorrectable errors\&. .PP Checks are made to verify that each entry has: .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} the correct number of fields .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} a unique and valid group name .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} a valid group identifier (/etc/group only) .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} a valid list of members and administrators .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} a corresponding entry in the /etc/gshadow file (respectively /etc/group for the gshadow checks) .RE .PP The checks for correct number of fields and unique group name are fatal\&. If an entry has the wrong number of fields, the user will be prompted to delete the entire line\&. If the user does not answer affirmatively, all further checks are bypassed\&. An entry with a duplicated group name is prompted for deletion, but the remaining checks will still be made\&. All other errors are warnings and the user is encouraged to run the \fBgroupmod\fR command to correct the error\&. .PP The commands which operate on the /etc/group and /etc/gshadow files are not able to alter corrupted or duplicated entries\&. \fBgrpck\fR should be used in those circumstances to remove the offending entries\&. .SH "OPTIONS" .PP The \fB\-r\fR and \fB\-s\fR options cannot be combined\&. .PP The options which apply to the \fBgrpck\fR command are: .PP \fB\-h\fR, \fB\-\-help\fR .RS 4 Display help message and exit\&. .RE .PP \fB\-r\fR, \fB\-\-read\-only\fR .RS 4 Execute the \fBgrpck\fR command in read\-only mode\&. This causes all questions regarding changes to be answered \fIno\fR without user intervention\&. .RE .PP \fB\-R\fR, \fB\-\-root\fR\ \&\fICHROOT_DIR\fR .RS 4 Apply changes in the \fICHROOT_DIR\fR directory and use the configuration files from the \fICHROOT_DIR\fR directory\&. .RE .PP \fB\-s\fR, \fB\-\-sort\fR .RS 4 Sort entries in /etc/group and /etc/gshadow by GID\&. .RE .PP By default, \fBgrpck\fR operates on /etc/group and /etc/gshadow\&. The user may select alternate files with the \fIgroup\fR and \fIshadow\fR parameters\&. .SH "CONFIGURATION" .PP The following configuration variables in /etc/login\&.defs change the behavior of this tool: .PP \fBMAX_MEMBERS_PER_GROUP\fR (number) .RS 4 Maximum members per group entry\&. When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name, same password, and same GID)\&. .sp The default value is 0, meaning that there are no limits in the number of members in a group\&. .sp This feature (split group) permits to limit the length of lines in the group file\&. This is useful to make sure that lines for NIS groups are not larger than 1024 characters\&. .sp If you need to enforce such limit, you can use 25\&. .sp Note: split groups may not be supported by all tools (even in the Shadow toolsuite)\&. You should not use this variable unless you really need it\&. .RE .SH "FILES" .PP /etc/group .RS 4 Group account information\&. .RE .PP /etc/gshadow .RS 4 Secure group account information\&. .RE .PP /etc/passwd .RS 4 User account information\&. .RE .SH "EXIT VALUES" .PP The \fBgrpck\fR command exits with the following values: .PP \fI0\fR .RS 4 success .RE .PP \fI1\fR .RS 4 invalid command syntax .RE .PP \fI2\fR .RS 4 one or more bad group entries .RE .PP \fI3\fR .RS 4 can\*(Aqt open group files .RE .PP \fI4\fR .RS 4 can\*(Aqt lock group files .RE .PP \fI5\fR .RS 4 can\*(Aqt update group files .RE .SH "SEE ALSO" .PP \fBgroup\fR(5), \fBgroupmod\fR(8), \fBgshadow\fR(5), \fBpasswd\fR(5), \fBpwck\fR(8), \fBshadow\fR(5)\&.