Provided by: chiark-scripts_7.0.0build2_all bug

NAME
       sync-accounts - synchronise accounts and passwords


SYNOPSIS
       sync-accounts [options] [source ...]


DESCRIPTION
       sync-accounts  is  a  tool  for  copying  account  information into the local system's password and group
       databases, or equivalent, from other systems.  It  can  be  used  to  slave  individual  accounts,  whole
       systems, or various partial combinations.

       By  default, when invoked, sync-accounts reads is configuration file and updates all of the local details
       it is configured to synchronise, from all relevant sources.

       If one or more sources are named as command-line  arguments,  only  information  from  those  sources  is
       installed locally.

       See sync-accounts(5) for detailed information about sync-accounts's behaviour and configuration.


OPTIONS
       -Cconfig-file
              Reads config-file instead of /etc/sync-accounts.

       -q     Instead  of  updating  local  information,  sync-accounts displays a summary of which accounts are
              synchronised or not, and from where.

       -n     Causes sync-accounts not to actually install the new information in the local password  and  group
              databases.   Instead,  updated  versions  are written to the files passwd and group in the current
              directory.  With -n new accounts are not created at all.  The system databases are not locked.


SECURITY
       sync-accounts is not resistant to malicious data in the  local  password  and  group  databases,  or  its
       configuration file or command line arguments.

       Malicious  data  in  source  information  will  not be able to take control of sync-accounts, but will be
       copied to the local databases if sync-accounts is configured to do so.

       To update the local databases, sync-accounts must be run as root.  For  -q  and  -n  sync-accounts  still
       needs  to  be  able  to  successfuly invoke the commands specified in the configuration for getpasswd and
       getgroup.


EXIT STATUS
       0      All went well and there were no warnings.

       any other
              There were problems.  The local databases may or may not have been updated.


FILES
       /etc/sync-accounts
              Default configuration file.  (Override with -C.)

       sync-accounts-createuser
              Default command invoked by sync-accounts to create local users.

       /home  Default location for created users' home directories.

       /bin/sh
              Default shell for created users.

       /etc/passwd, /etc/group, /etc/shadow, /etc/master.passwd
              Local account databases, depending on configuration.

       /etc/shadow-non-existent
              Must not exist.


ENVIRONMENT
       EDITOR, VISUAL
              Manipulated by sync-ccounts when it is reinvoking itself via vipw or vigr, according to lockpasswd
              runvia or lockgroup runvia.

       SYNC_ACCOUNTS_*
              Used by sync-accounts for its own purposes.  Do not set these variables.

       Setting variables used by vipw(8) and vigr(8), apart from EDITOR and/orVISUAL will affect  the  operation
       of sync-accounts.  Avoid messing with these if possible.

       PATH is used to find subprograms such as sync-accounts-createuser and vipw/vigr.


BUGS
       Using sync-accounts does not give particularly prompt propagation of changed account information.

       There  is no simple mechanism for automatically getting the right configuration details for accessing the
       local system's password and group databases.

       All the systems sharing account information using sync-accounts need to be  using  compatible  encrypted-
       password schemes.


AUTHOR
       sync-accounts  and  this  manpage  are part of the sync-accounts package which was written by Ian Jackson
       <ian@chiark.greenend.org.uk>.      They      are      Copyright      1999-2000,2002      Ian      Jackson
       <ian@davenant.greenend.org.uk>, and Copyright 2000-2001 nCipher Corporation Ltd.

       The  sync-accounts  package is free software; you can redistribute it and/or modify it under the terms of
       the GNU General Public License as published by the Free Software Foundation; either  version  3,  or  (at
       your option) any later version.

       This  is  distributed  in  the  hope  that  it will be useful, but WITHOUT ANY WARRANTY; without even the
       implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.   See  the  GNU  General  Public
       License for more details.

       You  should  have  received  a  copy  of  the GNU General Public License along with this program; if not,
       consult the Free Software Foundation's website at www.fsf.org, or the GNU Project website at www.gnu.org.


SEE ALSO
       sync-accounts(5),   grab-account(8),   sync-accounts-createuser(8),   passwd(5),   group(5),   shadow(5),
       master.passwd(5), vipw(8), vigr(8)

Greenend                                         14th July 2002                                 SYNC-ACCOUNTS(8)