summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2006-06-28 07:22:40 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2006-06-28 07:22:40 +0000
commit62101bd49ce2f8b797d361c87762853c56d2481a (patch)
tree2a615da258847840fda55fb761714db4fd5ba83f
parent421783d65ea2b7d80923378b8ef3c566ca63583c (diff)
Relevant BUGIDs:
Purpose of commit: new feature/big release cleanup Commit summary: --------------- Big cleanup to get 0.99.5.0 release done: 2006-06-28 Thorsten Kukuk <kukuk@thkukuk.de> * bump version number to 0.99.5.0 * modules/pam_rhosts/pam_rhosts.c: New module, replaces pam_rhosts_auth.so. * modules/pam_rhosts/pam_rhosts.8.xml: New. * modules/pam_rhosts/pam_rhosts.8: New, generated from XML source. * modules/pam_rhosts/tst-pam_rhosts: New. * modules/pam_rhosts/Makefile.am: Add pam_rhosts, generate manual page and README. * modules/pam_rhosts/README.xml: New. * modules/pam_rhosts/reADME: Regenerated from XML source. * doc/man/pam_sm_acct_mgmt.3.xml: Adjust syntax for module writers guide. * doc/man/pam_sm_authenticate.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * doc/man/pam_sm_close_session.3.xml: Likewise. * doc/man/pam_sm_open_session.3.xml: Likewise. * doc/man/pam_sm_setcred.3.xml: Likewise. * po/POTFILES.in: Add new source files. * libpam/pam_static_modules.h: Add new modules. * modules/pam_keyinit.c: Add _pam_keyinit_modstruct.
-rw-r--r--ChangeLog32
-rw-r--r--NEWS7
-rw-r--r--configure.in2
-rw-r--r--doc/man/PAM.84
-rw-r--r--doc/man/misc_conv.34
-rw-r--r--doc/man/pam.34
-rw-r--r--doc/man/pam.conf.54
-rw-r--r--doc/man/pam_acct_mgmt.34
-rw-r--r--doc/man/pam_authenticate.34
-rw-r--r--doc/man/pam_chauthtok.34
-rw-r--r--doc/man/pam_close_session.34
-rw-r--r--doc/man/pam_conv.34
-rw-r--r--doc/man/pam_end.34
-rw-r--r--doc/man/pam_error.34
-rw-r--r--doc/man/pam_fail_delay.34
-rw-r--r--doc/man/pam_get_data.34
-rw-r--r--doc/man/pam_get_item.34
-rw-r--r--doc/man/pam_get_user.34
-rw-r--r--doc/man/pam_getenv.34
-rw-r--r--doc/man/pam_getenvlist.34
-rw-r--r--doc/man/pam_info.34
-rw-r--r--doc/man/pam_misc_drop_env.34
-rw-r--r--doc/man/pam_misc_paste_env.34
-rw-r--r--doc/man/pam_misc_setenv.34
-rw-r--r--doc/man/pam_open_session.34
-rw-r--r--doc/man/pam_prompt.34
-rw-r--r--doc/man/pam_putenv.34
-rw-r--r--doc/man/pam_set_data.34
-rw-r--r--doc/man/pam_set_item.34
-rw-r--r--doc/man/pam_setcred.34
-rw-r--r--doc/man/pam_sm_acct_mgmt.34
-rw-r--r--doc/man/pam_sm_acct_mgmt.3.xml4
-rw-r--r--doc/man/pam_sm_authenticate.34
-rw-r--r--doc/man/pam_sm_authenticate.3.xml4
-rw-r--r--doc/man/pam_sm_chauthtok.36
-rw-r--r--doc/man/pam_sm_chauthtok.3.xml6
-rw-r--r--doc/man/pam_sm_close_session.36
-rw-r--r--doc/man/pam_sm_close_session.3.xml6
-rw-r--r--doc/man/pam_sm_open_session.36
-rw-r--r--doc/man/pam_sm_open_session.3.xml6
-rw-r--r--doc/man/pam_sm_setcred.34
-rw-r--r--doc/man/pam_sm_setcred.3.xml4
-rw-r--r--doc/man/pam_start.34
-rw-r--r--doc/man/pam_strerror.34
-rw-r--r--doc/man/pam_syslog.34
-rw-r--r--libpam/pam_static_modules.h10
-rw-r--r--modules/pam_debug/pam_debug.84
-rw-r--r--modules/pam_keyinit/.cvsignore6
-rw-r--r--modules/pam_keyinit/pam_keyinit.c16
-rw-r--r--modules/pam_namespace/.cvsignore6
-rw-r--r--modules/pam_namespace/Makefile.am3
-rw-r--r--modules/pam_namespace/README93
-rw-r--r--modules/pam_namespace/README.xml139
-rw-r--r--modules/pam_namespace/pam_namespace.8161
-rw-r--r--modules/pam_rhosts/Makefile.am17
-rw-r--r--modules/pam_rhosts/README81
-rw-r--r--modules/pam_rhosts/README.xml41
-rw-r--r--modules/pam_rhosts/pam_rhosts.898
-rw-r--r--modules/pam_rhosts/pam_rhosts.8.xml171
-rw-r--r--modules/pam_rhosts/pam_rhosts.c155
-rwxr-xr-xmodules/pam_rhosts/tst-pam_rhosts2
-rwxr-xr-xmodules/pam_rhosts/tst-pam_rhosts_auth2
-rw-r--r--modules/pam_rootok/pam_rootok.84
-rw-r--r--po/POTFILES.in29
64 files changed, 966 insertions, 293 deletions
diff --git a/ChangeLog b/ChangeLog
index 06c822f5..fcd6ee72 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,31 @@
+2006-06-28 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * bump version number to 0.99.5.0
+
+ * modules/pam_rhosts/pam_rhosts.c: New module, replaces
+ pam_rhosts_auth.so.
+ * modules/pam_rhosts/pam_rhosts.8.xml: New.
+ * modules/pam_rhosts/pam_rhosts.8: New, generated from XML source.
+ * modules/pam_rhosts/tst-pam_rhosts: New.
+ * modules/pam_rhosts/Makefile.am: Add pam_rhosts, generate
+ manual page and README.
+ * modules/pam_rhosts/README.xml: New.
+ * modules/pam_rhosts/reADME: Regenerated from XML source.
+
+ * doc/man/pam_sm_acct_mgmt.3.xml: Adjust syntax for module
+ writers guide.
+ * doc/man/pam_sm_authenticate.3.xml: Likewise.
+ * doc/man/pam_sm_chauthtok.3.xml: Likewise.
+ * doc/man/pam_sm_close_session.3.xml: Likewise.
+ * doc/man/pam_sm_open_session.3.xml: Likewise.
+ * doc/man/pam_sm_setcred.3.xml: Likewise.
+
+ * po/POTFILES.in: Add new source files.
+
+ * libpam/pam_static_modules.h: Add new modules.
+
+ * modules/pam_keyinit.c: Add _pam_keyinit_modstruct.
+
2006-06-27 Thorsten Kukuk <kukuk@thkukuk.de>
* configure.in: Allow disabling of SELinux support, check for
@@ -17,7 +45,7 @@
* modules/pam_namespace/namespace.init: New.
* modules/pam_namespace/pam_namespace.8: New.
* modules/pam_namespace/pam_namespace.8.xml: New.
- * modules/pam_namespace/tst-pam_keyinit: New.
+ * modules/pam_namespace/tst-pam_namespace: New.
* modules/Makefile.am: Added pam_namespace.
* configure.in: Added pam_namespace, test for unshare
library call.
@@ -30,7 +58,7 @@
* modules/pam_keyinit/README: New.
* modules/pam_keyinit/README.xml: New.
* modules/pam_keyinit/Makefile.am: New.
- * modules/pam_keyinit/tst_pam_keyinit: New.
+ * modules/pam_keyinit/tst-pam_keyinit: New.
* modules/Makefile.am: Added pam_keyinit.
* configure.in: Added test for the key mgmt syscall.
diff --git a/NEWS b/NEWS
index d36e7c6b..6c193f78 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
Linux-PAM NEWS -- history of user-visible changes.
+Release 0.99.5.0
+
* pam_tally: Fix support for large UIDs
* Fixed all problems found by Coverity
* Add support for Intel C Compiler
@@ -10,6 +12,11 @@ Linux-PAM NEWS -- history of user-visible changes.
pam_rootok, pam_securetty, pam_shells, pam_userdb, pam_warn,
pam_time, pam_limits, pam_debug, pam_tally
* The libpam memory debug code was removed
+* pam_keyinit: New module to initialise kernel session keyring.
+* pam_namespace: New module to configure private namespace for a session.
+* pam_rhosts: New module which replaces pam_rhosts_auth, now IPv6 capable.
+* pam_rhosts_auth: This module is now deprecated.
+
Release 0.99.4.0
diff --git a/configure.in b/configure.in
index c21f6295..1ed71f66 100644
--- a/configure.in
+++ b/configure.in
@@ -1,6 +1,6 @@
dnl Process this file with autoconf to produce a configure script.
AC_INIT(conf/pam_conv1/pam_conv.y)
-AM_INIT_AUTOMAKE("Linux-PAM", 0.99.4.0)
+AM_INIT_AUTOMAKE("Linux-PAM", 0.99.5.0)
AM_CONFIG_HEADER(config.h)
AC_CANONICAL_HOST
diff --git a/doc/man/PAM.8 b/doc/man/PAM.8
index c399bab2..112ea7d7 100644
--- a/doc/man/PAM.8
+++ b/doc/man/PAM.8
@@ -1,11 +1,11 @@
.\" Title: pam
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/23/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM" "8" "06/23/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/misc_conv.3 b/doc/man/misc_conv.3
index 37bb6328..bb8cbd87 100644
--- a/doc/man/misc_conv.3
+++ b/doc/man/misc_conv.3
@@ -1,11 +1,11 @@
.\" Title: misc_conv
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "MISC_CONV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "MISC_CONV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam.3 b/doc/man/pam.3
index ada58362..235daff7 100644
--- a/doc/man/pam.3
+++ b/doc/man/pam.3
@@ -1,11 +1,11 @@
.\" Title: pam
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam.conf.5 b/doc/man/pam.conf.5
index 11f8737d..2ea40185 100644
--- a/doc/man/pam.conf.5
+++ b/doc/man/pam.conf.5
@@ -1,11 +1,11 @@
.\" Title: pam.conf
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/21/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM.CONF" "5" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_acct_mgmt.3 b/doc/man/pam_acct_mgmt.3
index 096ed75a..352df7d1 100644
--- a/doc/man/pam_acct_mgmt.3
+++ b/doc/man/pam_acct_mgmt.3
@@ -1,11 +1,11 @@
.\" Title: pam_acct_mgmt
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_ACCT_MGMT" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_ACCT_MGMT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_authenticate.3 b/doc/man/pam_authenticate.3
index af86c73a..576a7a2c 100644
--- a/doc/man/pam_authenticate.3
+++ b/doc/man/pam_authenticate.3
@@ -1,11 +1,11 @@
.\" Title: pam_authenticate
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_AUTHENTICATE" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_AUTHENTICATE" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_chauthtok.3 b/doc/man/pam_chauthtok.3
index dbf96906..16c673b5 100644
--- a/doc/man/pam_chauthtok.3
+++ b/doc/man/pam_chauthtok.3
@@ -1,11 +1,11 @@
.\" Title: pam_chauthtok
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_CHAUTHTOK" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_CHAUTHTOK" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_close_session.3 b/doc/man/pam_close_session.3
index d48ed570..622c10e9 100644
--- a/doc/man/pam_close_session.3
+++ b/doc/man/pam_close_session.3
@@ -1,11 +1,11 @@
.\" Title: pam_close_session
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_CLOSE_SESSION" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_CLOSE_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_conv.3 b/doc/man/pam_conv.3
index 6ab2a67d..34b61fb3 100644
--- a/doc/man/pam_conv.3
+++ b/doc/man/pam_conv.3
@@ -1,11 +1,11 @@
.\" Title: pam_conv
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_CONV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_CONV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_end.3 b/doc/man/pam_end.3
index 383f8918..27cf95d2 100644
--- a/doc/man/pam_end.3
+++ b/doc/man/pam_end.3
@@ -1,11 +1,11 @@
.\" Title: pam_end
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_END" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_END" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_error.3 b/doc/man/pam_error.3
index 44946b8f..f295f98b 100644
--- a/doc/man/pam_error.3
+++ b/doc/man/pam_error.3
@@ -1,11 +1,11 @@
.\" Title: pam_error
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_ERROR" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_ERROR" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_fail_delay.3 b/doc/man/pam_fail_delay.3
index 71bd215f..f9a7e2d1 100644
--- a/doc/man/pam_fail_delay.3
+++ b/doc/man/pam_fail_delay.3
@@ -1,11 +1,11 @@
.\" Title: pam_fail_delay
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_FAIL_DELAY" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_FAIL_DELAY" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_get_data.3 b/doc/man/pam_get_data.3
index 47c7ec99..cacec733 100644
--- a/doc/man/pam_get_data.3
+++ b/doc/man/pam_get_data.3
@@ -1,11 +1,11 @@
.\" Title: pam_get_data
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_GET_DATA" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_GET_DATA" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_get_item.3 b/doc/man/pam_get_item.3
index 0c4af415..ae63d298 100644
--- a/doc/man/pam_get_item.3
+++ b/doc/man/pam_get_item.3
@@ -1,11 +1,11 @@
.\" Title: pam_get_item
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_GET_ITEM" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_GET_ITEM" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_get_user.3 b/doc/man/pam_get_user.3
index b5ab65bc..f4ab776b 100644
--- a/doc/man/pam_get_user.3
+++ b/doc/man/pam_get_user.3
@@ -1,11 +1,11 @@
.\" Title: pam_get_user
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_GET_USER" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_GET_USER" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_getenv.3 b/doc/man/pam_getenv.3
index f6e22e47..3882d080 100644
--- a/doc/man/pam_getenv.3
+++ b/doc/man/pam_getenv.3
@@ -1,11 +1,11 @@
.\" Title: pam_getenv
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_GETENV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_GETENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_getenvlist.3 b/doc/man/pam_getenvlist.3
index e952da97..57c1d70e 100644
--- a/doc/man/pam_getenvlist.3
+++ b/doc/man/pam_getenvlist.3
@@ -1,11 +1,11 @@
.\" Title: pam_getenvlist
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_GETENVLIST" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_GETENVLIST" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_info.3 b/doc/man/pam_info.3
index c208e4f1..fabb5aa7 100644
--- a/doc/man/pam_info.3
+++ b/doc/man/pam_info.3
@@ -1,11 +1,11 @@
.\" Title: pam_info
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_INFO" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_INFO" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_misc_drop_env.3 b/doc/man/pam_misc_drop_env.3
index 226283ea..5708d5bc 100644
--- a/doc/man/pam_misc_drop_env.3
+++ b/doc/man/pam_misc_drop_env.3
@@ -1,11 +1,11 @@
.\" Title: pam_misc_drop_env
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_MISC_DROP_ENV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_MISC_DROP_ENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_misc_paste_env.3 b/doc/man/pam_misc_paste_env.3
index ce576e37..9ba1e8fe 100644
--- a/doc/man/pam_misc_paste_env.3
+++ b/doc/man/pam_misc_paste_env.3
@@ -1,11 +1,11 @@
.\" Title: pam_misc_paste_env
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_MISC_PASTE_ENV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_MISC_PASTE_ENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_misc_setenv.3 b/doc/man/pam_misc_setenv.3
index fa5690a9..49e8138c 100644
--- a/doc/man/pam_misc_setenv.3
+++ b/doc/man/pam_misc_setenv.3
@@ -1,11 +1,11 @@
.\" Title: pam_misc_setenv
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_MISC_SETENV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_MISC_SETENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_open_session.3 b/doc/man/pam_open_session.3
index 726cff56..e61b5ed8 100644
--- a/doc/man/pam_open_session.3
+++ b/doc/man/pam_open_session.3
@@ -1,11 +1,11 @@
.\" Title: pam_open_session
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_OPEN_SESSION" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_OPEN_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_prompt.3 b/doc/man/pam_prompt.3
index 341f8592..ce3b2a96 100644
--- a/doc/man/pam_prompt.3
+++ b/doc/man/pam_prompt.3
@@ -1,11 +1,11 @@
.\" Title: pam_prompt
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_PROMPT" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_PROMPT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_putenv.3 b/doc/man/pam_putenv.3
index 2a463bc1..60b49651 100644
--- a/doc/man/pam_putenv.3
+++ b/doc/man/pam_putenv.3
@@ -1,11 +1,11 @@
.\" Title: pam_putenv
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_PUTENV" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_PUTENV" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_set_data.3 b/doc/man/pam_set_data.3
index f14c7642..c3a2a689 100644
--- a/doc/man/pam_set_data.3
+++ b/doc/man/pam_set_data.3
@@ -1,11 +1,11 @@
.\" Title: pam_set_data
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SET_DATA" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SET_DATA" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_set_item.3 b/doc/man/pam_set_item.3
index 76dd10ef..fa802747 100644
--- a/doc/man/pam_set_item.3
+++ b/doc/man/pam_set_item.3
@@ -1,11 +1,11 @@
.\" Title: pam_set_item
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SET_ITEM" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SET_ITEM" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_setcred.3 b/doc/man/pam_setcred.3
index eb6a8307..055ee56e 100644
--- a/doc/man/pam_setcred.3
+++ b/doc/man/pam_setcred.3
@@ -1,11 +1,11 @@
.\" Title: pam_setcred
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SETCRED" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SETCRED" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_sm_acct_mgmt.3 b/doc/man/pam_sm_acct_mgmt.3
index 04729a2f..b720e3af 100644
--- a/doc/man/pam_sm_acct_mgmt.3
+++ b/doc/man/pam_sm_acct_mgmt.3
@@ -1,11 +1,11 @@
.\" Title: pam_sm_acct_mgmt
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_ACCT_MGMT" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_ACCT_MGMT" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_sm_acct_mgmt.3.xml b/doc/man/pam_sm_acct_mgmt.3.xml
index 694c2671..35aa28a8 100644
--- a/doc/man/pam_sm_acct_mgmt.3.xml
+++ b/doc/man/pam_sm_acct_mgmt.3.xml
@@ -15,8 +15,8 @@
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_acct_mgmt-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_acct_mgmt-synopsis'>
<funcsynopsisinfo>#define PAM_SM_ACCOUNT</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_sm_authenticate.3 b/doc/man/pam_sm_authenticate.3
index 2bb88300..7487f6af 100644
--- a/doc/man/pam_sm_authenticate.3
+++ b/doc/man/pam_sm_authenticate.3
@@ -1,11 +1,11 @@
.\" Title: pam_sm_authenticate
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_AUTHENTICATE" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_AUTHENTICATE" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_sm_authenticate.3.xml b/doc/man/pam_sm_authenticate.3.xml
index ca74c315..37c77576 100644
--- a/doc/man/pam_sm_authenticate.3.xml
+++ b/doc/man/pam_sm_authenticate.3.xml
@@ -15,8 +15,8 @@
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_authenticate-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_authenticate-synopsis'>
<funcsynopsisinfo>#define PAM_SM_AUTH</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_sm_chauthtok.3 b/doc/man/pam_sm_chauthtok.3
index 7e85cb82..c247f68f 100644
--- a/doc/man/pam_sm_chauthtok.3
+++ b/doc/man/pam_sm_chauthtok.3
@@ -1,17 +1,17 @@
.\" Title: pam_sm_chauthtok
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_CHAUTHTOK" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_CHAUTHTOK" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-pam_sm_chauthtok \- PAM service function for account management
+pam_sm_chauthtok \- PAM service function for authentication token management
.SH "SYNOPSIS"
.sp
.ft B
diff --git a/doc/man/pam_sm_chauthtok.3.xml b/doc/man/pam_sm_chauthtok.3.xml
index 4d2bd3fe..c36a0baf 100644
--- a/doc/man/pam_sm_chauthtok.3.xml
+++ b/doc/man/pam_sm_chauthtok.3.xml
@@ -10,13 +10,13 @@
<refnamediv id="pam_sm_chauthtok-name">
<refname>pam_sm_chauthtok</refname>
- <refpurpose>PAM service function for account management</refpurpose>
+ <refpurpose>PAM service function for authentication token management</refpurpose>
</refnamediv>
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_chauthtok-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_chauthtok-synopsis'>
<funcsynopsisinfo>#define PAM_SM_PASSWORD</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_sm_close_session.3 b/doc/man/pam_sm_close_session.3
index 708cdc58..4d0f081b 100644
--- a/doc/man/pam_sm_close_session.3
+++ b/doc/man/pam_sm_close_session.3
@@ -1,17 +1,17 @@
.\" Title: pam_sm_close_session
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_CLOSE_SESSION" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_CLOSE_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-pam_sm_close_session \- PAM service function for session management
+pam_sm_close_session \- PAM service function to terminate session management
.SH "SYNOPSIS"
.sp
.ft B
diff --git a/doc/man/pam_sm_close_session.3.xml b/doc/man/pam_sm_close_session.3.xml
index b63549f6..f2e67185 100644
--- a/doc/man/pam_sm_close_session.3.xml
+++ b/doc/man/pam_sm_close_session.3.xml
@@ -10,13 +10,13 @@
<refnamediv id="pam_sm_close_session-name">
<refname>pam_sm_close_session</refname>
- <refpurpose>PAM service function for session management</refpurpose>
+ <refpurpose>PAM service function to terminate session management</refpurpose>
</refnamediv>
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_close_session-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_close_session-synopsis'>
<funcsynopsisinfo>#define PAM_SM_SESSION</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_sm_open_session.3 b/doc/man/pam_sm_open_session.3
index 3e1e4347..b97f6005 100644
--- a/doc/man/pam_sm_open_session.3
+++ b/doc/man/pam_sm_open_session.3
@@ -1,17 +1,17 @@
.\" Title: pam_sm_open_session
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_OPEN_SESSION" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_OPEN_SESSION" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-pam_sm_open_session \- PAM service function for session management
+pam_sm_open_session \- PAM service function to start session management
.SH "SYNOPSIS"
.sp
.ft B
diff --git a/doc/man/pam_sm_open_session.3.xml b/doc/man/pam_sm_open_session.3.xml
index 1fa129b7..0851c345 100644
--- a/doc/man/pam_sm_open_session.3.xml
+++ b/doc/man/pam_sm_open_session.3.xml
@@ -10,13 +10,13 @@
<refnamediv id="pam_sm_open_session-name">
<refname>pam_sm_open_session</refname>
- <refpurpose>PAM service function for session management</refpurpose>
+ <refpurpose>PAM service function to start session management</refpurpose>
</refnamediv>
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_open_session-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_open_session-synopsis'>
<funcsynopsisinfo>#define PAM_SM_SESSION</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_sm_setcred.3 b/doc/man/pam_sm_setcred.3
index e0f0fd62..b4cb70e8 100644
--- a/doc/man/pam_sm_setcred.3
+++ b/doc/man/pam_sm_setcred.3
@@ -1,11 +1,11 @@
.\" Title: pam_sm_setcred
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SM_SETCRED" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SM_SETCRED" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_sm_setcred.3.xml b/doc/man/pam_sm_setcred.3.xml
index 10e2edbb..e4809ad7 100644
--- a/doc/man/pam_sm_setcred.3.xml
+++ b/doc/man/pam_sm_setcred.3.xml
@@ -15,8 +15,8 @@
<!-- body begins here -->
- <refsynopsisdiv id='pam_sm_setcred-synopsis'>
- <funcsynopsis>
+ <refsynopsisdiv>
+ <funcsynopsis id='pam_sm_setcred-synopsis'>
<funcsynopsisinfo>#define PAM_SM_AUTH</funcsynopsisinfo>
<funcsynopsisinfo>#include &lt;security/pam_modules.h&gt;</funcsynopsisinfo>
<funcprototype>
diff --git a/doc/man/pam_start.3 b/doc/man/pam_start.3
index e1f04ca0..22521213 100644
--- a/doc/man/pam_start.3
+++ b/doc/man/pam_start.3
@@ -1,11 +1,11 @@
.\" Title: pam_start
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_START" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_START" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_strerror.3 b/doc/man/pam_strerror.3
index e1f6c0a6..2d1e8849 100644
--- a/doc/man/pam_strerror.3
+++ b/doc/man/pam_strerror.3
@@ -1,11 +1,11 @@
.\" Title: pam_strerror
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_STRERROR" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_STRERROR" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/doc/man/pam_syslog.3 b/doc/man/pam_syslog.3
index 740e5a0c..112066d9 100644
--- a/doc/man/pam_syslog.3
+++ b/doc/man/pam_syslog.3
@@ -1,11 +1,11 @@
.\" Title: pam_syslog
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/25/2006
+.\" Date: 06/27/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_SYSLOG" "3" "06/25/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_SYSLOG" "3" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/libpam/pam_static_modules.h b/libpam/pam_static_modules.h
index 00e2a9b5..92a367ac 100644
--- a/libpam/pam_static_modules.h
+++ b/libpam/pam_static_modules.h
@@ -44,6 +44,7 @@ extern struct pam_module _pam_filter_modstruct;
extern struct pam_module _pam_ftp_modstruct;
extern struct pam_module _pam_group_modstruct;
extern struct pam_module _pam_issue_modstruct;
+extern struct pam_module _pam_keyinit_modstruct;
extern struct pam_module _pam_lastlog_modstruct;
extern struct pam_module _pam_limits_modstruct;
extern struct pam_module _pam_listfile_modstruct;
@@ -51,8 +52,12 @@ extern struct pam_module _pam_localuser_modstruct;
extern struct pam_module _pam_mail_modstruct;
extern struct pam_module _pam_mkhomedir_modstruct;
extern struct pam_module _pam_motd_modstruct;
+#ifdef HAVE_UNSHARE
+extern struct pam_module _pam_namespace;
+#endif
extern struct pam_module _pam_nologin_modstruct;
extern struct pam_module _pam_permit_modstruct;
+extern struct pam_module _pam_rhosts_modstruct;
extern struct pam_module _pam_rhosts_auth_modstruct;
extern struct pam_module _pam_rootok_modstruct;
extern struct pam_module _pam_securetty_modstruct;
@@ -89,6 +94,7 @@ static struct pam_module *static_modules[] = {
&_pam_ftp_modstruct,
&_pam_group_modstruct,
&_pam_issue_modstruct,
+ &_pam_keyinit_modstruct,
&_pam_lastlog_modstruct,
&_pam_limits_modstruct,
&_pam_listfile_modstruct,
@@ -96,8 +102,12 @@ static struct pam_module *static_modules[] = {
&_pam_mail_modstruct,
&_pam_mkhomedir_modstruct,
&_pam_motd_modstruct,
+#ifdef HAVE_UNSHARE
+ &_pam_namespace,
+#endif
&_pam_nologin_modstruct,
&_pam_permit_modstruct,
+ &_pam_rhosts_modstruct,
&_pam_rhosts_auth_modstruct,
&_pam_rootok_modstruct,
&_pam_securetty_modstruct,
diff --git a/modules/pam_debug/pam_debug.8 b/modules/pam_debug/pam_debug.8
index 5bce51e3..ae4a1407 100644
--- a/modules/pam_debug/pam_debug.8
+++ b/modules/pam_debug/pam_debug.8
@@ -1,11 +1,11 @@
.\" Title: pam_debug
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/17/2006
+.\" Date: 06/23/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_DEBUG" "8" "06/17/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_DEBUG" "8" "06/23/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/modules/pam_keyinit/.cvsignore b/modules/pam_keyinit/.cvsignore
new file mode 100644
index 00000000..9fb98574
--- /dev/null
+++ b/modules/pam_keyinit/.cvsignore
@@ -0,0 +1,6 @@
+*.la
+*.lo
+.deps
+.libs
+Makefile
+Makefile.in
diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c
index 363adb58..47b2c0f5 100644
--- a/modules/pam_keyinit/pam_keyinit.c
+++ b/modules/pam_keyinit/pam_keyinit.c
@@ -207,3 +207,19 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
return PAM_SUCCESS;
}
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_keyinit_modstruct = {
+ "pam_keyinit",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif
+
diff --git a/modules/pam_namespace/.cvsignore b/modules/pam_namespace/.cvsignore
new file mode 100644
index 00000000..9fb98574
--- /dev/null
+++ b/modules/pam_namespace/.cvsignore
@@ -0,0 +1,6 @@
+*.la
+*.lo
+.deps
+.libs
+Makefile
+Makefile.in
diff --git a/modules/pam_namespace/Makefile.am b/modules/pam_namespace/Makefile.am
index 5d6dc018..38eb50ec 100644
--- a/modules/pam_namespace/Makefile.am
+++ b/modules/pam_namespace/Makefile.am
@@ -8,9 +8,10 @@ MAN8 = pam_namespace.8
man_MANS = $(MAN5) $(MAN8)
-XMLS = namespace.conf.5.xml pam_namespace.8.xml
+XMLS = README.xml namespace.conf.5.xml pam_namespace.8.xml
if ENABLE_REGENERATE_MAN
+noinst_DATA = README
-include $(top_srcdir)/Make.xml.rules
endif
diff --git a/modules/pam_namespace/README b/modules/pam_namespace/README
index 7edfe55e..c47ba232 100644
--- a/modules/pam_namespace/README
+++ b/modules/pam_namespace/README
@@ -1,3 +1,7 @@
+pam_namespace — PAM module for configuring namespace for a session
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
pam_namespace module:
Setup a private namespace with polyinstantiated directories.
@@ -24,25 +28,25 @@ Where:
This field cannot be blank.
<instance_prefix> - is the string prefix used to build the pathname for the
- instantiation of <polydir>. The directory security context, or
- optionally its md5sum string (32 hex characters), is appended to
+ instantiation of <polydir>. The directory security context, or
+ optionally its md5sum string (32 hex characters), is appended to
the prefix to generate the final instance directory path.
This directory is created if it did not exist already, and is then
- bind mounted on the <polydir> to provide an instance of <polydir>
- based on the <method> column. The special string $HOME is replaced with
- the user's home directory, and $USER with the username.
- This field cannot be blank.
+ bind mounted on the <polydir> to provide an instance of <polydir>
+ based on the <method> column. The special string $HOME is replaced with
+ the user's home directory, and $USER with the username.
+ This field cannot be blank.
<method> - is the method used for polyinstantiation. It can take 3 different
- values; "user" for polyinstantiation based on user name, "context"
- for polyinstantiation based on process security context, and "both"
- for polyinstantiation based on both user name and security context.
- Methods "context" and "both" are only available with SELinux. This
- field cannot be blank.
+ values; "user" for polyinstantiation based on user name, "context"
+ for polyinstantiation based on process security context, and "both"
+ for polyinstantiation based on both user name and security context.
+ Methods "context" and "both" are only available with SELinux. This
+ field cannot be blank.
<list_of_uids> - is a comma separated list of user names for whom the
- polyinstantiation is not performed. If left blank, polyinstantiation
- will be performed for all users.
+ polyinstantiation is not performed. If left blank, polyinstantiation
+ will be performed for all users.
EXAMPLE /etc/security/namespace.conf configuration file:
=======================================================
@@ -68,55 +72,58 @@ EXAMPLE /etc/security/namespace.conf configuration file:
# caution, as it will reduce security and isolation achieved by
# polyinstantiation.
#
-/tmp /tmp-inst/ both root,adm
-/var/tmp /var/tmp/tmp-inst/ both root,adm
+/tmp /tmp-inst/ both root,adm
+/var/tmp /var/tmp/tmp-inst/ both root,adm
$HOME $HOME/$USER.inst/inst- context
ARGUMENTS RECOGNIZED:
debug
- Verbose logging by syslog
+ Verbose logging by syslog
unmnt_remnt
- For programs such as su and newrole, the login session has
- already setup a polyinstantiated namespace. For these programs,
- polyinstantiation is performed based on new user id or security
- context, however the command first needs to undo the
- polyinstantiation performed by login. This argument instructs
- the command to first undo previous polyinstantiation before
- proceeding with new polyinstantiation based on new id/context.
+ For programs such as su and newrole, the login session has
+ already setup a polyinstantiated namespace. For these programs,
+ polyinstantiation is performed based on new user id or security
+ context, however the command first needs to undo the
+ polyinstantiation performed by login. This argument instructs
+ the command to first undo previous polyinstantiation before
+ proceeding with new polyinstantiation based on new id/context.
unmnt_only
- For trusted programs that want to undo any existing bind mounts
- and process instance directories on their own, this argument
- allows them to unmount currently mounted instance directories.
+ For trusted programs that want to undo any existing bind mounts
+ and process instance directories on their own, this argument
+ allows them to unmount currently mounted instance directories.
require_selinux
- If selinux is not enabled, return failure.
+ If selinux is not enabled, return failure.
gen_hash
- Instead of using the security context string for the instance
- name, generate and use its md5 hash.
+ Instead of using the security context string for the instance
+ name, generate and use its md5 hash.
ignore_config_error
- If a line in the configuration file corresponding to a
- polyinstantiated directory contains format error, skip that
- line process the next line. Without this option, pam will return
- an error to the calling program resulting in termination
- of the session.
+ If a line in the configuration file corresponding to a
+ polyinstantiated directory contains format error, skip that
+ line process the next line. Without this option, pam will return
+ an error to the calling program resulting in termination
+ of the session.
ignore_instance_parent_mode
- Instance parent directories by default are expected to have
- the restrictive mode of 000. Using this option, an administrator
- can choose to ignore the mode of the instance parent.
+ Instance parent directories by default are expected to have
+ the restrictive mode of 000. Using this option, an administrator
+ can choose to ignore the mode of the instance parent.
MODULE SERVICES PROVIDED:
- session open_session and close_session
+ session open_session and close_session
USAGE:
- For the <service>s you need polyinstantiation (login for example)
- put the following line in /etc/pam.d/<service> as the last line for
- session group:
+ For the <service>s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/<service> as the last line for
+ session group:
+
+ session required pam_namespace.so [arguments]
+
+ This module also depends on pam_selinux.so setting the context.
+
- session required pam_namespace.so [arguments]
- This module also depends on pam_selinux.so setting the context.
diff --git a/modules/pam_namespace/README.xml b/modules/pam_namespace/README.xml
new file mode 100644
index 00000000..98ab7532
--- /dev/null
+++ b/modules/pam_namespace/README.xml
@@ -0,0 +1,139 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
+"http://www.docbook.org/xml/4.4/docbookx.dtd">
+<article>
+ <articleinfo>
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_namespace.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_namespace-name"]/*)'/>
+ </title>
+ </articleinfo>
+ <section>
+ <programlisting><![CDATA[
+
+pam_namespace module:
+Setup a private namespace with polyinstantiated directories.
+
+THEORY OF OPERATION:
+The pam namespace module consults /etc/security/namespace.conf
+configuration file and sets up a private namespace with polyinstantiated
+directories for a session managed by PAM. A skeleton namespace.conf
+installed by default provides example for polyinstantiating /tmp, /var/tmp
+and users' home directory.
+
+If an executable script /etc/security/namespace.init exists, it
+is used to initialize the namespace every time a new instance directory
+is setup. The script receives the polyinstantiated directory path
+and the instance directory path as its arguments.
+
+Each line in namespace.conf describes a limit for a user in the form:
+
+<polydir> <instance_prefix> <method> <list_of_uids>
+
+Where:
+<polydir> - is the absolute pathname of the directory to polyinstantiate
+ Special entry $HOME is supported to designate user's home directory.
+ This field cannot be blank.
+
+<instance_prefix> - is the string prefix used to build the pathname for the
+ instantiation of <polydir>. The directory security context, or
+ optionally its md5sum string (32 hex characters), is appended to
+ the prefix to generate the final instance directory path.
+ This directory is created if it did not exist already, and is then
+ bind mounted on the <polydir> to provide an instance of <polydir>
+ based on the <method> column. The special string $HOME is replaced with
+ the user's home directory, and $USER with the username.
+ This field cannot be blank.
+
+<method> - is the method used for polyinstantiation. It can take 3 different
+ values; "user" for polyinstantiation based on user name, "context"
+ for polyinstantiation based on process security context, and "both"
+ for polyinstantiation based on both user name and security context.
+ Methods "context" and "both" are only available with SELinux. This
+ field cannot be blank.
+
+<list_of_uids> - is a comma separated list of user names for whom the
+ polyinstantiation is not performed. If left blank, polyinstantiation
+ will be performed for all users.
+
+EXAMPLE /etc/security/namespace.conf configuration file:
+=======================================================
+# Following three lines will polyinstantiate /tmp, /var/tmp and user's home
+# directories. /tmp and /var/tmp will be polyinstantiated based on both
+# security context as well as user name, whereas home directory will
+# be polyinstantiated based on security context only. Polyinstantiation
+# will not be performed for user root and adm for directories /tmp and
+# /var/tmp, whereas home directories will be polyinstantiated for all
+# users. The user name and/or context is appended to the instance prefix.
+#
+# Note that instance directories do not have to reside inside the
+# polyinstantiated directory. In the examples below, instances of /tmp
+# will be created in /tmp-inst directory, where as instances of /var/tmp
+# and users home directories will reside within the directories that
+# are being polyinstantiated.
+#
+# Instance parent directories must exist for the polyinstantiation
+# mechanism to work. By default, they should be created with the mode
+# of 000. pam_namespace module will enforce this mode unless it
+# is explicitly called with an argument to ignore the mode of the
+# instance parent. System administrators should use this argument with
+# caution, as it will reduce security and isolation achieved by
+# polyinstantiation.
+#
+/tmp /tmp-inst/ both root,adm
+/var/tmp /var/tmp/tmp-inst/ both root,adm
+$HOME $HOME/$USER.inst/inst- context
+
+ARGUMENTS RECOGNIZED:
+ debug
+ Verbose logging by syslog
+
+ unmnt_remnt
+ For programs such as su and newrole, the login session has
+ already setup a polyinstantiated namespace. For these programs,
+ polyinstantiation is performed based on new user id or security
+ context, however the command first needs to undo the
+ polyinstantiation performed by login. This argument instructs
+ the command to first undo previous polyinstantiation before
+ proceeding with new polyinstantiation based on new id/context.
+
+ unmnt_only
+ For trusted programs that want to undo any existing bind mounts
+ and process instance directories on their own, this argument
+ allows them to unmount currently mounted instance directories.
+
+ require_selinux
+ If selinux is not enabled, return failure.
+
+ gen_hash
+ Instead of using the security context string for the instance
+ name, generate and use its md5 hash.
+
+ ignore_config_error
+ If a line in the configuration file corresponding to a
+ polyinstantiated directory contains format error, skip that
+ line process the next line. Without this option, pam will return
+ an error to the calling program resulting in termination
+ of the session.
+
+ ignore_instance_parent_mode
+ Instance parent directories by default are expected to have
+ the restrictive mode of 000. Using this option, an administrator
+ can choose to ignore the mode of the instance parent.
+
+MODULE SERVICES PROVIDED:
+ session open_session and close_session
+
+USAGE:
+ For the <service>s you need polyinstantiation (login for example)
+ put the following line in /etc/pam.d/<service> as the last line for
+ session group:
+
+ session required pam_namespace.so [arguments]
+
+ This module also depends on pam_selinux.so setting the context.
+]]>
+ </programlisting>
+ </section>
+</article>
+
diff --git a/modules/pam_namespace/pam_namespace.8 b/modules/pam_namespace/pam_namespace.8
index 88594304..126cfc88 100644
--- a/modules/pam_namespace/pam_namespace.8
+++ b/modules/pam_namespace/pam_namespace.8
@@ -1,141 +1,110 @@
-.\"Generated by db2man.xsl. Don't modify this, modify the source.
-.de Sh \" Subsection
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
-.de Sp \" Vertical space (when we can't use .PP)
-.if t .sp .5v
-.if n .sp
-..
-.de Ip \" List item
-.br
-.ie \\n(.$>=3 .ne \\$3
-.el .ne 3
-.IP "\\$1" \\$2
-..
-.TH "PAM_NAMESPACE" 8 "" "" ""
-.SH NAME
+.\" Title: pam_namespace
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/27/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_NAMESPACE" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
pam_namespace \- PAM module for configuring namespace for a session
.SH "SYNOPSIS"
-.ad l
-.hy 0
.HP 17
-\fBpam_namespace\&.so\fR [debug] [unmnt_remnt] [unmnt_only] [require_selinux] [gen_hash] [ignore_config_error] [ignore_instance_parent_mode]
-.ad
-.hy
-
+\fBpam_namespace.so\fR [debug] [unmnt_remnt] [unmnt_only] [require_selinux] [gen_hash] [ignore_config_error] [ignore_instance_parent_mode]
.SH "DESCRIPTION"
-
.PP
-The pam_namespace PAM module sets up a private namespace for a session with polyinstantiated directories\&. A polyinstantiated directory provides a different instance of itself based on user name, or when using SELinux, user name, security context or both\&. If an executable script \fI/etc/security/namespace\&.init\fR exists, it is used to initialize the namespace every time a new instance directory is setup\&. The script receives the polyinstantiated directory path and the instance directory path as its arguments\&.
-
+The pam_namespace PAM module sets up a private namespace for a session with polyinstantiated directories. A polyinstantiated directory provides a different instance of itself based on user name, or when using SELinux, user name, security context or both. If an executable script
+\fI/etc/security/namespace.init\fR
+exists, it is used to initialize the namespace every time a new instance directory is setup. The script receives the polyinstantiated directory path and the instance directory path as its arguments.
.PP
-The pam_namespace module disassociates the session namespace from the parent namespace\&. Any mounts/unmounts performed in the parent namespace, such as mounting of devices, are not reflected in the session namespace\&. To propagate selected mount/unmount events from the parent namespace into the disassociated session namespace, an administrator may use the special shared\-subtree feature\&. For additional information on shared\-subtree feature, please refer to the mount(8) man page and the shared\-subtree description at http://lwn\&.net/Articles/159077 and http://lwn\&.net/Articles/159092\&.
-
+The pam_namespace module disassociates the session namespace from the parent namespace. Any mounts/unmounts performed in the parent namespace, such as mounting of devices, are not reflected in the session namespace. To propagate selected mount/unmount events from the parent namespace into the disassociated session namespace, an administrator may use the special shared\-subtree feature. For additional information on shared\-subtree feature, please refer to the mount(8) man page and the shared\-subtree description at http://lwn.net/Articles/159077 and http://lwn.net/Articles/159092.
.SH "OPTIONS"
-
-.TP
+.TP 3n
\fBdebug\fR
A lot of debug information is logged using syslog
-
-.TP
+.TP 3n
\fBunmnt_remnt\fR
-For programs such as su and newrole, the login session has already setup a polyinstantiated namespace\&. For these programs, polyinstantiation is performed based on new user id or security context, however the command first needs to undo the polyinstantiation performed by login\&. This argument instructs the command to first undo previous polyinstantiation before proceeding with new polyinstantiation based on new id/context
-
-.TP
+For programs such as su and newrole, the login session has already setup a polyinstantiated namespace. For these programs, polyinstantiation is performed based on new user id or security context, however the command first needs to undo the polyinstantiation performed by login. This argument instructs the command to first undo previous polyinstantiation before proceeding with new polyinstantiation based on new id/context
+.TP 3n
\fBunmnt_only\fR
For trusted programs that want to undo any existing bind mounts and process instance directories on their own, this argument allows them to unmount currently mounted instance directories
-
-.TP
+.TP 3n
\fBrequire_selinux\fR
If selinux is not enabled, return failure
-
-.TP
+.TP 3n
\fBgen_hash\fR
-Instead of using the security context string for the instance name, generate and use its md5 hash\&.
-
-.TP
+Instead of using the security context string for the instance name, generate and use its md5 hash.
+.TP 3n
\fBignore_config_error\fR
-If a line in the configuration file corresponding to a polyinstantiated directory contains format error, skip that line process the next line\&. Without this option, pam will return an error to the calling program resulting in termination of the session\&.
-
-.TP
+If a line in the configuration file corresponding to a polyinstantiated directory contains format error, skip that line process the next line. Without this option, pam will return an error to the calling program resulting in termination of the session.
+.TP 3n
\fBignore_instance_parent_mode\fR
-Instance parent directories by default are expected to have the restrictive mode of 000\&. Using this option, an administrator can choose to ignore the mode of the instance parent\&. This option should be used with caution as it will reduce security and isolation goals of the polyinstantiation mechanism\&.
-
+Instance parent directories by default are expected to have the restrictive mode of 000. Using this option, an administrator can choose to ignore the mode of the instance parent. This option should be used with caution as it will reduce security and isolation goals of the polyinstantiation mechanism.
.SH "MODULE SERVICES PROVIDED"
-
.PP
-The \fBsession\fR service is supported\&.
-
+The
+\fBsession\fR
+service is supported.
.SH "RETURN VALUES"
-
-.TP
+.TP 3n
PAM_SUCCESS
-Namespace setup was successful\&.
-
-.TP
+Namespace setup was successful.
+.TP 3n
PAM_SERVICE_ERR
-Unexpected system error occurred while setting up namespace\&.
-
-.TP
+Unexpected system error occurred while setting up namespace.
+.TP 3n
PAM_SESSION_ERR
-Unexpected namespace configuration error occurred\&.
-
+Unexpected namespace configuration error occurred.
.SH "FILES"
-
-.TP
-\fI/etc/security/namespace\&.conf\fR
+.TP 3n
+\fI/etc/security/namespace.conf\fR
Configuration file
-
.SH "EXAMPLES"
-
.PP
-For the <service>s you need polyinstantiation (login for example) put the following line in /etc/pam\&.d/<service> as the last line for session group:
-
+For the <service>s you need polyinstantiation (login for example) put the following line in /etc/pam.d/<service> as the last line for session group:
.PP
-session required pam_namespace\&.so [arguments]
-
+session required pam_namespace.so [arguments]
.PP
To use polyinstantiation with graphical display manager gdm, insert the following line, before exit 0, in /etc/gdm/PostSession/Default:
-
.PP
/usr/sbin/gdm\-safe\-restart
-
.PP
-This allows gdm to restart after each session and appropriately adjust namespaces of display manager and the X server\&. If polyinstantiation of /tmp is desired along with the graphical environment, then additional configuration changes are needed to address the interaction of X server and font server namespaces with their use of /tmp to create communication sockets\&. Please use the initialization script \fI/etc/security/namespace\&.init\fR to ensure that the X server and its clients can appropriately access the communication socket X0\&. Please refer to the sample instructions provided in the comment section of the instance initialization script \fI/etc/security/namespace\&.init\fR\&. In addition, perform the following changes to use graphical environment with polyinstantiation of /tmp:
-
+This allows gdm to restart after each session and appropriately adjust namespaces of display manager and the X server. If polyinstantiation of /tmp is desired along with the graphical environment, then additional configuration changes are needed to address the interaction of X server and font server namespaces with their use of /tmp to create communication sockets. Please use the initialization script
+\fI/etc/security/namespace.init\fR
+to ensure that the X server and its clients can appropriately access the communication socket X0. Please refer to the sample instructions provided in the comment section of the instance initialization script
+\fI/etc/security/namespace.init\fR. In addition, perform the following changes to use graphical environment with polyinstantiation of /tmp:
.PP
-
+.sp
+.RS 3n
.nf
-
- 1\&. Disable the use of font server by commenting out "FontPath"
- line in /etc/X11/xorg\&.conf\&. If you do want to use the font server
+ 1. Disable the use of font server by commenting out "FontPath"
+ line in /etc/X11/xorg.conf. If you do want to use the font server
then you will have to augment the instance initialization
- script to appropriately provide /tmp/\&.font\-unix from the
- polyinstantiated /tmp\&.
- 2\&. Ensure that the gdm service is setup to use pam_namespace,
- as described above, by modifying /etc/pam\&.d/gdm\&.
- 3\&. Ensure that the display manager is configured to restart X server
- with each new session\&. This default setup can be verified by
- making sure that /usr/share/gdm/defaults\&.conf contains
+ script to appropriately provide /tmp/.font\-unix from the
+ polyinstantiated /tmp.
+ 2. Ensure that the gdm service is setup to use pam_namespace,
+ as described above, by modifying /etc/pam.d/gdm.
+ 3. Ensure that the display manager is configured to restart X server
+ with each new session. This default setup can be verified by
+ making sure that /usr/share/gdm/defaults.conf contains
"AlwaysRestartServer=true", and it is not overridden by
- /etc/gdm/custom\&.conf\&.
+ /etc/gdm/custom.conf.
.fi
-
-
+.RE
+.sp
.SH "SEE ALSO"
-
.PP
- \fBnamespace\&.conf\fR(5), \fBpam\&.d\fR(8), \fBmount\fR(8), \fBpam\fR(8)\&.
+\fBnamespace.conf\fR(5),
+\fBpam.d\fR(8),
+\fBmount\fR(8),
+\fBpam\fR(8).
.SH "AUTHORS"
-
.PP
-The namespace setup scheme was designed by Stephen Smalley, Janak Desai and Chad Sellers\&. The pam_namespace PAM module was developed by Janak Desai <janak@us\&.ibm\&.com>, Chad Sellers <csellers@tresys\&.com> and Steve Grubb <sgrubb@redhat\&.com>\&.
-
+The namespace setup scheme was designed by Stephen Smalley, Janak Desai and Chad Sellers. The pam_namespace PAM module was developed by Janak Desai <janak@us.ibm.com>, Chad Sellers <csellers@tresys.com> and Steve Grubb <sgrubb@redhat.com>.
diff --git a/modules/pam_rhosts/Makefile.am b/modules/pam_rhosts/Makefile.am
index 5c8cc188..d4ca7578 100644
--- a/modules/pam_rhosts/Makefile.am
+++ b/modules/pam_rhosts/Makefile.am
@@ -4,9 +4,13 @@
CLEANFILES = *~
-EXTRA_DIST = README tst-pam_rhosts
+EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_rhosts_auth tst-pam_rhosts
-TESTS = tst-pam_rhosts
+TESTS = tst-pam_rhosts_auth tst-pam_rhosts
+
+man_MANS = pam_rhosts.8
+
+XMLS = README.xml pam_rhosts.8.xml
securelibdir = $(SECUREDIR)
secureconfdir = $(SCONFIGDIR)
@@ -18,4 +22,11 @@ if HAVE_VERSIONING
AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
-securelib_LTLIBRARIES = pam_rhosts_auth.la
+securelib_LTLIBRARIES = pam_rhosts_auth.la pam_rhosts.la
+
+if ENABLE_REGENERATE_MAN
+noinst_DATA = README
+README: pam_rhosts.8.xml
+-include $(top_srcdir)/Make.xml.rules
+endif
+
diff --git a/modules/pam_rhosts/README b/modules/pam_rhosts/README
index d2e93d1d..b1911785 100644
--- a/modules/pam_rhosts/README
+++ b/modules/pam_rhosts/README
@@ -1,57 +1,56 @@
-arguments recognized:
+pam_rhosts — The rhosts PAM module
-"no_hosts_equiv"
-"no_rhosts"
-"debug"
-"nowarn"
-"suppress"
-"promiscuous"
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-.rhosts/hosts.equiv format:
+DESCRIPTION
-There are positive entries, when one is matched authentication
-succeeds and terminates. There are negative entries, when one is
-matched authentication fails and terminates. Thus order is
-significant.
+This module performs the standard network authentication for services, as used
+by traditional implementations of rlogin and rsh etc.
-Entry hosts.equiv .rhosts
-<host> All users on <host> are ok Same username from <host> is ok
-<host> <user> <user> from <host> is ok ditto
--<host> No users from <host> are ok ditto
-<host> -<user> <user> from <host> is not ok ditto
+The authentication mechanism of this module is based on the contents of two
+files; /etc/hosts.equiv (or and ~/.rhosts. Firstly, hosts listed in the former
+file are treated as equivalent to the localhost. Secondly, entries in the
+user's own copy of the latter file is used to map "remote-host remote-user"
+pairs to that user's account on the current host. Access is granted to the user
+if their host is present in /etc/hosts.equiv and their remote account is
+identical to their local one, or if their remote account has an entry in their
+personal configuration file.
-<host> can be ip (IPv4) numbers.
+The module authenticates a remote user (internally specified by the item
+PAM_RUSER connecting from the remote host (internally specified by the item
+PAM_RHOST). Accordingly, for applications to be compatible this authentication
+module they must set these items prior to calling pam_authenticate(). The
+module is not capable of independently probing the network connection for such
+information.
-Netgroups may be used in either host or user fields, and then applies
-to all hosts, or users, in the netgroup. The syntax is
+OPTIONS
- +@<ng>
+debug
-The entries
+ Print debug information.
- <host> +@<ng>
- +@<ng> +@<ng>
- +@<ng> <user>
+silent
-means exactly what you think it does. Negative entries are of the
-form
+ Don't print informative messages.
- -@<ng>
+superuser=account
-When the "promiscuous" option is given the special character + may be
-used as a wildcard in any field.
+ Handle account as root.
- + Allow anyone from any host to connect. DANGEROUS.
- + + Ditto.
- + <user> Allow the user to connect from anywhere. DANGEROUS.
- <host> + Allow any user from the host. Dangerous.
-
-These, perhaps more useful, forms of the + form is also disallowed
-unless "promiscuous" is specified:
+EXAMPLES
- + -<user> Disallow the user from any host
- + -@<ng> Disallow all members of the netgroup from any host
+To grant a remote user access by /etc/hosts.equiv or .rhosts for rsh add the
+following lines to /etc/pam.d/rsh:
-When "promiscuous" is not specified a '+' is handled as a negative
-match.
+#%PAM-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+
+
+AUTHOR
+
+pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>
diff --git a/modules/pam_rhosts/README.xml b/modules/pam_rhosts/README.xml
new file mode 100644
index 00000000..5d3307e7
--- /dev/null
+++ b/modules/pam_rhosts/README.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+"http://www.docbook.org/xml/4.3/docbookx.dtd"
+[
+<!--
+<!ENTITY pamaccess SYSTEM "pam_rhosts.8.xml">
+-->
+]>
+
+<article>
+
+ <articleinfo>
+
+ <title>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_rhosts-name"]/*)'/>
+ </title>
+
+ </articleinfo>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-description"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-options"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-examples"]/*)'/>
+ </section>
+
+ <section>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+ href="pam_rhosts.8.xml" xpointer='xpointer(//refsect1[@id = "pam_rhosts-author"]/*)'/>
+ </section>
+
+</article>
diff --git a/modules/pam_rhosts/pam_rhosts.8 b/modules/pam_rhosts/pam_rhosts.8
new file mode 100644
index 00000000..0d7f4a16
--- /dev/null
+++ b/modules/pam_rhosts/pam_rhosts.8
@@ -0,0 +1,98 @@
+.\" Title: pam_rhosts
+.\" Author:
+.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
+.\" Date: 06/28/2006
+.\" Manual: Linux\-PAM Manual
+.\" Source: Linux\-PAM Manual
+.\"
+.TH "PAM_RHOSTS" "8" "06/28/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_rhosts \- The rhosts PAM module
+.SH "SYNOPSIS"
+.HP 14
+\fBpam_rhosts.so\fR
+.SH "DESCRIPTION"
+.PP
+This module performs the standard network authentication for services, as used by traditional implementations of
+\fBrlogin\fR
+and
+\fBrsh\fR
+etc.
+.PP
+The authentication mechanism of this module is based on the contents of two files;
+\fI/etc/hosts.equiv\fR
+(or and
+\fI~/.rhosts\fR. Firstly, hosts listed in the former file are treated as equivalent to the localhost. Secondly, entries in the user's own copy of the latter file is used to map "\fIremote\-host remote\-user\fR" pairs to that user's account on the current host. Access is granted to the user if their host is present in
+\fI/etc/hosts.equiv\fR
+and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file.
+.PP
+The module authenticates a remote user (internally specified by the item
+\fIPAM_RUSER\fR
+connecting from the remote host (internally specified by the item
+\fBPAM_RHOST\fR). Accordingly, for applications to be compatible this authentication module they must set these items prior to calling
+\fBpam_authenticate()\fR. The module is not capable of independently probing the network connection for such information.
+.SH "OPTIONS"
+.TP 3n
+\fBdebug\fR
+Print debug information.
+.TP 3n
+\fBsilent\fR
+Don't print informative messages.
+.TP 3n
+\fBsuperuser=\fR\fB\fIaccount\fR\fR
+Handle
+\fIaccount\fR
+as root.
+.SH "MODULE SERVICES PROVIDED"
+.PP
+Only the
+\fBauth\fR
+service is supported.
+.SH "RETURN VALUES"
+.TP 3n
+PAM_AUTH_ERR
+The remote host, remote user name or the local user name couldn't be determined or access was denied by
+\fI.rhosts\fR
+file.
+.TP 3n
+PAM_USER_UNKNOWN
+User is not known to system.
+.SH "EXAMPLES"
+.PP
+To grant a remote user access by
+\fI/etc/hosts.equiv\fR
+or
+\fI.rhosts\fR
+for
+\fBrsh\fR
+add the following lines to
+\fI/etc/pam.d/rsh\fR:
+.sp
+.RS 3n
+.nf
+#%PAM\-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+
+.fi
+.RE
+.sp
+.SH "SEE ALSO"
+.PP
+
+\fBrootok\fR(3),
+\fBhosts.equiv\fR(5),
+\fBrhosts\fR(5),
+\fBpam.conf\fR(5),
+\fBpam.d\fR(8),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>
diff --git a/modules/pam_rhosts/pam_rhosts.8.xml b/modules/pam_rhosts/pam_rhosts.8.xml
new file mode 100644
index 00000000..e559f315
--- /dev/null
+++ b/modules/pam_rhosts/pam_rhosts.8.xml
@@ -0,0 +1,171 @@
+<?xml version="1.0" encoding='UTF-8'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+ "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
+
+<refentry id="pam_rhosts">
+
+ <refmeta>
+ <refentrytitle>pam_rhosts</refentrytitle>
+ <manvolnum>8</manvolnum>
+ <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_rhosts-name">
+ <refname>pam_rhosts</refname>
+ <refpurpose>The rhosts PAM module</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis id="pam_rhosts-cmdsynopsis">
+ <command>pam_rhosts.so</command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id="pam_rhosts-description">
+
+ <title>DESCRIPTION</title>
+
+ <para>
+ This module performs the standard network authentication for services,
+ as used by traditional implementations of <command>rlogin</command>
+ and <command>rsh</command> etc.
+ </para>
+ <para>
+ The authentication mechanism of this module is based on the contents
+ of two files; <filename>/etc/hosts.equiv</filename> (or
+ and <filename>~/.rhosts</filename>. Firstly, hosts listed in the
+ former file are treated as equivalent to the localhost. Secondly,
+ entries in the user's own copy of the latter file is used to map
+ "<emphasis>remote-host remote-user</emphasis>" pairs to that user's
+ account on the current host. Access is granted to the user if their
+ host is present in <filename>/etc/hosts.equiv</filename> and their
+ remote account is identical to their local one, or if their remote
+ account has an entry in their personal configuration file.
+ </para>
+ <para>
+ The module authenticates a remote user (internally specified by the
+ item <parameter>PAM_RUSER</parameter> connecting from the remote
+ host (internally specified by the item <command>PAM_RHOST</command>).
+ Accordingly, for applications to be compatible this authentication
+ module they must set these items prior to calling
+ <function>pam_authenticate()</function>. The module is not capable
+ of independently probing the network connection for such information.
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_rhosts-options">
+ <title>OPTIONS</title>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>debug</option>
+ </term>
+ <listitem>
+ <para>
+ Print debug information.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>silent</option>
+ </term>
+ <listitem>
+ <para>
+ Don't print informative messages.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <option>superuser=<replaceable>account</replaceable></option>
+ </term>
+ <listitem>
+ <para>
+ Handle <replaceable>account</replaceable> as root.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id="pam_rhosts-services">
+ <title>MODULE SERVICES PROVIDED</title>
+ <para>
+ Only the <option>auth</option> service is supported.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_AUTH_ERR</term>
+ <listitem>
+ <para>
+ The remote host, remote user name or the local user name
+ couldn't be determined or access was denied by
+ <filename>.rhosts</filename> file.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_USER_UNKNOWN</term>
+ <listitem>
+ <para>
+ User is not known to system.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-examples'>
+ <title>EXAMPLES</title>
+ <para>
+ To grant a remote user access by <filename>/etc/hosts.equiv</filename>
+ or <filename>.rhosts</filename> for <command>rsh</command> add the
+ following lines to <filename>/etc/pam.d/rsh</filename>:
+ <programlisting>
+#%PAM-1.0
+#
+auth required pam_rhosts.so
+auth required pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+ </programlisting>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>rootok</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>hosts.equiv</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>rhosts</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_rhosts-author'>
+ <title>AUTHOR</title>
+ <para>
+ pam_rhosts was written by Thorsten Kukuk &lt;kukuk@thkukuk.de&gt;
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/modules/pam_rhosts/pam_rhosts.c b/modules/pam_rhosts/pam_rhosts.c
new file mode 100644
index 00000000..8e120614
--- /dev/null
+++ b/modules/pam_rhosts/pam_rhosts.c
@@ -0,0 +1,155 @@
+/*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "config.h"
+
+#include <pwd.h>
+#include <netdb.h>
+#include <string.h>
+#include <syslog.h>
+
+#define PAM_SM_AUTH /* only defines this management group */
+
+#include <security/pam_modules.h>
+#include <security/pam_modutil.h>
+#include <security/pam_ext.h>
+
+PAM_EXTERN
+int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc,
+ const char **argv)
+{
+ const char *luser = NULL;
+ const char *ruser = NULL, *rhost = NULL;
+ const char *opt_superuser = NULL;
+ const void *c_void;
+ int opt_debug = 0;
+ int opt_silent;
+ int as_root;
+ int retval;
+
+ opt_silent = flags & PAM_SILENT;
+
+ while (argc-- > 0) {
+ if (strcmp(*argv, "debug") == 0)
+ opt_debug = 1;
+ else if (strcmp (*argv, "silent") == 0 || strcmp(*argv, "suppress") == 0)
+ opt_silent = 1;
+ else if (strncmp(*argv, "superuser=", sizeof("superuser=")-1) == 0)
+ opt_superuser = *argv+sizeof("superuser=")-1;
+ else
+ pam_syslog(pamh, LOG_WARNING, "unrecognized option '%s'", *argv);
+
+ ++argv;
+ }
+
+ retval = pam_get_item (pamh, PAM_RHOST, &c_void);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not get the remote host name");
+ return retval;
+ }
+ rhost = c_void;
+
+ retval = pam_get_item(pamh, PAM_RUSER, &c_void);
+ ruser = c_void;
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not get the remote username");
+ return retval;
+ }
+
+ retval = pam_get_user(pamh, &luser, NULL);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "could not determine name of local user");
+ return retval;
+ }
+
+ if (rhost == NULL || ruser == NULL || luser == NULL)
+ return PAM_AUTH_ERR;
+
+ if (opt_superuser && strcmp(opt_superuser, luser) == 0)
+ as_root = 1;
+ else {
+ struct passwd *lpwd;
+
+ lpwd = pam_modutil_getpwnam(pamh, luser);
+ if (lpwd == NULL) {
+ if (opt_debug)
+ /* don't print by default, could be the users password */
+ pam_syslog(pamh, LOG_DEBUG,
+ "user '%s' unknown to this system", luser);
+ return PAM_USER_UNKNOWN;
+
+ }
+ as_root = (lpwd->pw_uid == 0);
+ }
+
+#ifdef HAVE_RUSEROK_AF
+ retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC);
+#else
+ retval = ruserok (rhost, as_root, ruser, luser);
+#endif
+ if (retval != 0) {
+ if (!opt_silent || opt_debug)
+ pam_syslog(pamh, LOG_WARNING, "denied access to %s@%s as %s",
+ ruser, rhost, luser);
+ return PAM_AUTH_ERR;
+ } else {
+ if (!opt_silent || opt_debug)
+ pam_syslog(pamh, LOG_NOTICE, "allowed access to %s@%s as %s",
+ ruser, rhost, luser);
+ return PAM_SUCCESS;
+ }
+}
+
+
+PAM_EXTERN int
+pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_SUCCESS;
+}
+
+
+#ifdef PAM_STATIC
+
+/* static module data */
+
+struct pam_module _pam_rhosts_modstruct = {
+ "pam_rhosts",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ NULL,
+ NULL,
+ NULL,
+ NULL,
+};
+
+#endif
diff --git a/modules/pam_rhosts/tst-pam_rhosts b/modules/pam_rhosts/tst-pam_rhosts
index 6b14ec51..65e85a98 100755
--- a/modules/pam_rhosts/tst-pam_rhosts
+++ b/modules/pam_rhosts/tst-pam_rhosts
@@ -1,2 +1,2 @@
#!/bin/sh
-../../tests/tst-dlopen .libs/pam_rhosts_auth.so
+../../tests/tst-dlopen .libs/pam_rhosts.so
diff --git a/modules/pam_rhosts/tst-pam_rhosts_auth b/modules/pam_rhosts/tst-pam_rhosts_auth
new file mode 100755
index 00000000..6b14ec51
--- /dev/null
+++ b/modules/pam_rhosts/tst-pam_rhosts_auth
@@ -0,0 +1,2 @@
+#!/bin/sh
+../../tests/tst-dlopen .libs/pam_rhosts_auth.so
diff --git a/modules/pam_rootok/pam_rootok.8 b/modules/pam_rootok/pam_rootok.8
index b1436f79..79618050 100644
--- a/modules/pam_rootok/pam_rootok.8
+++ b/modules/pam_rootok/pam_rootok.8
@@ -1,11 +1,11 @@
.\" Title: pam_rootok
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/04/2006
+.\" Date: 06/23/2006
.\" Manual: Linux\-PAM Manual
.\" Source: Linux\-PAM Manual
.\"
-.TH "PAM_ROOTOK" "8" "06/04/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_ROOTOK" "8" "06/23/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
diff --git a/po/POTFILES.in b/po/POTFILES.in
index f6c996a3..792e1d26 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -1,12 +1,12 @@
-# List of source files which contain translatable strings.
+./libpamc/test/regress/test.libpamc.c
+./libpamc/test/modules/pam_secret.c
./libpamc/pamc_converse.c
./libpamc/pamc_load.c
./libpamc/pamc_client.c
+./modules/pam_keyinit/pam_keyinit.c
./modules/pam_access/pam_access.c
./modules/pam_localuser/pam_localuser.c
./modules/pam_debug/pam_debug.c
-./modules/pam_exec/pam_exec.c
-./modules/pam_echo/pam_echo.c
./modules/pam_group/pam_group.c
./modules/pam_issue/pam_issue.c
./modules/pam_tally/pam_tally.c
@@ -23,6 +23,9 @@
./modules/pam_selinux/pam_selinux.c
./modules/pam_permit/pam_permit.c
./modules/pam_deny/pam_deny.c
+./modules/pam_echo/pam_echo.c
+./modules/pam_exec/pam_exec.c
+./modules/pam_rhosts/pam_rhosts.c
./modules/pam_rhosts/pam_rhosts_auth.c
./modules/pam_mail/pam_mail.c
./modules/pam_motd/pam_motd.c
@@ -46,38 +49,42 @@
./modules/pam_stress/pam_stress.c
./modules/pam_cracklib/pam_cracklib.c
./modules/pam_userdb/pam_userdb.c
+./modules/pam_namespace/pam_namespace.c
+./modules/pam_namespace/md5.c
./modules/pam_securetty/pam_securetty.c
./modules/pam_succeed_if/pam_succeed_if.c
./modules/pam_nologin/pam_nologin.c
./modules/pam_listfile/pam_listfile.c
./modules/pam_env/pam_env.c
./modules/pam_ftp/pam_ftp.c
+./libpam/pam_modutil_cleanup.c
./libpam/pam_delay.c
./libpam/pam_handlers.c
./libpam/pam_auth.c
./libpam/pam_data.c
./libpam/pam_end.c
./libpam/pam_env.c
+./libpam/pam_modutil_ingroup.c
./libpam/pam_item.c
+./libpam/pam_dynamic.c
./libpam/pam_misc.c
+./libpam/pam_syslog.c
./libpam/pam_static.c
./libpam/pam_dispatch.c
+./libpam/pam_modutil_getpwnam.c
+./libpam/pam_modutil_getpwuid.c
./libpam/pam_start.c
./libpam/pam_strerror.c
./libpam/pam_password.c
+./libpam/pam_modutil_ioloop.c
+./libpam/pam_modutil_getlogin.c
+./libpam/pam_modutil_getspnam.c
./libpam/pam_session.c
+./libpam/pam_audit.c
./libpam/pam_prelude.c
./libpam/pam_account.c
-./libpam/pam_syslog.c
./libpam/pam_vprompt.c
-./libpam/pam_modutil_getlogin.c
-./libpam/pam_modutil_cleanup.c
-./libpam/pam_modutil_getspnam.c
-./libpam/pam_modutil_ingroup.c
./libpam/pam_modutil_getgrgid.c
./libpam/pam_modutil_getgrnam.c
-./libpam/pam_modutil_getpwnam.c
-./libpam/pam_modutil_getpwuid.c
-./libpam/pam_modutil_ioloop.c
./libpam_misc/help_env.c
./libpam_misc/misc_conv.c