diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:47:05 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:47:05 -0800 |
| commit | 4c51da22e068907adb7857d50f5109a467c94d7c (patch) | |
| tree | becf5fbae5dfcbe8896355f59042dc8eaefa7f37 /Linux-PAM/doc | |
| parent | efd31890b5ed496a5a00c08a262da240e66a4ddc (diff) | |
| parent | ab9e8ba11f464fc083fc65a0bc695d60ebc86f3e (diff) | |
New upstream version 0.79
Diffstat (limited to 'Linux-PAM/doc')
49 files changed, 206 insertions, 149 deletions
diff --git a/Linux-PAM/doc/CREDITS b/Linux-PAM/doc/CREDITS index 1b40f7fd..528032bb 100644 --- a/Linux-PAM/doc/CREDITS +++ b/Linux-PAM/doc/CREDITS @@ -1,6 +1,6 @@ <!-- an sgml list of people to credit for their contributions to Linux-PAM - $Id: CREDITS,v 1.1.1.1 2001/04/29 04:16:27 hartmans Exp $ + $Id: CREDITS,v 1.2 2001/03/19 01:46:41 agmorgan Exp $ --> Chris Adams, Peter Allgeyer, diff --git a/Linux-PAM/doc/Makefile b/Linux-PAM/doc/Makefile index 20c2a23f..1c2ba510 100644 --- a/Linux-PAM/doc/Makefile +++ b/Linux-PAM/doc/Makefile @@ -1,5 +1,5 @@ -### $Id: Makefile,v 1.1.1.2 2002/09/15 20:08:24 hartmans Exp $ +### $Id: Makefile,v 1.10 2004/09/22 09:37:47 kukuk Exp $ include ../Make.Rules @@ -25,7 +25,7 @@ dummy: # can type make pdf in this directory and see what happens in the pdf # subdirectory. -all: htmls texts postscript +all: htmls texts postscript pdf htmls: $(HTMLS) @@ -125,12 +125,12 @@ ifneq ($(PSER),) for file in ps/*.ps; do \ install -m 644 $$file $(FAKEROOT)$(DOCDIR)/ps ; \ done - ifeq ($(HAVE_PS2PDF),yes) - mkdir -p $(FAKEROOT)$(DOCDIR)/pdf - for file in pdf/*.pdf; do \ - install -m 644 $$file $(FAKEROOT)$(DOCDIR)/pdf ; \ - done - endif +ifeq ($(HAVE_PS2PDF),yes) + mkdir -p $(FAKEROOT)$(DOCDIR)/pdf + for file in pdf/*.pdf; do \ + install -m 644 $$file $(FAKEROOT)$(DOCDIR)/pdf ; \ + done +endif endif ifeq ($(HAVE_SGML2HTML),yes) mkdir -p $(FAKEROOT)$(DOCDIR)/html @@ -152,7 +152,9 @@ spec: specs/draft-morgan-pam.raw specs/formatter/padout < specs/draft-morgan-pam.raw > specs/draft-morgan-pam-current.txt releasedocs: all spec - tar zvfc Linux-PAM-$(MAJOR_REL).$(MINOR_REL)-docs.tar.gz --exclude CVS html ps txts specs/draft-morgan-pam-current.txt + tar zvfc Linux-PAM-$(MAJOR_REL).$(MINOR_REL)-docs.tar.gz \ + --exclude CVS --exclude .cvsignore --exclude '.#*' \ + html ps txts specs/draft-morgan-pam-current.txt clean: rm -f *~ *.bak diff --git a/Linux-PAM/doc/html/index.html b/Linux-PAM/doc/html/index.html index 8ab3b9ec..5cb1e0f0 100644 --- a/Linux-PAM/doc/html/index.html +++ b/Linux-PAM/doc/html/index.html @@ -17,5 +17,5 @@ currently not complete. However, in order of decreasing length: <hr> <p> -REVISION: <tt>$Id: index.html,v 1.1.1.1 2001/04/29 04:16:52 hartmans Exp $</tt> +REVISION: <tt>$Id: index.html,v 1.1.1.1 2000/06/20 22:10:56 agmorgan Exp $</tt> </BODY> diff --git a/Linux-PAM/doc/man/pam.8 b/Linux-PAM/doc/man/pam.8 index f2ef9c1f..81f9eb35 100644 --- a/Linux-PAM/doc/man/pam.8 +++ b/Linux-PAM/doc/man/pam.8 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam.8,v 1.1.1.1 2001/04/29 04:16:52 hartmans Exp $ +.\" $Id: pam.8,v 1.3 2003/09/25 17:49:29 baggins Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7,2001 <morgan@kernel.org> .TH PAM 8 "2001 Jan 20" "Linux-PAM 0.74" "Linux-PAM Manual" .SH NAME @@ -231,6 +231,12 @@ only module in the stack associated with this .BR service "+" type "." .sp +New control directive first introduced in ALT Linux is +.BR include +- include all lines of given type from the configuration +file specified as an argument to this control. + +.sp For the more complicated syntax valid .B control values have the following form: diff --git a/Linux-PAM/doc/man/pam_authenticate.3 b/Linux-PAM/doc/man/pam_authenticate.3 index bc1cd5c9..7383f5f0 100644 --- a/Linux-PAM/doc/man/pam_authenticate.3 +++ b/Linux-PAM/doc/man/pam_authenticate.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_authenticate.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_authenticate.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> .TH PAM_AUTHENTICATE 3 "1996 Dec 9" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_chauthtok.3 b/Linux-PAM/doc/man/pam_chauthtok.3 index 94a8f2d3..a0466f0f 100644 --- a/Linux-PAM/doc/man/pam_chauthtok.3 +++ b/Linux-PAM/doc/man/pam_chauthtok.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_chauthtok.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_chauthtok.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_CHAUTHTOK 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_fail_delay.3 b/Linux-PAM/doc/man/pam_fail_delay.3 index 63cc88b3..3b72f3d9 100644 --- a/Linux-PAM/doc/man/pam_fail_delay.3 +++ b/Linux-PAM/doc/man/pam_fail_delay.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_fail_delay.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_fail_delay.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_FAIL_DELAY 3 "1997 Jan 12" "Linux-PAM 0.56" "Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_open_session.3 b/Linux-PAM/doc/man/pam_open_session.3 index 05ccbb88..53f6adf1 100644 --- a/Linux-PAM/doc/man/pam_open_session.3 +++ b/Linux-PAM/doc/man/pam_open_session.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_open_session.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_open_session.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_OPEN_SESSION 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_set_item.3 b/Linux-PAM/doc/man/pam_set_item.3 index ad759cfd..ddd081fe 100644 --- a/Linux-PAM/doc/man/pam_set_item.3 +++ b/Linux-PAM/doc/man/pam_set_item.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_set_item.3,v 1.1.1.1 2002/09/15 20:08:27 hartmans Exp $ +.\" $Id: pam_set_item.3,v 1.1 2001/12/08 19:02:48 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@kernel.org> .TH PAM_SET_ITEM 3 "2001 Jan 21" "Linux-PAM" "App. Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_setcred.3 b/Linux-PAM/doc/man/pam_setcred.3 index 9681690c..ea251405 100644 --- a/Linux-PAM/doc/man/pam_setcred.3 +++ b/Linux-PAM/doc/man/pam_setcred.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_setcred.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_setcred.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@parc.power.net> .TH PAM_SETCRED 3 "1997 July 6" "Linux-PAM 0.58" "App. Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_start.3 b/Linux-PAM/doc/man/pam_start.3 index 159bf201..a912cc75 100644 --- a/Linux-PAM/doc/man/pam_start.3 +++ b/Linux-PAM/doc/man/pam_start.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_start.3,v 1.1.1.1 2001/04/29 04:16:53 hartmans Exp $ +.\" $Id: pam_start.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> .TH PAM_START 3 "1997 Feb 15" "Linux-PAM 0.56" "Application Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/pam_strerror.3 b/Linux-PAM/doc/man/pam_strerror.3 index 84622088..b2318f28 100644 --- a/Linux-PAM/doc/man/pam_strerror.3 +++ b/Linux-PAM/doc/man/pam_strerror.3 @@ -1,6 +1,6 @@ .\" Hey Emacs! This file is -*- nroff -*- source. .\" ripped off from Rick Faith's getgroups man page -.\" $Id: pam_strerror.3,v 1.1.1.1 2001/04/29 04:16:54 hartmans Exp $ +.\" $Id: pam_strerror.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@linux.kernel.org> .TH PAM_STRERROR 3 "1999 Oct 4" "Linux-PAM 0.70" "Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/man/template-man b/Linux-PAM/doc/man/template-man index 5ba564a0..11e7a061 100644 --- a/Linux-PAM/doc/man/template-man +++ b/Linux-PAM/doc/man/template-man @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: template-man,v 1.1.1.1 2001/04/29 04:16:54 hartmans Exp $ +.\" $Id: template-man,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_???? 2 "1997 Jan 4" "Linux-PAM 0.55" "Application Programmers' Manual" .SH NAME diff --git a/Linux-PAM/doc/modules/README b/Linux-PAM/doc/modules/README index b81f1d26..653448f3 100644 --- a/Linux-PAM/doc/modules/README +++ b/Linux-PAM/doc/modules/README @@ -1,4 +1,4 @@ -$Id: README,v 1.1.1.2 2002/09/15 20:08:28 hartmans Exp $ +$Id: README,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This directory contains a number of sgml sub-files. One for each documented module. They contain a description of each module and give diff --git a/Linux-PAM/doc/modules/module.sgml-template b/Linux-PAM/doc/modules/module.sgml-template index 36ffe617..3fffc754 100644 --- a/Linux-PAM/doc/modules/module.sgml-template +++ b/Linux-PAM/doc/modules/module.sgml-template @@ -1,6 +1,6 @@ <!-- - $Id: module.sgml-template,v 1.1.1.1 2001/04/29 04:16:54 hartmans Exp $ + $Id: module.sgml-template,v 1.2 2001/02/11 07:52:56 agmorgan Exp $ This template file was written by Andrew G. Morgan <morgan@kernel.org> diff --git a/Linux-PAM/doc/modules/pam_chroot.sgml b/Linux-PAM/doc/modules/pam_chroot.sgml index 2bc3e8af..2366880e 100644 --- a/Linux-PAM/doc/modules/pam_chroot.sgml +++ b/Linux-PAM/doc/modules/pam_chroot.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_chroot.sgml,v 1.1.1.1 2001/04/29 04:16:55 hartmans Exp $ + $Id: pam_chroot.sgml,v 1.1.1.1 2000/06/20 22:10:59 agmorgan Exp $ This file was written by Bruce Campbell <brucec@humbug.org.au> --> diff --git a/Linux-PAM/doc/modules/pam_cracklib.sgml b/Linux-PAM/doc/modules/pam_cracklib.sgml index de1d5df2..d6fc0c56 100644 --- a/Linux-PAM/doc/modules/pam_cracklib.sgml +++ b/Linux-PAM/doc/modules/pam_cracklib.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_cracklib.sgml,v 1.1.1.2 2002/09/15 20:08:28 hartmans Exp $ + $Id: pam_cracklib.sgml,v 1.5 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> long password amendments are from Philip W. Dalrymple III <pwd@mdtsoft.com> diff --git a/Linux-PAM/doc/modules/pam_deny.sgml b/Linux-PAM/doc/modules/pam_deny.sgml index d8041d19..bf9dfd2b 100644 --- a/Linux-PAM/doc/modules/pam_deny.sgml +++ b/Linux-PAM/doc/modules/pam_deny.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_deny.sgml,v 1.1.1.2 2002/09/15 20:08:29 hartmans Exp $ + $Id: pam_deny.sgml,v 1.3 2002/05/10 04:03:02 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_env.sgml b/Linux-PAM/doc/modules/pam_env.sgml index 0ca18fe4..a6361cac 100644 --- a/Linux-PAM/doc/modules/pam_env.sgml +++ b/Linux-PAM/doc/modules/pam_env.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_env.sgml,v 1.1.1.1 2001/04/29 04:16:54 hartmans Exp $ + $Id: pam_env.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $ This file was written by Dave Kinchlea <kinch@kinch.ark.com> Ed. AGM diff --git a/Linux-PAM/doc/modules/pam_filter.sgml b/Linux-PAM/doc/modules/pam_filter.sgml index 1d582abc..e22ad9b6 100644 --- a/Linux-PAM/doc/modules/pam_filter.sgml +++ b/Linux-PAM/doc/modules/pam_filter.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_filter.sgml,v 1.1.1.2 2002/09/15 20:08:29 hartmans Exp $ + $Id: pam_filter.sgml,v 1.3 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_ftp.sgml b/Linux-PAM/doc/modules/pam_ftp.sgml index 3ea43713..cb4c4f33 100644 --- a/Linux-PAM/doc/modules/pam_ftp.sgml +++ b/Linux-PAM/doc/modules/pam_ftp.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_ftp.sgml,v 1.1.1.2 2002/09/15 20:08:29 hartmans Exp $ + $Id: pam_ftp.sgml,v 1.3 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_group.sgml b/Linux-PAM/doc/modules/pam_group.sgml index 770933bc..2d767275 100644 --- a/Linux-PAM/doc/modules/pam_group.sgml +++ b/Linux-PAM/doc/modules/pam_group.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_group.sgml,v 1.1.1.2 2002/09/15 20:08:30 hartmans Exp $ + $Id: pam_group.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_krb4.sgml b/Linux-PAM/doc/modules/pam_krb4.sgml index 2fc8518e..51a46522 100644 --- a/Linux-PAM/doc/modules/pam_krb4.sgml +++ b/Linux-PAM/doc/modules/pam_krb4.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_krb4.sgml,v 1.1.1.1 2001/04/29 04:16:55 hartmans Exp $ + $Id: pam_krb4.sgml,v 1.1.1.1 2000/06/20 22:11:01 agmorgan Exp $ This file was written by Derrick J. Brashear <shadow@DEMENTIA.ORG> --> diff --git a/Linux-PAM/doc/modules/pam_lastlog.sgml b/Linux-PAM/doc/modules/pam_lastlog.sgml index e79723b3..451bfaa2 100644 --- a/Linux-PAM/doc/modules/pam_lastlog.sgml +++ b/Linux-PAM/doc/modules/pam_lastlog.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_lastlog.sgml,v 1.1.1.1 2001/04/29 04:16:55 hartmans Exp $ + $Id: pam_lastlog.sgml,v 1.2 2001/02/17 01:55:38 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_limits.sgml b/Linux-PAM/doc/modules/pam_limits.sgml index 65ce6d82..22674d42 100644 --- a/Linux-PAM/doc/modules/pam_limits.sgml +++ b/Linux-PAM/doc/modules/pam_limits.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_limits.sgml,v 1.1.1.2 2002/09/15 20:08:31 hartmans Exp $ + $Id: pam_limits.sgml,v 1.7 2002/05/09 12:00:35 baggins Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> from information compiled by Cristian Gafton (author of module) diff --git a/Linux-PAM/doc/modules/pam_listfile.sgml b/Linux-PAM/doc/modules/pam_listfile.sgml index f39d8bc6..1284d1b6 100644 --- a/Linux-PAM/doc/modules/pam_listfile.sgml +++ b/Linux-PAM/doc/modules/pam_listfile.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_listfile.sgml,v 1.1.1.1 2001/04/29 04:16:56 hartmans Exp $ + $Id: pam_listfile.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $ This file was written by Michael K. Johnson <johnsonm@redhat.com> --> diff --git a/Linux-PAM/doc/modules/pam_mail.sgml b/Linux-PAM/doc/modules/pam_mail.sgml index 397df29e..c157659a 100644 --- a/Linux-PAM/doc/modules/pam_mail.sgml +++ b/Linux-PAM/doc/modules/pam_mail.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_mail.sgml,v 1.1.1.2 2002/09/15 20:08:31 hartmans Exp $ + $Id: pam_mail.sgml,v 1.4 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_mkhomedir.sgml b/Linux-PAM/doc/modules/pam_mkhomedir.sgml index 075e16f9..8428565d 100644 --- a/Linux-PAM/doc/modules/pam_mkhomedir.sgml +++ b/Linux-PAM/doc/modules/pam_mkhomedir.sgml @@ -46,7 +46,7 @@ Creates home directories on the fly for authenticated users. <descrip> <tag><bf>Recognized arguments:</bf></tag> -<tt/debug/; <tt/skel=skeleton-dir/; <tt/umask=octal-umask/; +<tt/skel=skeleton-dir/; <tt/umask=octal-umask/; <tag><bf>Description:</bf></tag> This module is useful for distributed systems where the user account is diff --git a/Linux-PAM/doc/modules/pam_nologin.sgml b/Linux-PAM/doc/modules/pam_nologin.sgml index e2463570..241c24f0 100644 --- a/Linux-PAM/doc/modules/pam_nologin.sgml +++ b/Linux-PAM/doc/modules/pam_nologin.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_nologin.sgml,v 1.1.1.2 2002/09/15 20:08:31 hartmans Exp $ + $Id: pam_nologin.sgml,v 1.3 2002/06/27 05:43:28 agmorgan Exp $ This file was written by Michael K. Johnson <johnsonm@redhat.com> --> diff --git a/Linux-PAM/doc/modules/pam_permit.sgml b/Linux-PAM/doc/modules/pam_permit.sgml index 969e6b84..1d6bbce4 100644 --- a/Linux-PAM/doc/modules/pam_permit.sgml +++ b/Linux-PAM/doc/modules/pam_permit.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_permit.sgml,v 1.1.1.2 2002/09/15 20:08:31 hartmans Exp $ + $Id: pam_permit.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_pwdb.sgml b/Linux-PAM/doc/modules/pam_pwdb.sgml index df0cb329..7b237d2e 100644 --- a/Linux-PAM/doc/modules/pam_pwdb.sgml +++ b/Linux-PAM/doc/modules/pam_pwdb.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_pwdb.sgml,v 1.1.1.2 2002/09/15 20:08:32 hartmans Exp $ + $Id: pam_pwdb.sgml,v 1.4 2002/07/11 05:43:50 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> @@ -99,7 +99,8 @@ login account required pam_pwdb.so <tt/try_first_pass/; <tt/nullok/; <tt/nodelay/; -<tt/likeauth/ +<tt/likeauth/; +<tt/noreap/ <tag><bf>Description:</bf></tag> @@ -137,7 +138,14 @@ password when it is stored in a read protected database. This binary is very simple and will only check the password of the user invoking it. It is called transparently on behalf of the user by the authenticating component of this module. In this way it is possible -for applications like <em>xlock</em> to work without being setuid-root. +for applications like <em>xlock</em> to work without being +setuid-root. The module, by default, will temporarily turn off +<tt/SIGCHLD/ handling for the duration of execution of the helper +binary. This is generally the right thing to do, as many applications +are not prepared to handle this signal from a child they didn't know +was <tt/fork()/d. The <tt/noreap/ module argument can be used to +suppress this temporary shielding and may be needed for use with +certain applications. <p> The <tt>likeauth</tt> argument makes the module return the same value diff --git a/Linux-PAM/doc/modules/pam_radius.sgml b/Linux-PAM/doc/modules/pam_radius.sgml index b452bebd..8ebfa0a8 100644 --- a/Linux-PAM/doc/modules/pam_radius.sgml +++ b/Linux-PAM/doc/modules/pam_radius.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_radius.sgml,v 1.1.1.1 2001/04/29 04:16:57 hartmans Exp $ + $Id: pam_radius.sgml,v 1.2 2001/03/19 01:46:41 agmorgan Exp $ This file was written by Cristian Gafton <gafton@redhat.com> --> diff --git a/Linux-PAM/doc/modules/pam_rhosts.sgml b/Linux-PAM/doc/modules/pam_rhosts.sgml index 4b9d1a89..ded5697b 100644 --- a/Linux-PAM/doc/modules/pam_rhosts.sgml +++ b/Linux-PAM/doc/modules/pam_rhosts.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_rhosts.sgml,v 1.1.1.2 2002/09/15 20:08:32 hartmans Exp $ + $Id: pam_rhosts.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_rootok.sgml b/Linux-PAM/doc/modules/pam_rootok.sgml index e882f4d5..b5ae6921 100644 --- a/Linux-PAM/doc/modules/pam_rootok.sgml +++ b/Linux-PAM/doc/modules/pam_rootok.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_rootok.sgml,v 1.1.1.2 2002/09/15 20:08:32 hartmans Exp $ + $Id: pam_rootok.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_securetty.sgml b/Linux-PAM/doc/modules/pam_securetty.sgml index f500b8b2..fc89af23 100644 --- a/Linux-PAM/doc/modules/pam_securetty.sgml +++ b/Linux-PAM/doc/modules/pam_securetty.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_securetty.sgml,v 1.1.1.1 2001/04/29 04:16:57 hartmans Exp $ + $Id: pam_securetty.sgml,v 1.1.1.1 2000/06/20 22:11:04 agmorgan Exp $ This file was written by Michael K. Johnson <johnsonm@redhat.com> --> diff --git a/Linux-PAM/doc/modules/pam_tally.sgml b/Linux-PAM/doc/modules/pam_tally.sgml index a2d03435..ee6fad46 100644 --- a/Linux-PAM/doc/modules/pam_tally.sgml +++ b/Linux-PAM/doc/modules/pam_tally.sgml @@ -1,6 +1,6 @@ <!-- - $Id: pam_tally.sgml,v 1.1.1.1 2001/04/29 04:16:57 hartmans Exp $ + $Id: pam_tally.sgml,v 1.3 2005/01/16 22:12:25 toady Exp $ This template file was written by Andrew G. Morgan <morgan@kernel.org> adapted from text provided by Tim Baverstock. @@ -18,6 +18,7 @@ pam_tally <tag><bf>Author[s]:</bf></tag> Tim Baverstock +Tomas Mraz <tag><bf>Maintainer:</bf></tag> @@ -61,9 +62,7 @@ want to use the supplied appliction. <p> Note, there are some outstanding issues with this module: <tt>pam_tally</tt> is very dependant on <tt>getpw*()</tt> - a database -of usernames would be much more flexible; the `keep a count of current -logins' bit has been <tt>#ifdef</tt>'d out and you can only reset the -counter on successful authentication, for now. +of usernames would be much more flexible <sect3>Generic options accepted by both components <p> @@ -74,6 +73,11 @@ counter on successful authentication, for now. <item> <tt>file=</tt><em>/where/to/keep/counts</em>: specify the file location for the counts. The default location is <tt>/var/log/faillog</tt>. +<item> <tt>audit</tt>: + display the username typed if the user is not found. It may be + useful for scripts, but you should know users often type their + password instead making your system weaker. Activate it only if you + know what you are doing. </itemize> <sect2>Authentication component @@ -84,23 +88,46 @@ counter on successful authentication, for now. <tag><bf>Recognized arguments:</bf></tag> <tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>); <tt>file=</tt>/where/to/keep/counts; -<tt>no_magic_root</tt> +<tt>deny=</tt><em>n</em>; +<tt>lock_time=</tt><em>n</em>; +<tt>unlock_time=</tt><em>n</em>; +<tt>magic_root</tt>; +<tt>even_deny_root_account</tt>; +<tt>per_user</tt>; +<tt>no_lock_time</tt> +<tt>no_reset</tt>; <tag><bf>Description:</bf></tag> <p> -The authentication component of this module increments the attempted -login counter. +The authentication component first checks if the user should be denied +access and if not it increments attempted login counter. +Then on call to <tt>pam_setcred</tt> it resets the attempts counter +if the user is NOT magic root. <p> <tag><bf>Examples/suggested usage:</bf></tag> <p> -The module argument <tt>no_magic_root</tt> is used to indicate that if -the module is invoked by a user with uid=0, then the counter is -incremented. The sys-admin should use this for daemon-launched -services, like <tt>telnet</tt>/<tt>rsh</tt>/<tt>login</tt>. For user -launched services, like <tt>su</tt>, this argument should be omitted. +The <tt>deny=</tt><em>n</em> option is used to deny access if tally +for this user exceeds <em>n</em>. + +<p> +The <tt>lock_time=</tt><em>n</em> option is used to always deny access +for at least <em>n</em> seconds after a failed attempt. + +<p> +The <tt>unlock_time=</tt><em>n</em> option is used to allow access after +<em>n</em> seconds after the last failed attempt with exceeded tally. +If this option is used the user will be locked out only for the specified +amount of time after he exceeded his maximum allowed attempts. Otherwise +the lock is removed only by a manual intervention of the system administrator. + +<p> +The <tt>magic_root</tt> option is used to indicate that if +the module is invoked by a user with uid=0, then the counter is not +incremented. The sys-admin should use this for user launched services, +like <tt>su</tt>, otherwise this argument should be omitted. <p> By way of more explanation, when a process already running as root @@ -109,9 +136,33 @@ bypasses <tt>pam_tally</tt>'s checks: this is handy for <tt>su</tt>ing from root into an account otherwise blocked. However, for services like <tt>telnet</tt> or <tt>login</tt>, which always effectively run from the root account, root (ie everyone) shouldn't be granted this -magic status, and the flag `no_magic_root' should be set in this +magic status, and the flag `magic_root' should not be set in this situation, as noted in the summary above. +<p> +Normally, failed attempts to access root will <bf>NOT</bf> cause the +root account to become blocked, to prevent denial-of-service: if your +users aren't given shell accounts and root may only login via +<tt>su</tt> or at the machine console (not +<tt>telnet</tt>/<tt>rsh</tt>, etc), this is safe. If you really want +root to be blocked for some given service, use +<tt>even_deny_root_account</tt>. + +<p> +If <tt>/var/log/faillog</tt> contains a non-zero <tt>.fail_max/.fail_locktime</tt> +field for this user then the <tt>per_user</tt> module argument will +ensure that the module uses this value and not the global +<tt>deny/lock_time=</tt><em>n</em> parameter. + +<p> +The <tt>no_lock_time</tt> option is for ensuring that the module does +not use the <tt>.fail_locktime</tt> field in /var/log/faillog for this +user. + +<p> +The <tt>no_reset</tt> option is used to instruct the module to not reset +the count on successful entry. + </descrip> <sect2>Account component @@ -122,67 +173,28 @@ situation, as noted in the summary above. <tag><bf>Recognized arguments:</bf></tag> <tt>onerr=</tt>(<tt>succeed</tt>|<tt>fail</tt>); <tt>file=</tt>/where/to/keep/counts; -<tt>deny=</tt><em>n</em>; -<tt>no_magic_root</tt>; -<tt>even_deny_root_account</tt>; -<tt>reset</tt>; +<tt>magic_root</tt>; <tt>no_reset</tt>; -<tt>per_user</tt>; -<tt>no_lock_time</tt> <tag><bf>Description:</bf></tag> <p> -The account component can deny access and/or reset the attempts -counter. It also checks to make sure that the counts file is a plain -file and not world writable. +The account component resets attempts counter if the user is NOT +magic root. This phase can be used optionaly for services which don't call +pam_setcred correctly or if the reset should be done regardless +of the failure of the account phase of other modules. <tag><bf>Examples/suggested usage:</bf></tag> <p> -The <tt>deny=</tt><em>n</em> option is used to deny access if tally -for this user exceeds <em>n</em>. The presence of -<tt>deny=</tt><em>n</em> changes the default for -<tt>reset</tt>/<tt>no_reset</tt> to <tt>reset</tt>, unless the user -trying to gain access is root and the <tt>no_magic_root</tt> option -has NOT been specified. +The <tt>magic_root</tt> option is used to indicate that if +the module is invoked by a user with uid=0, then the counter is not +decremented/reset. The sys-admin should use this for user launched services, +like <tt>su</tt>, otherwise this argument should be omitted. <p> -The <tt>no_magic_root</tt> option ensures that access attempts by root -DON'T ignore deny. Use this for daemon-based stuff, like -<tt>telnet</tt>/<tt>rsh</tt>/<tt>login</tt>. - -<p> -The <tt>even_deny_root_account</tt> option is used to ensure that the -root account can become unavailable. <bf>Note</bf> that magic root -trying to gain root bypasses this, but normal users can be locked out. - -<p> -The <tt>reset</tt> option instructs the module to reset count to 0 on -successful entry, even for magic root. The <tt>no_reset</tt> option is -used to instruct the module to not reset the count on successful -entry. This is the default unless <tt>deny</tt> exists and the user -attempting access is NOT magic root. - -<p> -If <tt>/var/log/faillog</tt> contains a non-zero <tt>.fail_max</tt> -field for this user then the <tt>per_user</tt> module argument will -ensure that the module uses this value and not the global -<tt>deny=</tt><em>n</em> parameter. - -<p> -The <tt>no_lock_time</tt> option is for ensuring that the module does -not use the <tt>.fail_locktime</tt> field in /var/log/faillog for this -user. - -<p> -Normally, failed attempts to access root will <bf>NOT</bf> cause the -root account to become blocked, to prevent denial-of-service: if your -users aren't given shell accounts and root may only login via -<tt>su</tt> or at the machine console (not -<tt>telnet</tt>/<tt>rsh</tt>, etc), this is safe. If you really want -root to be blocked for some given service, use -<tt>even_deny_root_account</tt>. +The <tt>no_reset</tt> option is used to instruct the module to not reset +the count on successful entry. </descrip> diff --git a/Linux-PAM/doc/modules/pam_time.sgml b/Linux-PAM/doc/modules/pam_time.sgml index 785f76c2..ef761223 100644 --- a/Linux-PAM/doc/modules/pam_time.sgml +++ b/Linux-PAM/doc/modules/pam_time.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_time.sgml,v 1.1.1.2 2002/09/15 20:08:33 hartmans Exp $ + $Id: pam_time.sgml,v 1.4 2002/05/10 04:03:02 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_unix.sgml b/Linux-PAM/doc/modules/pam_unix.sgml index 286cd3f8..86c584a8 100644 --- a/Linux-PAM/doc/modules/pam_unix.sgml +++ b/Linux-PAM/doc/modules/pam_unix.sgml @@ -97,7 +97,8 @@ login account required pam_unix.so <tt/use_first_pass/; <tt/try_first_pass/; <tt/nullok/; -<tt/nodelay/ +<tt/nodelay/; +<tt/noreap/ <tag><bf>Description:</bf></tag> @@ -126,17 +127,24 @@ authentication as a whole fail. The default action is for the module to request a delay-on-failure of the order of one second. <p> -Remaining arguments, supported by the other functions of this module, -are silently ignored. Other arguments are logged as errors through -<tt/syslog(3)/. - -<p> A helper binary, <tt>unix_chkpwd</tt>, is provided to check the user's password when it is stored in a read protected database. This binary is very simple and will only check the password of the user invoking it. It is called transparently on behalf of the user by the authenticating component of this module. In this way it is possible -for applications like <em>xlock</em> to work without being setuid-root. +for applications like <em>xlock</em> to work without being +setuid-root. The module, by default, will temporarily turn off +<tt/SIGCHLD/ handling for the duration of execution of the helper +binary. This is generally the right thing to do, as many applications +are not prepared to handle this signal from a child they didn't know +was <tt/fork()/d. The <tt/noreap/ module argument can be used to +suppress this temporary shielding and may be needed for use with +certain applications. + +<p> +Remaining arguments, supported by the other functions of this module, +are silently ignored. Other arguments are logged as errors through +<tt/syslog(3)/. <tag><bf>Examples/suggested usage:</bf></tag> diff --git a/Linux-PAM/doc/modules/pam_userdb.sgml b/Linux-PAM/doc/modules/pam_userdb.sgml index bdbf80b8..155a2668 100644 --- a/Linux-PAM/doc/modules/pam_userdb.sgml +++ b/Linux-PAM/doc/modules/pam_userdb.sgml @@ -50,6 +50,8 @@ what is contained in that database. <tt/icase/; <tt/dump/; <tt/db=XXXX/; +<tt/use_authtok/; +<tt/unknown_ok/; <tag><bf>Description:</bf></tag> @@ -59,7 +61,7 @@ fields corresponding to the username keys are the passwords, in unencrypted form so caution must be exercised over the access rights to the DB database itself.. The module will read the password from the user using the conversation mechanism. If -you are using this module on top of another authetication module (like <tt/pam_pwdb/;) +you are using this module on top of another authentication module (like <tt/pam_pwdb/;) then you should tell that module to read the entered password from the PAM_AUTHTOK field, which is set by this module. <p> @@ -85,6 +87,18 @@ use the database found on pathname XXXX. Note that Berkeley DB usually adds the needed filename extension for you, so you should use something like <tt>/etc/foodata</tt> instead of <tt>/etc/foodata.db</tt>. +<item> <tt/use_authtok/ - +use the authentication token previously obtained by another module that did the +conversation with the application. If this token can not be obtained then +the module will try to converse again. This option can be used for stacking +different modules that need to deal with the authentication tokens. + +<item> +<tt/unknown_ok/ - +do not return error when checking for a user that is not in the database. +This can be used to stack more than one pam_userdb module that will check a +username/password pair in more than a database. + </itemize> <tag><bf>Examples/suggested usage:</bf></tag> diff --git a/Linux-PAM/doc/modules/pam_warn.sgml b/Linux-PAM/doc/modules/pam_warn.sgml index caedf873..b015554d 100644 --- a/Linux-PAM/doc/modules/pam_warn.sgml +++ b/Linux-PAM/doc/modules/pam_warn.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_warn.sgml,v 1.1.1.2 2002/09/15 20:08:33 hartmans Exp $ + $Id: pam_warn.sgml,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> --> diff --git a/Linux-PAM/doc/modules/pam_wheel.sgml b/Linux-PAM/doc/modules/pam_wheel.sgml index cc064120..e4dc501a 100644 --- a/Linux-PAM/doc/modules/pam_wheel.sgml +++ b/Linux-PAM/doc/modules/pam_wheel.sgml @@ -1,5 +1,5 @@ <!-- - $Id: pam_wheel.sgml,v 1.1.1.2 2002/09/15 20:08:33 hartmans Exp $ + $Id: pam_wheel.sgml,v 1.3 2002/07/13 05:48:19 agmorgan Exp $ This file was written by Andrew G. Morgan <morgan@kernel.org> from notes provided by Cristian Gafton. @@ -22,7 +22,7 @@ Cristian Gafton <gafton@redhat.com> Author. <tag><bf>Management groups provided:</bf></tag> -authentication +authentication; account <tag><bf>Cryptographically sensitive:</bf></tag> @@ -31,7 +31,6 @@ authentication <tag><bf>Clean code base:</bf></tag> <tag><bf>System dependencies:</bf></tag> -Requires libpwdb. <tag><bf>Network aware:</bf></tag> @@ -42,7 +41,7 @@ Requires libpwdb. <p> Only permit root access to members of the wheel (<tt/gid=0/) group. -<sect2>Authentication component +<sect2>Authentication and Account components <p> <descrip> @@ -56,13 +55,17 @@ Only permit root access to members of the wheel (<tt/gid=0/) group. <tag><bf>Description:</bf></tag> -This module is used to enforce the so-called <em/wheel/ group. By +This module is used to enforce the so-called <em/wheel/ group. By default, it permits root access to the system if the applicant user is a member of the <tt/wheel/ group (first, the module checks for the existence of a '<tt/wheel/' group. Otherwise the module defines the group with group-id <tt/0/ to be the <em/wheel/ group). <p> +The module can be used as either an '<tt/auth/' or an '<tt/account/' +module. + +<p> The action of the module may be modified from this default by one or more of the following flags in the <tt>/etc/pam.conf</tt> file. <itemize> @@ -88,10 +91,13 @@ password. <bf/USE WITH CARE/. <item> <tt/deny/ - -This is used to reverse the logic of the module's behavior. -If the user is trying to get <tt/uid=0/ access and is a member of the wheel +This is used to reverse the logic of the module's behavior. If the +user is trying to get <tt/uid=0/ access and is a member of the wheel group, deny access (for the wheel group, this is perhaps nonsense!): it is intended for use in conjunction with the <tt/group=/ argument... +Conversely, if the user is not in the group, return <tt/PAM_IGNORE/ +(unless <tt/trust/ was also specified, in which case we return +<tt/PAM_SUCCESS/). <item> <tt/group=XXXX/ - @@ -114,7 +120,7 @@ file: # su auth sufficient pam_rootok.so su auth required pam_wheel.so -su auth required pam_unix_auth.so +su auth required pam_unix.so </verb> </tscreen> diff --git a/Linux-PAM/doc/pam_appl.sgml b/Linux-PAM/doc/pam_appl.sgml index f6d35b4e..33fdcba6 100644 --- a/Linux-PAM/doc/pam_appl.sgml +++ b/Linux-PAM/doc/pam_appl.sgml @@ -2,7 +2,7 @@ <!-- - $Id: pam_appl.sgml,v 1.1.1.2 2002/09/15 20:08:24 hartmans Exp $ + $Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $ Copyright (C) Andrew G. Morgan 1996-2001. All rights reserved. @@ -442,12 +442,7 @@ However, the application should expect one of the following errors: </descrip> <p> -Note, in the case of an error, the contents of <tt/item/ is not -modified - that is, it retains its pre-call value. One should take -care to initialize this value prior to calling -<tt/pam_get_item()/. Since, if its value - despite the -<tt/pam_get_item()/ function failing - is to be used the consequences -are undefined. +In the case of an error, the contents of <tt/item/ is set to <tt/NULL/. <sect2>Understanding errors <label id="pam-strerror-section"> @@ -1664,7 +1659,7 @@ This document was written by Andrew G. Morgan <!-- insert credits here --> <!-- an sgml list of people to credit for their contributions to Linux-PAM - $Id: pam_appl.sgml,v 1.1.1.2 2002/09/15 20:08:24 hartmans Exp $ + $Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $ --> Chris Adams, Peter Allgeyer, @@ -1777,6 +1772,6 @@ USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <p> -<tt>$Id: pam_appl.sgml,v 1.1.1.2 2002/09/15 20:08:24 hartmans Exp $</tt> +<tt>$Id: pam_appl.sgml,v 1.10 2004/09/22 09:37:47 kukuk Exp $</tt> </article> diff --git a/Linux-PAM/doc/pam_modules.sgml b/Linux-PAM/doc/pam_modules.sgml index c67dd448..9d77b25f 100644 --- a/Linux-PAM/doc/pam_modules.sgml +++ b/Linux-PAM/doc/pam_modules.sgml @@ -2,7 +2,7 @@ <!-- - $Id: pam_modules.sgml,v 1.1.1.2 2002/09/15 20:08:25 hartmans Exp $ + $Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $ Copyright (c) Andrew G. Morgan 1996-2001. All rights reserved. @@ -1386,7 +1386,7 @@ This document was written by Andrew G. Morgan <!-- insert credits here --> <!-- an sgml list of people to credit for their contributions to Linux-PAM - $Id: pam_modules.sgml,v 1.1.1.2 2002/09/15 20:08:25 hartmans Exp $ + $Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $ --> Chris Adams, Peter Allgeyer, @@ -1500,6 +1500,6 @@ USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <p> -<tt>$Id: pam_modules.sgml,v 1.1.1.2 2002/09/15 20:08:25 hartmans Exp $</tt> +<tt>$Id: pam_modules.sgml,v 1.9 2002/05/10 06:00:12 agmorgan Exp $</tt> </article> diff --git a/Linux-PAM/doc/pam_source.sgml b/Linux-PAM/doc/pam_source.sgml index 0b7fcb8f..9ec0bbe6 100644 --- a/Linux-PAM/doc/pam_source.sgml +++ b/Linux-PAM/doc/pam_source.sgml @@ -2,7 +2,7 @@ <!-- - $Id: pam_source.sgml,v 1.1.1.2 2002/09/15 20:08:25 hartmans Exp $ + $Id: pam_source.sgml,v 1.13 2004/09/28 13:48:46 kukuk Exp $ Copyright (c) Andrew G. Morgan 1996-2002. All rights reserved. @@ -46,7 +46,7 @@ DAMAGE. <title>The Linux-PAM System Administrators' Guide <author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.76 2002/06/26 +<date>DRAFT v0.77 2002/07/10 <abstract> This manual documents what a system-administrator needs to know about the <bf>Linux-PAM</bf> library. It covers the correct syntax of the @@ -268,7 +268,7 @@ that this enables. be used, including RADIUS, NIS, NCP (which means that Novell password databases can be used). - o pppd has a PAMified version (available from RedHat) Now it is + o pppd has a PAMified version (available from Red Hat) Now it is possible to use a series of databases to authenticate ppp users. In addition to the normal Linux-based password databases (such as /etc/passwd and /etc/shadow), you can use PAM modules to @@ -437,8 +437,8 @@ with one of two syntaxes. The simpler (and historical) syntax for the control-flag is a single keyword defined to indicate the severity of concern associated with the success or failure of a specific module. There are four such -keywords: <tt/required/, <tt/requisite/, <tt/sufficient/ and -<tt/optional/. +keywords: <tt/required/, <tt/requisite/, <tt/sufficient/, +<tt/optional/ and <tt/include/. <p> The Linux-PAM library interprets these keywords in the following @@ -481,6 +481,12 @@ determine the nature of the response to the application. One example of this latter case, is when the other modules return something like <tt/PAM_IGNORE/. +<item> <tt/include/; this tells PAM to include all lines of given type +from the configuration file specified as an argument to this control. +The whole idea is to create few "systemwide" pam configs and include +parts of them in application pam configs. + + </itemize> <p> @@ -1155,6 +1161,6 @@ USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. <p> -<tt>$Id: pam_source.sgml,v 1.1.1.2 2002/09/15 20:08:25 hartmans Exp $</tt> +<tt>$Id: pam_source.sgml,v 1.13 2004/09/28 13:48:46 kukuk Exp $</tt> </article> diff --git a/Linux-PAM/doc/pdf/README b/Linux-PAM/doc/pdf/README index 6a2f085e..5cae4e68 100644 --- a/Linux-PAM/doc/pdf/README +++ b/Linux-PAM/doc/pdf/README @@ -1,3 +1,3 @@ -$Id: README,v 1.1.1.1 2002/09/15 20:08:34 hartmans Exp $ +$Id: README,v 1.1 2002/05/29 04:14:11 agmorgan Exp $ a directory for PDF versions of the documentation diff --git a/Linux-PAM/doc/ps/README b/Linux-PAM/doc/ps/README index 5f7d2f34..18ab6329 100644 --- a/Linux-PAM/doc/ps/README +++ b/Linux-PAM/doc/ps/README @@ -1,3 +1,3 @@ -$Id: README,v 1.1.1.2 2002/09/15 20:08:34 hartmans Exp $ +$Id: README,v 1.2 2001/11/27 05:37:30 agmorgan Exp $ this is the directory for the PostScript documentation diff --git a/Linux-PAM/doc/specs/draft-morgan-pam.raw b/Linux-PAM/doc/specs/draft-morgan-pam.raw index cd829a17..2d55048e 100644 --- a/Linux-PAM/doc/specs/draft-morgan-pam.raw +++ b/Linux-PAM/doc/specs/draft-morgan-pam.raw @@ -761,4 +761,4 @@ The email list for discussing issues related to this document is Andrew G. Morgan Email: morgan@kernel.org -## $Id: draft-morgan-pam.raw,v 1.1.1.2 2002/09/15 20:08:34 hartmans Exp $ ## +## $Id: draft-morgan-pam.raw,v 1.2 2001/12/08 18:56:47 agmorgan Exp $ ## diff --git a/Linux-PAM/doc/specs/std-agent-id.raw b/Linux-PAM/doc/specs/std-agent-id.raw index 61d5bc4a..c97ce975 100644 --- a/Linux-PAM/doc/specs/std-agent-id.raw +++ b/Linux-PAM/doc/specs/std-agent-id.raw @@ -1,6 +1,6 @@ PAM working group ## A.G. Morgan -## $Id: std-agent-id.raw,v 1.1.1.1 2002/09/15 20:08:34 hartmans Exp $ ## +## $Id: std-agent-id.raw,v 1.1 2001/12/08 18:56:47 agmorgan Exp $ ## ## Pluggable Authentication Modules ## diff --git a/Linux-PAM/doc/txts/README b/Linux-PAM/doc/txts/README index 785f59f8..f63820cf 100644 --- a/Linux-PAM/doc/txts/README +++ b/Linux-PAM/doc/txts/README @@ -1,3 +1,3 @@ -$Id: README,v 1.1.1.1 2001/04/29 04:17:03 hartmans Exp $ +$Id: README,v 1.1.1.1 2000/06/20 22:11:12 agmorgan Exp $ This is a directory for text versions of the pam documentation |