|author||Andrew G. Morgan <email@example.com>||2000-06-20 22:10:38 +0000|
|committer||Andrew G. Morgan <firstname.lastname@example.org>||2000-06-20 22:10:38 +0000|
Diffstat (limited to 'modules/pam_stress/README')
1 files changed, 66 insertions, 0 deletions
diff --git a/modules/pam_stress/README b/modules/pam_stress/README
new file mode 100644
@@ -0,0 +1,66 @@
+# This describes the behavior of this module with respect to the
+# /etc/pam.conf file.
+# writen by Andrew Morgan <email@example.com>
+This module recognizes the following arguments.
+debug put lots of information in syslog.
+ *NOTE* this option writes passwords to syslog, so
+ don't use anything sensitive when testing.
+no_warn don't give warnings about things (otherwise warnings are issued
+ via the conversation function)
+use_first_pass don't prompt for a password, for pam_sm_authentication
+ function just use item PAM_AUTHTOK.
+try_first_pass don't prompt for a password unless there has been no
+ previous authentication token (item PAM_AUTHTOK is NULL)
+rootok This is intended for the pam_sm_chauthtok function and
+ it instructs this function to permit root to change
+ the user's password without entering the old password.
+The following arguments are acted on by the module. They are intended
+to make the module give the impression of failing as a fully
+functioning module might.
+expired an argument intended for the account and chauthtok module
+ parts. It instructs the module to act as if the user's
+ password has expired
+fail_1 this instructs the module to make its first function fail.
+fail_2 this instructs the module to make its second function (if there
+ is one) fail.
+ The function break up is indicated in the Module
+ Developers' Guide. Listed here it is:
+ service function 1 function 2
+ ------- ---------- ----------
+ auth pam_sm_authenticate pam_sm_setcred
+ password pam_sm_chauthtok
+ session pam_sm_open_session pam_sm_close_session
+ account pam_sm_acct_mgmt
+prelim for pam_sm_chauthtok, means fail on PAM_PRELIM_CHECK.
+required for pam_sm_chauthtok, means fail if the user hasn't already
+ been authenticated by this module. (See stress_new_pwd data
+ item below.)
+# data strings that this module uses are the following:
+data name value(s) Comments
+--------- -------- --------
+stress_new_pwd yes tells pam_sm_chauthtok that
+ pam_sm_acct_mgmt says we need a new