summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog11
-rw-r--r--doc/man/Makefile.am9
-rw-r--r--doc/man/pam_fail_delay.320
-rw-r--r--doc/man/pam_fail_delay.3.xml36
-rw-r--r--doc/man/pam_prompt.347
-rw-r--r--doc/man/pam_prompt.3.xml110
-rw-r--r--doc/man/pam_syslog.349
-rw-r--r--doc/man/pam_syslog.3.xml82
-rw-r--r--doc/man/pam_vprompt.31
-rw-r--r--doc/man/pam_vsyslog.31
-rw-r--r--modules/pam_access/access.conf.54
11 files changed, 352 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 5e6360bb..2f3145cb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2006-03-11 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * doc/man/pam_fail_delay.3.xml: New.
+ * doc/man/pam_fail_delay.3: New, generated from xml.
+ * doc/man/pam_prompt.3.xml: New.
+ * doc/man/pam_prompt.3: New, generated from xml.
+ * doc/man/pam_syslog.3.xml: New.
+ * doc/man/pam_syslog.3: New, generated from xml.
+ * doc/man/pam_vprompt.3: New, generated from xml.
+ * doc/man/pam_vsyslog.3: New, generated from xml.
+
2006-02-24 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_succeed_if/pam_succeed_if.8.xml: New, based on
diff --git a/doc/man/Makefile.am b/doc/man/Makefile.am
index 83d1eec5..84f93e62 100644
--- a/doc/man/Makefile.am
+++ b/doc/man/Makefile.am
@@ -13,8 +13,10 @@ man_MANS = pam.8 pam.conf.5 pam.d.5 \
pam_fail_delay.3 \
pam_get_data.3 pam_get_item.3 pam_get_user.3 \
pam_open_session.3 \
- pam_set_data.3 pam_set_item.3 \
- pam_setcred.3 pam_start.3 pam_strerror.3
+ pam_prompt.3 \
+ pam_set_data.3 pam_set_item.3 pam_syslog.3 \
+ pam_setcred.3 pam_start.3 pam_strerror.3 \
+ pam_vprompt.3 pam_vsyslog.3
XMLS = pam.8.xml \
pam_acct_mgmt.3.xml pam_authenticate.3.xml \
pam_chauthtok.3.xml pam_close_session.3.xml \
@@ -22,7 +24,8 @@ XMLS = pam.8.xml \
pam_fail_delay.3.xml \
pam_get_data.3.xml pam_get_item.3.xml pam_get_user.3.xml \
pam_open_session.3.xml \
- pam_set_data.3.xml pam_set_item.3.xml \
+ pam_prompt.3.xml \
+ pam_set_data.3.xml pam_set_item.3.xml pam_syslog.3.xml \
pam_setcred.3.xml pam_start.3.xml pam_strerror.3.xml \
pam_item_types.inc.xml
diff --git a/doc/man/pam_fail_delay.3 b/doc/man/pam_fail_delay.3
index 8e1cd09d..793c60de 100644
--- a/doc/man/pam_fail_delay.3
+++ b/doc/man/pam_fail_delay.3
@@ -2,7 +2,7 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
-.TH "PAM_FAIL_DELAY" "3" "02/12/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_FAIL_DELAY" "3" "02/20/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
@@ -95,14 +95,20 @@ module #2: pam_fail_delay (pamh, 4000000);
.fi
.PP
in this case, it is the largest requested value that is used to compute the actual failed delay: here between 3 and 5 seconds.
-.SH "RETURN VALUE"
-.PP
-Following a successful call to
-\fBpam_fail_delay\fR(3),
-\fIPAM_SUCCESS\fR
-is returned. All other returns should be considered serious failures.
+.SH "RETURN VALUES"
+.TP
+PAM_SUCCESS
+Delay was successful adjusted.
+.TP
+PAM_SYSTEM_ERR
+A NULL pointer was submitted as PAM handle.
.SH "SEE ALSO"
.PP
\fBpam_start\fR(3),
\fBpam_get_item\fR(3),
\fBpam_strerror\fR(3)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_fail_delay\fR
+function is an Linux\-PAM extension.
diff --git a/doc/man/pam_fail_delay.3.xml b/doc/man/pam_fail_delay.3.xml
index 86d1fff4..459fda83 100644
--- a/doc/man/pam_fail_delay.3.xml
+++ b/doc/man/pam_fail_delay.3.xml
@@ -151,12 +151,27 @@ module #2: pam_fail_delay (pamh, 4000000);
</para>
</refsect1>
-<refsect1 id='return_value'><title>RETURN VALUE</title>
-<para>Following a successful call to
-<citerefentry><refentrytitle>pam_fail_delay</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <emphasis remap='B'>PAM_SUCCESS</emphasis>
-is returned. All other returns should be considered serious failures.</para>
-
-</refsect1>
+ <refsect1 id='pam_fail_delay-return_values'>
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Delay was successful adjusted.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ A NULL pointer was submitted as PAM handle.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
<refsect1 id='pam_fail_delay-see_also'>
<title>SEE ALSO</title>
@@ -172,4 +187,13 @@ is returned. All other returns should be considered serious failures.</para>
</citerefentry>
</para>
</refsect1>
+
+ <refsect1 id='pam_fail_delay-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_fail_delay</funcion> function is an
+ Linux-PAM extension.
+ </para>
+ </refsect1>
+
</refentry>
diff --git a/doc/man/pam_prompt.3 b/doc/man/pam_prompt.3
new file mode 100644
index 00000000..647c3450
--- /dev/null
+++ b/doc/man/pam_prompt.3
@@ -0,0 +1,47 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "PAM_PROMPT" "3" "02/20/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_prompt, pam_vprompt \- interface to conversation function
+.SH "SYNOPSIS"
+.PP
+\fB#include <security/pam_ext.h>\fR
+.HP 16
+\fBvoid\ \fBpam_prompt\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIstyle\fR\fR\fB, \fR\fBchar\ **\fR\fB\fIresponse\fR\fR\fB, \fR\fBconst\ char\ *\fR\fB\fIfmt\fR\fR\fB, \fR\fB\fI...\fR\fR\fB);\fR
+.HP 17
+\fBvoid\ \fBpam_vprompt\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIstyle\fR\fR\fB, \fR\fBchar\ **\fR\fB\fIresponse\fR\fR\fB, \fR\fBconst\ char\ *\fR\fB\fIfmt\fR\fR\fB, \fR\fBva_list\ \fR\fB\fIargs\fR\fR\fB);\fR
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_prompt\fR
+function constructs a message from the specified format string and arguments and passes it to
+.SH "RETURN VALUES"
+.TP
+PAM_BUF_ERR
+Memory buffer error.
+.TP
+PAM_CONV_ERR
+Conversation failure.
+.TP
+PAM_SUCCESS
+Transaction was successful created.
+.TP
+PAM_SYSTEM_ERR
+System error.
+.SH "SEE ALSO"
+.PP
+\fBpam\fR(8),
+\fBpam_conv\fR(3)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_prompt\fR
+and
+\fBpam_vprompt\fR
+functions are Linux\-PAM extensions.
diff --git a/doc/man/pam_prompt.3.xml b/doc/man/pam_prompt.3.xml
new file mode 100644
index 00000000..2c436f19
--- /dev/null
+++ b/doc/man/pam_prompt.3.xml
@@ -0,0 +1,110 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_prompt">
+
+ <refmeta>
+ <refentrytitle>pam_prompt</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_prompt-name">
+ <refname>pam_prompt</refname>
+ <refname>pam_vprompt</refname>
+ <refpurpose>interface to conversation function</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_prompt-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>void <function>pam_prompt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>style</parameter></paramdef>
+ <paramdef>char **<parameter>response</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>void <function>pam_vprompt</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>style</parameter></paramdef>
+ <paramdef>char **<parameter>response</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_prompt-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_prompt</function> function constructs a message
+ from the specified format string and arguments and passes it to
+ </para>
+ </refsect1>
+
+ <refsect1 id="pam_start-return_values">
+ <title>RETURN VALUES</title>
+ <variablelist>
+ <varlistentry>
+ <term>PAM_BUF_ERR</term>
+ <listitem>
+ <para>
+ Memory buffer error.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_CONV_ERR</term>
+ <listitem>
+ <para>
+ Conversation failure.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SUCCESS</term>
+ <listitem>
+ <para>
+ Transaction was successful created.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>PAM_SYSTEM_ERR</term>
+ <listitem>
+ <para>
+ System error.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+
+ <refsect1 id='pam_prompt-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>,
+ <citerefentry>
+ <refentrytitle>pam_conv</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_prompt-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_prompt</function> and <function>pam_vprompt</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/doc/man/pam_syslog.3 b/doc/man/pam_syslog.3
new file mode 100644
index 00000000..0319e6f5
--- /dev/null
+++ b/doc/man/pam_syslog.3
@@ -0,0 +1,49 @@
+.\" ** You probably do not want to edit this file directly **
+.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
+.\" Instead of manually editing it, you probably should edit the DocBook XML
+.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
+.TH "PAM_SYSLOG" "3" "02/20/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+pam_syslog, pam_vsyslog \- send messages to the system logger
+.SH "SYNOPSIS"
+.PP
+\fB#include <syslog.h>\fR
+.PP
+\fB#include <security/pam_ext.h>\fR
+.HP 16
+\fBvoid\ \fBpam_syslog\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIpriority\fR\fR\fB, \fR\fBconst\ char\ *\fR\fB\fIfmt\fR\fR\fB, \fR\fB\fI...\fR\fR\fB);\fR
+.HP 17
+\fBvoid\ \fBpam_vsyslog\fR\fR\fB(\fR\fBpam_handle_t\ *\fR\fB\fIpamh\fR\fR\fB, \fR\fBint\ \fR\fB\fIpriority\fR\fR\fB, \fR\fBconst\ char\ *\fR\fB\fIfmt\fR\fR\fB, \fR\fBva_list\ \fR\fB\fIargs\fR\fR\fB);\fR
+.SH "DESCRIPTION"
+.PP
+The
+\fBpam_syslog\fR
+function logs messages using
+\fBsyslog\fR(3)
+and is intended for internal use by Linux\-PAM and PAM service modules. The
+\fIpriority\fR
+argument is formed by ORing the facility and the level values as documented in the
+\fBsyslog\fR(3)
+manual page.
+.PP
+The
+\fBpam_vsyslog\fR
+function performs the same task as
+\fBpam_syslog()\fR
+with the difference that it takes a set of arguments which have been obtained using the
+\fBstdarg\fR(3)
+variable argument list macros.
+.SH "SEE ALSO"
+.PP
+\fBpam\fR(8)
+.SH "STANDARDS"
+.PP
+The
+\fBpam_syslog\fR
+and
+\fBpam_vsyslog\fR
+functions are Linux\-PAM extensions.
diff --git a/doc/man/pam_syslog.3.xml b/doc/man/pam_syslog.3.xml
new file mode 100644
index 00000000..5b2f949b
--- /dev/null
+++ b/doc/man/pam_syslog.3.xml
@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+ "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id="pam_syslog">
+
+ <refmeta>
+ <refentrytitle>pam_syslog</refentrytitle>
+ <manvolnum>3</manvolnum>
+ <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+ </refmeta>
+
+ <refnamediv id="pam_syslog-name">
+ <refname>pam_syslog</refname>
+ <refname>pam_vsyslog</refname>
+ <refpurpose>send messages to the system logger</refpurpose>
+ </refnamediv>
+
+<!-- body begins here -->
+
+ <refsynopsisdiv id="pam_syslog-synopsis">
+ <funcsynopsis>
+ <funcsynopsisinfo>#include &lt;syslog.h&gt;</funcsynopsisinfo>
+ <funcsynopsisinfo>#include &lt;security/pam_ext.h&gt;</funcsynopsisinfo>
+ <funcprototype>
+ <funcdef>void <function>pam_syslog</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>priority</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef><parameter>...</parameter></paramdef>
+ </funcprototype>
+ <funcprototype>
+ <funcdef>void <function>pam_vsyslog</function></funcdef>
+ <paramdef>pam_handle_t *<parameter>pamh</parameter></paramdef>
+ <paramdef>int <parameter>priority</parameter></paramdef>
+ <paramdef>const char *<parameter>fmt</parameter></paramdef>
+ <paramdef>va_list <parameter>args</parameter></paramdef>
+ </funcprototype>
+ </funcsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1 id='pam_syslog-description'>
+ <title>DESCRIPTION</title>
+ <para>
+ The <function>pam_syslog</function> function logs messages using
+ <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> and is intended for internal use by Linux-PAM and
+ PAM service modules. The <emphasis>priority</emphasis> argument is
+ formed by ORing the facility and the level values as documented
+ in the <citerefentry>
+ <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> manual page.
+ </para>
+ <para>
+ The <function>pam_vsyslog</function> function performs the same
+ task as <function>pam_syslog()</function> with the difference
+ that it takes a set of arguments which have been obtained using
+ the <citerefentry>
+ <refentrytitle>stdarg</refentrytitle><manvolnum>3</manvolnum>
+ </citerefentry> variable argument list macros.
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_syslog-see_also'>
+ <title>SEE ALSO</title>
+ <para>
+ <citerefentry>
+ <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+ </citerefentry>
+ </para>
+ </refsect1>
+
+ <refsect1 id='pam_syslog-standards'>
+ <title>STANDARDS</title>
+ <para>
+ The <function>pam_syslog</function> and <function>pam_vsyslog</function>
+ functions are Linux-PAM extensions.
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/doc/man/pam_vprompt.3 b/doc/man/pam_vprompt.3
new file mode 100644
index 00000000..bba0b1d3
--- /dev/null
+++ b/doc/man/pam_vprompt.3
@@ -0,0 +1 @@
+.so man3/pam_prompt.3
diff --git a/doc/man/pam_vsyslog.3 b/doc/man/pam_vsyslog.3
new file mode 100644
index 00000000..b987b067
--- /dev/null
+++ b/doc/man/pam_vsyslog.3
@@ -0,0 +1 @@
+.so man3/pam_syslog.3
diff --git a/modules/pam_access/access.conf.5 b/modules/pam_access/access.conf.5
index c2207a3d..dcc9ee9d 100644
--- a/modules/pam_access/access.conf.5
+++ b/modules/pam_access/access.conf.5
@@ -2,13 +2,13 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
-.TH "ACCESS.CONF" "5" "02/07/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "ACCESS.CONF" "5" "02/22/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-access.conf \- The login access control table file
+access.conf \- the login access control table file
.SH "DESCRIPTION"
.PP
This module provides logdaemon style login access control based on login names and on host (or domain) names, internet addresses (or network numbers), on terminal line names in case of non\-networked logins or on service name if called by a daemon.