summaryrefslogtreecommitdiff
path: root/Linux-PAM/doc/man/PAM.8
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM/doc/man/PAM.8')
-rw-r--r--Linux-PAM/doc/man/PAM.874
1 files changed, 39 insertions, 35 deletions
diff --git a/Linux-PAM/doc/man/PAM.8 b/Linux-PAM/doc/man/PAM.8
index 112ea7d7..a385ea3e 100644
--- a/Linux-PAM/doc/man/PAM.8
+++ b/Linux-PAM/doc/man/PAM.8
@@ -1,48 +1,48 @@
.\" Title: pam
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/>
-.\" Date: 06/27/2006
-.\" Manual: Linux\-PAM Manual
-.\" Source: Linux\-PAM Manual
+.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/>
+.\" Date: 02/04/2008
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
.\"
-.TH "PAM" "8" "06/27/2006" "Linux\-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM" "8" "02/04/2008" "Linux-PAM Manual" "Linux-PAM Manual"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-PAM, pam \- Pluggable Authentication Modules for Linux
+PAM, pam - Pluggable Authentication Modules for Linux
.SH "DESCRIPTION"
.PP
This manual is intended to offer a quick introduction to
-\fBLinux\-PAM\fR. For more information the reader is directed to the
-\fBLinux\-PAM system administrators' guide\fR.
+\fBLinux\-PAM\fR\. For more information the reader is directed to the
+\fBLinux\-PAM system administrators\' guide\fR\.
.PP
\fBLinux\-PAM\fR
-is a system of libraries that handle the authentication tasks of applications (services) on the system. The library provides a stable general interface (Application Programming Interface \- API) that privilege granting programs (such as
+is a system of libraries that handle the authentication tasks of applications (services) on the system\. The library provides a stable general interface (Application Programming Interface \- API) that privilege granting programs (such as
\fBlogin\fR(1)
and
-\fBsu\fR(1)) defer to to perform standard authentication tasks.
+\fBsu\fR(1)) defer to to perform standard authentication tasks\.
.PP
-The principal feature of the PAM approach is that the nature of the authentication is dynamically configurable. In other words, the system administrator is free to choose how individual service\-providing applications will authenticate users. This dynamic configuration is set by the contents of the single
+The principal feature of the PAM approach is that the nature of the authentication is dynamically configurable\. In other words, the system administrator is free to choose how individual service\-providing applications will authenticate users\. This dynamic configuration is set by the contents of the single
\fBLinux\-PAM\fR
configuration file
-\fI/etc/pam.conf\fR. Alternatively, the configuration can be set by individual configuration files located in the
-\fI/etc/pam.d/\fR
-directory. The presence of this directory will cause
+\fI/etc/pam\.conf\fR\. Alternatively, the configuration can be set by individual configuration files located in the
+\fI/etc/pam\.d/\fR
+directory\. The presence of this directory will cause
\fBLinux\-PAM\fR
to
\fIignore\fR
-\fI/etc/pam.conf\fR.
+\fI/etc/pam\.conf\fR\.
.PP
From the point of view of the system administrator, for whom this manual is provided, it is not of primary importance to understand the internal behavior of the
\fBLinux\-PAM\fR
-library. The important point to recognize is that the configuration file(s)
+library\. The important point to recognize is that the configuration file(s)
\fIdefine\fR
the connection between applications
(\fBservices\fR) and the pluggable authentication modules
-(\fBPAM\fRs) that perform the actual authentication tasks.
+(\fBPAM\fRs) that perform the actual authentication tasks\.
.PP
\fBLinux\-PAM\fR
separates the tasks of
@@ -54,45 +54,49 @@ management;
\fBpassword\fR
management; and
\fBsession\fR
-management. (We highlight the abbreviations used for these groups in the configuration file.)
+management\. (We highlight the abbreviations used for these groups in the configuration file\.)
.PP
-Simply put, these groups take care of different aspects of a typical user's request for a restricted service:
+Simply put, these groups take care of different aspects of a typical user\'s request for a restricted service:
.PP
\fBaccount\fR
-\- provide account verification types of service: has the user's password expired?; is this user permitted access to the requested service?
+\- provide account verification types of service: has the user\'s password expired?; is this user permitted access to the requested service?
.PP
-\fBauth\fRentication \- authenticate a user and set up user credentials. Typically this is via some challenge\-response request that the user must satisfy: if you are who you claim to be please enter your password. Not all authentications are of this type, there exist hardware based authentication schemes (such as the use of smart\-cards and biometric devices), with suitable modules, these may be substituted seamlessly for more standard approaches to authentication \- such is the flexibility of
-\fBLinux\-PAM\fR.
+\fBauth\fRentication \- authenticate a user and set up user credentials\. Typically this is via some challenge\-response request that the user must satisfy: if you are who you claim to be please enter your password\. Not all authentications are of this type, there exist hardware based authentication schemes (such as the use of smart\-cards and biometric devices), with suitable modules, these may be substituted seamlessly for more standard approaches to authentication \- such is the flexibility of
+\fBLinux\-PAM\fR\.
.PP
\fBpassword\fR
-\- this group's responsibility is the task of updating authentication mechanisms. Typically, such services are strongly coupled to those of the
+\- this group\'s responsibility is the task of updating authentication mechanisms\. Typically, such services are strongly coupled to those of the
\fBauth\fR
-group. Some authentication mechanisms lend themselves well to being updated with such a function. Standard UN*X password\-based access is the obvious example: please enter a replacement password.
+group\. Some authentication mechanisms lend themselves well to being updated with such a function\. Standard UN*X password\-based access is the obvious example: please enter a replacement password\.
.PP
\fBsession\fR
-\- this group of tasks cover things that should be done prior to a service being given and after it is withdrawn. Such tasks include the maintenance of audit trails and the mounting of the user's home directory. The
+\- this group of tasks cover things that should be done prior to a service being given and after it is withdrawn\. Such tasks include the maintenance of audit trails and the mounting of the user\'s home directory\. The
\fBsession\fR
-management group is important as it provides both an opening and closing hook for modules to affect the services available to a user.
+management group is important as it provides both an opening and closing hook for modules to affect the services available to a user\.
.SH "FILES"
-.TP 3n
-\fI/etc/pam.conf\fR
+.PP
+\fI/etc/pam\.conf\fR
+.RS 4
the configuration file
-.TP 3n
-\fI/etc/pam.d\fR
+.RE
+.PP
+\fI/etc/pam\.d\fR
+.RS 4
the
\fBLinux\-PAM\fR
-configuration directory. Generally, if this directory is present, the
-\fI/etc/pam.conf\fR
-file is ignored.
+configuration directory\. Generally, if this directory is present, the
+\fI/etc/pam\.conf\fR
+file is ignored\.
+.RE
.SH "ERRORS"
.PP
Typically errors generated by the
\fBLinux\-PAM\fR
system of libraries, will be written to
-\fBsyslog\fR(3).
+\fBsyslog\fR(3)\.
.SH "CONFORMING TO"
.PP
-DCE\-RFC 86.0, October 1995. Contains additional features, but remains backwardly compatible with this RFC.
+DCE\-RFC 86\.0, October 1995\. Contains additional features, but remains backwardly compatible with this RFC\.
.SH "SEE ALSO"
.PP
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 03:57:20 +0000