1 files changed, 48 insertions, 52 deletions

diff --git a/doc/man/pam.8.xml b/doc/man/pam.8.xml
index 464af0e5..cb6a7d88 100644
--- a/doc/man/pam.8.xml
+++ b/doc/man/pam.8.xml
@@ -1,32 +1,29 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
-                   "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
-
-<refentry id='pam8'>
+<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="pam8">
 
   <refmeta>
     <refentrytitle>pam</refentrytitle>
-    <manvolnum>8</manvolnum>
-    <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+    <manvolnum>7</manvolnum>
+    <refmiscinfo class="source">Linux-PAM</refmiscinfo>
+    <refmiscinfo class="manual">Linux-PAM Manual</refmiscinfo>
   </refmeta>
 
-  <refnamediv id='pam8-name'>
+  <refnamediv xml:id="pam8-name">
     <refname>PAM</refname>
     <refname>pam</refname>
     <refpurpose>Pluggable Authentication Modules for Linux</refpurpose>
   </refnamediv>
 
-  <refsect1 id='pam8-description'>
+  <refsect1 xml:id="pam8-description">
     <title>DESCRIPTION</title>
     <para>
       This manual is intended to offer a quick introduction to
-      <emphasis remap='B'>Linux-PAM</emphasis>. For more information
+      <emphasis remap="B">Linux-PAM</emphasis>. For more information
       the reader is directed to the
-      <emphasis remap='B'>Linux-PAM system administrators' guide</emphasis>.
+      <emphasis remap="B">Linux-PAM system administrators' guide</emphasis>.
     </para>
 
     <para>
-      <emphasis remap='B'>Linux-PAM</emphasis> is a system of libraries
+      <emphasis remap="B">Linux-PAM</emphasis> is a system of libraries
       that handle the authentication tasks of applications (services) on
       the system. The library provides a stable general interface
       (Application Programming Interface - API) that privilege granting
@@ -43,12 +40,12 @@
       system administrator is free to choose how individual
       service-providing applications will authenticate users. This dynamic
       configuration is set by the contents of the single
-      <emphasis remap='B'>Linux-PAM</emphasis> configuration file
-      <filename>/etc/pam.conf</filename>. Alternatively, the configuration
-      can be set by individual configuration files located in the
-      <filename>/etc/pam.d/</filename> directory. The presence of this
-      directory will cause <emphasis remap='B'>Linux-PAM</emphasis> to
-      <emphasis remap='I'>ignore</emphasis> <filename>/etc/pam.conf</filename>.
+      <emphasis remap="B">Linux-PAM</emphasis> configuration file
+      <filename>/etc/pam.conf</filename>. Alternatively and preferably,
+      the configuration can be set by individual configuration files
+      located in a <filename>pam.d</filename> directory. The presence of this
+      directory will cause <emphasis remap="B">Linux-PAM</emphasis> to
+      <emphasis remap="I">ignore</emphasis> <filename>/etc/pam.conf</filename>.
     </para>
 
     <para>
@@ -64,26 +61,26 @@
 <para>From the point of view of the system administrator, for whom this
 manual is provided, it is not of primary importance to understand the
 internal behavior of the
-<emphasis remap='B'>Linux-PAM</emphasis>
+<emphasis remap="B">Linux-PAM</emphasis>
 library.  The important point to recognize is that the configuration
 file(s)
-<emphasis remap='I'>define</emphasis>
+<emphasis remap="I">define</emphasis>
 the connection between applications
-<emphasis remap='B'></emphasis>(<emphasis remap='B'>services</emphasis>)
+<emphasis remap="B"/>(<emphasis remap="B">services</emphasis>)
 and the pluggable authentication modules
-<emphasis remap='B'></emphasis>(<emphasis remap='B'>PAM</emphasis>s)
+<emphasis remap="B"/>(<emphasis remap="B">PAM</emphasis>s)
 that perform the actual authentication tasks.</para>
 
 
-<para><emphasis remap='B'>Linux-PAM</emphasis>
+<para><emphasis remap="B">Linux-PAM</emphasis>
 separates the tasks of
-<emphasis remap='I'>authentication</emphasis>
+<emphasis remap="I">authentication</emphasis>
 into four independent management groups:
-<emphasis remap='B'>account</emphasis> management;
-<emphasis remap='B'>auth</emphasis>entication management;
-<emphasis remap='B'>password</emphasis> management;
+<emphasis remap="B">account</emphasis> management;
+<emphasis remap="B">auth</emphasis>entication management;
+<emphasis remap="B">password</emphasis> management;
 and
-<emphasis remap='B'>session</emphasis> management.
+<emphasis remap="B">session</emphasis> management.
 (We highlight the abbreviations used for these groups in the
 configuration file.)</para>
 
@@ -92,12 +89,12 @@ configuration file.)</para>
 user's request for a restricted service:</para>
 
 
-<para><emphasis remap='B'>account</emphasis> -
+<para><emphasis remap="B">account</emphasis> -
 provide account verification types of service: has the user's password
 expired?; is this user permitted access to the requested service?</para>
 
 <!-- .br -->
-<para><emphasis remap='B'>auth</emphasis>entication -
+<para><emphasis remap="B">auth</emphasis>entication -
 authenticate a user and set up user credentials. Typically this is via
 some challenge-response request that the user must satisfy: if you are
 who you claim to be please enter your password. Not all authentications
@@ -105,86 +102,85 @@ are of this type, there exist hardware based authentication schemes
 (such as the use of smart-cards and biometric devices), with suitable
 modules, these may be substituted seamlessly for more standard
 approaches to authentication - such is the flexibility of
-<emphasis remap='B'>Linux-PAM</emphasis>.</para>
+<emphasis remap="B">Linux-PAM</emphasis>.</para>
 
 <!-- .br -->
-<para><emphasis remap='B'>password</emphasis> -
+<para><emphasis remap="B">password</emphasis> -
 this group's responsibility is the task of updating authentication
 mechanisms. Typically, such services are strongly coupled to those of
 the
-<emphasis remap='B'>auth</emphasis>
+<emphasis remap="B">auth</emphasis>
 group. Some authentication mechanisms lend themselves well to being
 updated with such a function. Standard UN*X password-based access is
 the obvious example: please enter a replacement password.</para>
 
 <!-- .br -->
-<para><emphasis remap='B'>session</emphasis> -
+<para><emphasis remap="B">session</emphasis> -
 this group of tasks cover things that should be done prior to a
 service being given and after it is withdrawn. Such tasks include the
 maintenance of audit trails and the mounting of the user's home
 directory. The
-<emphasis remap='B'>session</emphasis>
+<emphasis remap="B">session</emphasis>
 management group is important as it provides both an opening and
 closing hook for modules to affect the services available to a user.</para>
 
 </refsect1>
 
-  <refsect1 id='pam8-files'>
+  <refsect1 xml:id="pam8-files">
     <title>FILES</title>
     <variablelist>
       <varlistentry>
-        <term><filename>/etc/pam.conf</filename></term>
+        <term>/etc/pam.conf</term>
         <listitem>
           <para>the configuration file</para>
         </listitem>
       </varlistentry>
       <varlistentry>
-        <term><filename>/etc/pam.d</filename></term>
+        <term>/etc/pam.d</term>
         <listitem>
           <para>
-            the <emphasis remap='B'>Linux-PAM</emphasis> configuration
+            the <emphasis remap="B">Linux-PAM</emphasis> configuration
             directory. Generally, if this directory is present, the
             <filename>/etc/pam.conf</filename> file is ignored.
           </para>
         </listitem>
       </varlistentry>
       <varlistentry>
-        <term><filename>/usr/lib/pam.d</filename></term>
+        <term>/usr/lib/pam.d</term>
         <listitem>
           <para>
-            the <emphasis remap='B'>Linux-PAM</emphasis> vendor configuration
+            the <emphasis remap="B">Linux-PAM</emphasis> vendor configuration
             directory. Files in <filename>/etc/pam.d</filename> override
             files with the same name in this directory.
           </para>
         </listitem>
       </varlistentry>
-      <varlistentry>
-        <term><filename>%vendordir%/pam.d</filename></term>
+      <varlistentry condition="with_vendordir">
+        <term>%vendordir%/pam.d</term>
         <listitem>
           <para>
-            the <emphasis remap='B'>Linux-PAM</emphasis> vendor configuration
-	    directory. Files in <filename>/etc/pam.d</filename> and
-	    <filename>/usr/lib/pam.d</filename> override files with the same
-	    name in this directory. Only available if Linux-PAM was compiled
-	    with vendordir enabled.
+	    additional <emphasis remap="B">Linux-PAM</emphasis> vendor
+	    configuration directory. Files in <filename>/etc/pam.d</filename>
+	    and <filename>/usr/lib/pam.d</filename> override files with the
+	    same name in this directory.
           </para>
         </listitem>
       </varlistentry>
     </variablelist>
   </refsect1>
 
-  <refsect1 id='pam8-errors'>
+  <refsect1 xml:id="pam8-errors">
     <title>ERRORS</title>
     <para>
       Typically errors generated by the
-      <emphasis remap='B'>Linux-PAM</emphasis> system of libraries, will
+      <emphasis remap="B">Linux-PAM</emphasis> system of libraries, will
       be written to <citerefentry>
       <refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum>
       </citerefentry>.
     </para>
   </refsect1>
 
-  <refsect1 id='pam8-conforming_to'>
+  <refsect1 xml:id="pam8-conforming_to">
     <title>CONFORMING TO</title>
     <para>
       DCE-RFC 86.0, October 1995.
@@ -193,7 +189,7 @@ closing hook for modules to affect the services available to a user.</para>
     </para>
   </refsect1>
 
-  <refsect1 id='pam8-see_also'>
+  <refsect1 xml:id="pam8-see_also">
     <title>SEE ALSO</title>
     <para>
       <citerefentry>