diff options
Diffstat (limited to 'modules/pam_pwhistory/pam_pwhistory.8.xml')
-rw-r--r-- | modules/pam_pwhistory/pam_pwhistory.8.xml | 125 |
1 files changed, 89 insertions, 36 deletions
diff --git a/modules/pam_pwhistory/pam_pwhistory.8.xml b/modules/pam_pwhistory/pam_pwhistory.8.xml index 9e1056b2..a5185fcb 100644 --- a/modules/pam_pwhistory/pam_pwhistory.8.xml +++ b/modules/pam_pwhistory/pam_pwhistory.8.xml @@ -1,46 +1,49 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> - -<refentry id="pam_pwhistory"> +<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="pam_pwhistory"> <refmeta> <refentrytitle>pam_pwhistory</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> + <refmiscinfo class="source">Linux-PAM</refmiscinfo> + <refmiscinfo class="manual">Linux-PAM Manual</refmiscinfo> </refmeta> - <refnamediv id="pam_pwhistory-name"> + <refnamediv xml:id="pam_pwhistory-name"> <refname>pam_pwhistory</refname> <refpurpose>PAM module to remember last passwords</refpurpose> </refnamediv> <refsynopsisdiv> - <cmdsynopsis id="pam_pwhistory-cmdsynopsis"> + <cmdsynopsis xml:id="pam_pwhistory-cmdsynopsis" sepchar=" "> <command>pam_pwhistory.so</command> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> debug </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> use_authtok </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> enforce_for_root </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> remember=<replaceable>N</replaceable> </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> retry=<replaceable>N</replaceable> </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> authtok_type=<replaceable>STRING</replaceable> </arg> + <arg choice="opt" rep="norepeat"> + file=<replaceable>/path/filename</replaceable> + </arg> + <arg choice="opt" rep="norepeat"> + conf=<replaceable>/path/to/config-file</replaceable> + </arg> </cmdsynopsis> </refsynopsisdiv> - <refsect1 id="pam_pwhistory-description"> + <refsect1 xml:id="pam_pwhistory-description"> <title>DESCRIPTION</title> @@ -58,12 +61,12 @@ </para> </refsect1> - <refsect1 id="pam_pwhistory-options"> + <refsect1 xml:id="pam_pwhistory-options"> <title>OPTIONS</title> <variablelist> <varlistentry> <term> - <option>debug</option> + debug </term> <listitem> <para> @@ -76,20 +79,20 @@ </varlistentry> <varlistentry> <term> - <option>use_authtok</option> + use_authtok </term> <listitem> <para> When password changing enforce the module to use the new password provided by a previously stacked <option>password</option> module (this is used in the example of the stacking of the - <command>pam_cracklib</command> module documented below). + <command>pam_passwdqc</command> module documented below). </para> </listitem> </varlistentry> <varlistentry> <term> - <option>enforce_for_root</option> + enforce_for_root </term> <listitem> <para> @@ -99,12 +102,12 @@ </varlistentry> <varlistentry> <term> - <option>remember=<replaceable>N</replaceable></option> + remember=N </term> <listitem> <para> The last <replaceable>N</replaceable> passwords for each - user are saved in <filename>/etc/security/opasswd</filename>. + user are saved. The default is <emphasis>10</emphasis>. Value of <emphasis>0</emphasis> makes the module to keep the existing contents of the <filename>opasswd</filename> file unchanged. @@ -113,7 +116,7 @@ </varlistentry> <varlistentry> <term> - <option>retry=<replaceable>N</replaceable></option> + retry=N </term> <listitem> <para> @@ -126,7 +129,7 @@ <varlistentry> <term> - <option>authtok_type=<replaceable>STRING</replaceable></option> + authtok_type=STRING </term> <listitem> <para> @@ -137,17 +140,49 @@ </listitem> </varlistentry> + <varlistentry> + <term> + file=/path/filename + </term> + <listitem> + <para> + Store password history in file <filename>/path/filename</filename> + rather than the default location. The default location is + <filename>/etc/security/opasswd</filename>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + conf=/path/to/config-file + </term> + <listitem> + <para> + Use another configuration file instead of the default + <filename>/etc/security/pwhistory.conf</filename>. + </para> + </listitem> + </varlistentry> + </variablelist> + <para> + The options for configuring the module behavior are described in the + <citerefentry><refentrytitle>pwhistory.conf</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> manual page. The options + specified on the module command line override the values from the + configuration file. + </para> </refsect1> - <refsect1 id="pam_pwhistory-types"> + <refsect1 xml:id="pam_pwhistory-types"> <title>MODULE TYPES PROVIDED</title> <para> Only the <option>password</option> module type is provided. </para> </refsect1> - <refsect1 id='pam_pwhistory-return_values'> + <refsect1 xml:id="pam_pwhistory-return_values"> <title>RETURN VALUES</title> <variablelist> <varlistentry> @@ -186,7 +221,7 @@ </variablelist> </refsect1> - <refsect1 id='pam_pwhistory-examples'> + <refsect1 xml:id="pam_pwhistory-examples"> <title>EXAMPLES</title> <para> An example password section would be: @@ -197,39 +232,57 @@ password required pam_unix.so use_authtok </programlisting> </para> <para> - In combination with <command>pam_cracklib</command>: + In combination with <command>pam_passwdqc</command>: <programlisting> #%PAM-1.0 -password required pam_cracklib.so retry=3 +password required pam_passwdqc.so config=/etc/passwdqc.conf password required pam_pwhistory.so use_authtok password required pam_unix.so use_authtok </programlisting> </para> </refsect1> - <refsect1 id="pam_pwhistory-files"> + <refsect1 xml:id="pam_pwhistory-files"> <title>FILES</title> <variablelist> <varlistentry> - <term><filename>/etc/security/opasswd</filename></term> + <term>/etc/security/opasswd</term> <listitem> - <para>File with password history</para> + <para>Default file with password history</para> + </listitem> + </varlistentry> + <varlistentry> + <term><filename>/etc/security/pwhistory.conf</filename></term> + <listitem> + <para>Config file for pam_pwhistory options</para> + </listitem> + </varlistentry> + <varlistentry condition="with_vendordir"> + <term><filename>%vendordir%/security/pwhistory.conf</filename></term> + <listitem> + <para> + Config file for pam_pwhistory options. It will be used if + <filename>/etc/security/pwhistory.conf</filename> does not exist. + </para> </listitem> </varlistentry> </variablelist> </refsect1> - <refsect1 id='pam_pwhistory-see_also'> + <refsect1 xml:id="pam_pwhistory-see_also"> <title>SEE ALSO</title> <para> <citerefentry> + <refentrytitle>pwhistory.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> - <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> + <refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum> </citerefentry> <citerefentry> <refentrytitle>pam_get_authtok</refentrytitle><manvolnum>3</manvolnum> @@ -237,11 +290,11 @@ password required pam_unix.so use_authtok </para> </refsect1> - <refsect1 id='pam_pwhistory-author'> + <refsect1 xml:id="pam_pwhistory-author"> <title>AUTHOR</title> <para> pam_pwhistory was written by Thorsten Kukuk <kukuk@thkukuk.de> </para> </refsect1> -</refentry> +</refentry>
\ No newline at end of file |