summaryrefslogtreecommitdiff
path: root/modules/pam_userdb/pam_userdb.8.xml
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_userdb/pam_userdb.8.xml')
-rw-r--r--modules/pam_userdb/pam_userdb.8.xml292
1 files changed, 0 insertions, 292 deletions
diff --git a/modules/pam_userdb/pam_userdb.8.xml b/modules/pam_userdb/pam_userdb.8.xml
deleted file mode 100644
index 70b416b3..00000000
--- a/modules/pam_userdb/pam_userdb.8.xml
+++ /dev/null
@@ -1,292 +0,0 @@
-<?xml version="1.0" encoding='UTF-8'?>
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
- "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
-
-<refentry id="pam_userdb">
-
- <refmeta>
- <refentrytitle>pam_userdb</refentrytitle>
- <manvolnum>8</manvolnum>
- <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
- </refmeta>
-
- <refnamediv id="pam_userdb-name">
- <refname>pam_userdb</refname>
- <refpurpose>PAM module to authenticate against a db database</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <cmdsynopsis id="pam_userdb-cmdsynopsis">
- <command>pam_userdb.so</command>
- <arg choice="plain">
- db=<replaceable>/path/database</replaceable>
- </arg>
- <arg choice="opt">
- debug
- </arg>
- <arg choice="opt">
- crypt=[crypt|none]
- </arg>
- <arg choice="opt">
- icase
- </arg>
- <arg choice="opt">
- dump
- </arg>
- <arg choice="opt">
- try_first_pass
- </arg>
- <arg choice="opt">
- use_first_pass
- </arg>
- <arg choice="opt">
- unknown_ok
- </arg>
- <arg choice="opt">
- key_only
- </arg>
- </cmdsynopsis>
- </refsynopsisdiv>
-
- <refsect1 id="pam_userdb-description">
-
- <title>DESCRIPTION</title>
-
- <para>
- The pam_userdb module is used to verify a username/password pair
- against values stored in a Berkeley DB database. The database is
- indexed by the username, and the data fields corresponding to the
- username keys are the passwords.
- </para>
- </refsect1>
-
- <refsect1 id="pam_userdb-options">
-
- <title>OPTIONS</title>
- <variablelist>
- <varlistentry>
- <term>
- <option>crypt=[crypt|none]</option>
- </term>
- <listitem>
- <para>
- Indicates whether encrypted or plaintext passwords are stored
- in the database. If it is <option>crypt</option>, passwords
- should be stored in the database in
- <citerefentry>
- <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry> form. If <option>none</option> is selected,
- passwords should be stored in the database as plaintext.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>db=<replaceable>/path/database</replaceable></option>
- </term>
- <listitem>
- <para>
- Use the <filename>/path/database</filename> database for
- performing lookup. There is no default; the module will
- return <emphasis remap='B'>PAM_IGNORE</emphasis> if no
- database is provided.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>debug</option>
- </term>
- <listitem>
- <para>
- Print debug information.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>dump</option>
- </term>
- <listitem>
- <para>
- Dump all the entries in the database to the log.
- Don't do this by default!
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>icase</option>
- </term>
- <listitem>
- <para>
- Make the password verification to be case insensitive
- (ie when working with registration numbers and such).
- Only works with plaintext password storage.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
- <option>try_first_pass</option>
- </term>
- <listitem>
- <para>
- Use the authentication token previously obtained by
- another module that did the conversation with the
- application. If this token can not be obtained then
- the module will try to converse. This option can
- be used for stacking different modules that need to
- deal with the authentication tokens.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>use_first_pass</option>
- </term>
- <listitem>
- <para>
- Use the authentication token previously obtained by
- another module that did the conversation with the
- application. If this token can not be obtained then
- the module will fail. This option can be used for
- stacking different modules that need to deal with
- the authentication tokens.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>unknown_ok</option>
- </term>
- <listitem>
- <para>
- Do not return error when checking for a user that is
- not in the database. This can be used to stack more
- than one pam_userdb module that will check a
- username/password pair in more than a database.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <option>key_only</option>
- </term>
- <listitem>
- <para>
- The username and password are concatenated together
- in the database hash as 'username-password' with a
- random value. if the concatenation of the username and
- password with a dash in the middle returns any result,
- the user is valid. this is useful in cases where
- the username may not be unique but the username and
- password pair are.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
-
- <refsect1 id="pam_userdb-services">
- <title>MODULE SERVICES PROVIDED</title>
- <para>
- The services <option>auth</option> and <option>account</option>
- are supported.
- </para>
- </refsect1>
-
- <refsect1 id='pam_userdb-return_values'>
- <title>RETURN VALUES</title>
- <variablelist>
- <varlistentry>
- <term>PAM_AUTH_ERR</term>
- <listitem>
- <para>Authentication failure.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_AUTHTOK_RECOVERY_ERR</term>
- <listitem>
- <para>
- Authentication information cannot be recovered.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_BUF_ERR</term>
- <listitem>
- <para>
- Memory buffer error.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_CONV_ERR</term>
- <listitem>
- <para>
- Conversation failure.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_SERVICE_ERR</term>
- <listitem>
- <para>
- Error in service module.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_SUCCESS</term>
- <listitem>
- <para>
- Success.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PAM_USER_UNKNOWN</term>
- <listitem>
- <para>
- User not known to the underlying authentication module.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- </refsect1>
-
- <refsect1 id='pam_userdb-examples'>
- <title>EXAMPLES</title>
- <programlisting>
-auth sufficient pam_userdb.so icase db=/etc/dbtest.db
- </programlisting>
- </refsect1>
-
- <refsect1 id='pam_userdb-see_also'>
- <title>SEE ALSO</title>
- <para>
- <citerefentry>
- <refentrytitle>crypt</refentrytitle><manvolnum>3</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-
- <refsect1 id='pam_userdb-author'>
- <title>AUTHOR</title>
- <para>
- pam_userdb was written by Cristian Gafton &gt;gafton@redhat.com&lt;.
- </para>
- </refsect1>
-
-</refentry>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-05 23:48:48 +0000