diff options
Diffstat (limited to 'modules/pam_wheel')
-rw-r--r-- | modules/pam_wheel/Makefile.am | 4 | ||||
-rw-r--r-- | modules/pam_wheel/Makefile.in | 15 | ||||
-rw-r--r-- | modules/pam_wheel/README.xml | 32 | ||||
-rw-r--r-- | modules/pam_wheel/pam_wheel.8 | 20 | ||||
-rw-r--r-- | modules/pam_wheel/pam_wheel.8.xml | 59 |
5 files changed, 64 insertions, 66 deletions
diff --git a/modules/pam_wheel/Makefile.am b/modules/pam_wheel/Makefile.am index 67ddc678..4d9084e0 100644 --- a/modules/pam_wheel/Makefile.am +++ b/modules/pam_wheel/Makefile.am @@ -15,7 +15,11 @@ dist_check_SCRIPTS = tst-pam_wheel TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) +if HAVE_VENDORDIR +secureconfdir = $(VENDOR_SCONFIGDIR) +else secureconfdir = $(SCONFIGDIR) +endif AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ $(WARN_CFLAGS) diff --git a/modules/pam_wheel/Makefile.in b/modules/pam_wheel/Makefile.in index fedf07ad..d9ea36d3 100644 --- a/modules/pam_wheel/Makefile.in +++ b/modules/pam_wheel/Makefile.in @@ -428,6 +428,7 @@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ +DOCBOOK_RNG = @DOCBOOK_RNG@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -440,11 +441,13 @@ EXEEXT = @EXEEXT@ EXE_CFLAGS = @EXE_CFLAGS@ EXE_LDFLAGS = @EXE_LDFLAGS@ FGREP = @FGREP@ +FILECMD = @FILECMD@ FO2PDF = @FO2PDF@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GREP = @GREP@ +HTML_STYLESHEET = @HTML_STYLESHEET@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -476,12 +479,14 @@ LIBSELINUX = @LIBSELINUX@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ +LOGIND_CFLAGS = @LOGIND_CFLAGS@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ +MAN_STYLESHEET = @MAN_STYLESHEET@ MKDIR_P = @MKDIR_P@ MSGFMT = @MSGFMT@ MSGFMT_015 = @MSGFMT_015@ @@ -504,6 +509,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PDF_STYLESHEET = @PDF_STYLESHEET@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ @@ -514,12 +520,16 @@ SECUREDIR = @SECUREDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -STRINGPARAM_HMAC = @STRINGPARAM_HMAC@ +STRINGPARAM_PROFILECONDITIONS = @STRINGPARAM_PROFILECONDITIONS@ STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@ STRIP = @STRIP@ +SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@ +SYSTEMD_LIBS = @SYSTEMD_LIBS@ TIRPC_CFLAGS = @TIRPC_CFLAGS@ TIRPC_LIBS = @TIRPC_LIBS@ +TXT_STYLESHEET = @TXT_STYLESHEET@ USE_NLS = @USE_NLS@ +VENDOR_SCONFIGDIR = @VENDOR_SCONFIGDIR@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XGETTEXT = @XGETTEXT@ @@ -593,7 +603,8 @@ XMLS = README.xml pam_wheel.8.xml dist_check_SCRIPTS = tst-pam_wheel TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) -secureconfdir = $(SCONFIGDIR) +@HAVE_VENDORDIR_FALSE@secureconfdir = $(SCONFIGDIR) +@HAVE_VENDORDIR_TRUE@secureconfdir = $(VENDOR_SCONFIGDIR) AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ $(WARN_CFLAGS) diff --git a/modules/pam_wheel/README.xml b/modules/pam_wheel/README.xml index 9e33d7ff..e40c46e8 100644 --- a/modules/pam_wheel/README.xml +++ b/modules/pam_wheel/README.xml @@ -1,41 +1,27 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -"http://www.docbook.org/xml/4.3/docbookx.dtd" -[ -<!-- -<!ENTITY pamaccess SYSTEM "pam_wheel.8.xml"> ---> -]> +<article xmlns="http://docbook.org/ns/docbook" version="5.0"> -<article> - - <articleinfo> + <info> <title> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_wheel.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_wheel-name"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_wheel.8.xml" xpointer='xpointer(id("pam_wheel-name")/*)'/> </title> - </articleinfo> + </info> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-description"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_wheel.8.xml" xpointer='xpointer(id("pam_wheel-description")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-options"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_wheel.8.xml" xpointer='xpointer(id("pam_wheel-options")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-examples"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_wheel.8.xml" xpointer='xpointer(id("pam_wheel-examples")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_wheel.8.xml" xpointer='xpointer(//refsect1[@id = "pam_wheel-author"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_wheel.8.xml" xpointer='xpointer(id("pam_wheel-author")/*)'/> </section> -</article> +</article>
\ No newline at end of file diff --git a/modules/pam_wheel/pam_wheel.8 b/modules/pam_wheel/pam_wheel.8 index 648046e6..8077e814 100644 --- a/modules/pam_wheel/pam_wheel.8 +++ b/modules/pam_wheel/pam_wheel.8 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_wheel .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 09/03/2021 +.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/> +.\" Date: 05/07/2023 .\" Manual: Linux-PAM Manual -.\" Source: Linux-PAM Manual +.\" Source: Linux-PAM .\" Language: English .\" -.TH "PAM_WHEEL" "8" "09/03/2021" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_WHEEL" "8" "05/07/2023" "Linux\-PAM" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -42,12 +42,12 @@ group\&. If no group with this name exist, the module is using the group with th \fB0\fR\&. .SH "OPTIONS" .PP -\fBdebug\fR +debug .RS 4 Print debug information\&. .RE .PP -\fBdeny\fR +deny .RS 4 Reverse the sense of the auth operation: if the user is trying to get UID 0 access and is a member of the wheel group (or the group of the \fBgroup\fR @@ -56,24 +56,24 @@ option), deny access\&. Conversely, if the user is not in the group, return PAM_ was also specified, in which case we return PAM_SUCCESS)\&. .RE .PP -\fBgroup=\fR\fB\fIname\fR\fR +group=name .RS 4 Instead of checking the wheel or GID 0 groups, use the \fB\fIname\fR\fR group to perform the authentication\&. .RE .PP -\fBroot_only\fR +root_only .RS 4 The check for wheel membership is done only when the target user UID is 0\&. .RE .PP -\fBtrust\fR +trust .RS 4 The pam_wheel module will return PAM_SUCCESS instead of PAM_IGNORE if the user is a member of the wheel group (thus with a little play stacking the modules the wheel members may be able to su to root without being prompted for a passwd)\&. .RE .PP -\fBuse_uid\fR +use_uid .RS 4 The check will be done against the real uid of the calling process, instead of trying to obtain the user from the login session associated with the terminal in use\&. .RE diff --git a/modules/pam_wheel/pam_wheel.8.xml b/modules/pam_wheel/pam_wheel.8.xml index ee8c7d26..af0fd619 100644 --- a/modules/pam_wheel/pam_wheel.8.xml +++ b/modules/pam_wheel/pam_wheel.8.xml @@ -1,45 +1,42 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> - -<refentry id="pam_wheel"> +<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="pam_wheel"> <refmeta> <refentrytitle>pam_wheel</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> + <refmiscinfo class="source">Linux-PAM</refmiscinfo> + <refmiscinfo class="manual">Linux-PAM Manual</refmiscinfo> </refmeta> - <refnamediv id="pam_wheel-name"> + <refnamediv xml:id="pam_wheel-name"> <refname>pam_wheel</refname> <refpurpose>Only permit root access to members of group wheel</refpurpose> </refnamediv> <refsynopsisdiv> - <cmdsynopsis id="pam_wheel-cmdsynopsis"> + <cmdsynopsis xml:id="pam_wheel-cmdsynopsis" sepchar=" "> <command>pam_wheel.so</command> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> debug </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> deny </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> group=<replaceable>name</replaceable> </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> root_only </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> trust </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> use_uid </arg> </cmdsynopsis> </refsynopsisdiv> - <refsect1 id="pam_wheel-description"> + <refsect1 xml:id="pam_wheel-description"> <title>DESCRIPTION</title> <para> The pam_wheel PAM module is used to enforce the so-called @@ -47,16 +44,16 @@ access to the target user if the applicant user is a member of the <emphasis>wheel</emphasis> group. If no group with this name exist, the module is using the group with the group-ID - <emphasis remap='B'>0</emphasis>. + <emphasis remap="B">0</emphasis>. </para> </refsect1> - <refsect1 id="pam_wheel-options"> + <refsect1 xml:id="pam_wheel-options"> <title>OPTIONS</title> <variablelist> <varlistentry> <term> - <option>debug</option> + debug </term> <listitem> <para> @@ -66,7 +63,7 @@ </varlistentry> <varlistentry> <term> - <option>deny</option> + deny </term> <listitem> <para> @@ -81,7 +78,7 @@ </varlistentry> <varlistentry> <term> - <option>group=<replaceable>name</replaceable></option> + group=name </term> <listitem> <para> @@ -93,7 +90,7 @@ </varlistentry> <varlistentry> <term> - <option>root_only</option> + root_only </term> <listitem> <para> @@ -104,7 +101,7 @@ </varlistentry> <varlistentry> <term> - <option>trust</option> + trust </term> <listitem> <para> @@ -118,7 +115,7 @@ </varlistentry> <varlistentry> <term> - <option>use_uid</option> + use_uid </term> <listitem> <para> @@ -131,15 +128,15 @@ </variablelist> </refsect1> - <refsect1 id="pam_wheel-types"> + <refsect1 xml:id="pam_wheel-types"> <title>MODULE TYPES PROVIDED</title> <para> - The <emphasis remap='B'>auth</emphasis> and - <emphasis remap='B'>account</emphasis> module types are provided. + The <emphasis remap="B">auth</emphasis> and + <emphasis remap="B">account</emphasis> module types are provided. </para> </refsect1> - <refsect1 id='pam_wheel-return_values'> + <refsect1 xml:id="pam_wheel-return_values"> <title>RETURN VALUES</title> <variablelist> <varlistentry> @@ -204,7 +201,7 @@ </variablelist> </refsect1> - <refsect1 id='pam_wheel-examples'> + <refsect1 xml:id="pam_wheel-examples"> <title>EXAMPLES</title> <para> The root account gains access by default (rootok), only wheel @@ -218,7 +215,7 @@ su auth required pam_unix.so </para> </refsect1> - <refsect1 id='pam_wheel-see_also'> + <refsect1 xml:id="pam_wheel-see_also"> <title>SEE ALSO</title> <para> <citerefentry> @@ -233,11 +230,11 @@ su auth required pam_unix.so </para> </refsect1> - <refsect1 id='pam_wheel-author'> + <refsect1 xml:id="pam_wheel-author"> <title>AUTHOR</title> <para> pam_wheel was written by Cristian Gafton <gafton@redhat.com>. </para> </refsect1> -</refentry> +</refentry>
\ No newline at end of file |