From 8fa87c2931a1f25e4d2a851385b18759f7e6fde9 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 7 Feb 2006 07:51:13 +0000 Subject: Relevant BUGIDs: Purpose of commit: new feature Commit summary: --------------- 2006-02-07 Thorsten Kukuk * configure.in: Check for text browser. * Make.xml.rules: Add rule to generate README from README.xml. * modules/pam_access/Makefile.am: Include Make.xml.rules. * modules/pam_access/README: Regenerated from README.xml. * modules/pam_access/README.xml: New. * modules/pam_access/access.conf: Extended by new examples. * modules/pam_access/access.conf.5: New, generated from xml file. * modules/pam_access/access.conf.5.xml: New. * modules/pam_access/pam_access.8: New, generated from xml file. * modules/pam_access/pam_access.8.xml: New. * modules/pam_access/pam_access.c: Add rules for IPv6 and netmasks. Based on patch from Mike Becher . * modules/pam_deny/Makefile.am: Include Make.xml.rules. * modules/pam_deny/pam_deny.8.xml: New. * modules/pam_deny/pam_deny.8: New, generated from xml file. * modules/pam_deny/README.xml: New. * modules/pam_deny/README: Regenerated from xml file. * modules/pam_cracklib/Makefile.am: Include Make.xml.rules. * modules/pam_cracklib/pam_cracklib.8.xml: New. * modules/pam_cracklib/pam_cracklib.8: New, generated from xml file. * modules/pam_cracklib/README.xml: New. * modules/pam_cracklib/README: Regenerated from xml file. * modules/pam_exec/Makefile.am: Add rule to generate README. * modules/pam_exec/README: Regenerated from xml file. * modules/pam_exec/pam_exec.8: Regenerated from xml file. * modules/pam_exec/pam_exec.8.xml: Syntax files. --- modules/pam_deny/Makefile.am | 15 ++++- modules/pam_deny/README | 33 +++++++++- modules/pam_deny/README.xml | 36 +++++++++++ modules/pam_deny/pam_deny.8 | 66 ++++++++++++++++++++ modules/pam_deny/pam_deny.8.xml | 132 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 278 insertions(+), 4 deletions(-) create mode 100644 modules/pam_deny/README.xml create mode 100644 modules/pam_deny/pam_deny.8 create mode 100644 modules/pam_deny/pam_deny.8.xml (limited to 'modules/pam_deny') diff --git a/modules/pam_deny/Makefile.am b/modules/pam_deny/Makefile.am index 4fe567a6..aa484074 100644 --- a/modules/pam_deny/Makefile.am +++ b/modules/pam_deny/Makefile.am @@ -4,7 +4,10 @@ CLEANFILES = *~ -EXTRA_DIST = README +EXTRA_DIST = README README.xml $(MANS) $(XMLS) + +man_MANS = pam_deny.8 +man_XMLS = pam_deny.8.xml securelibdir = $(SECUREDIR) secureconfdir = $(SCONFIGDIR) @@ -17,3 +20,13 @@ if HAVE_VERSIONING endif securelib_LTLIBRARIES = pam_deny.la + +if ENABLE_REGENERATE_MAN + +noinst_DATA = README + +README: pam_deny.8.xml + +-include $(top_srcdir)/Make.xml.rules +endif + diff --git a/modules/pam_deny/README b/modules/pam_deny/README index 6683bdcc..16845265 100644 --- a/modules/pam_deny/README +++ b/modules/pam_deny/README @@ -1,4 +1,31 @@ -# $Id$ -# +pam_deny — The locking-out PAM module + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +This module can be used to deny access. It always indicates a failure to the +application through the PAM framework. It might be suitable for using for +default (the OTHER) entries. + +EXAMPLES + + #%PAM-1.0 + # + # If we don't have config entries for a service, the + # OTHER entries are used. To be secure, warn and deny + # access to everything. + other auth required pam_warn.so + other auth required pam_deny.so + other account required pam_warn.so + other account required pam_deny.so + other password required pam_warn.so + other password required pam_deny.so + other session required pam_warn.so + other session required pam_deny.so + + +AUTHOR + +pam_deny was written by Andrew G. Morgan -this module always fails, it ignores all options. diff --git a/modules/pam_deny/README.xml b/modules/pam_deny/README.xml new file mode 100644 index 00000000..ff2e82b0 --- /dev/null +++ b/modules/pam_deny/README.xml @@ -0,0 +1,36 @@ + + +--> +]> + +
+ + + + + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_deny.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_deny-name"]/*)'/> + + + + +
+ +
+ +
+ +
+ +
+ +
+ +
diff --git a/modules/pam_deny/pam_deny.8 b/modules/pam_deny/pam_deny.8 new file mode 100644 index 00000000..2638ef07 --- /dev/null +++ b/modules/pam_deny/pam_deny.8 @@ -0,0 +1,66 @@ +.\" ** You probably do not want to edit this file directly ** +.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). +.\" Instead of manually editing it, you probably should edit the DocBook XML +.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. +.TH "PAM_DENY" "8" "02/03/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_deny \- The locking\-out PAM module +.SH "SYNOPSIS" +.HP 12 +\fBpam_deny.so\fR +.SH "DESCRIPTION" +.PP +This module can be used to deny access. It always indicates a failure to the application through the PAM framework. It might be suitable for using for default (the +\fIOTHER\fR) entries. +.SH "MODULE SERVICES PROVIDED" +.PP +All services (\fBaccount\fR, +\fBauth\fR, +\fBpassword\fR +and +\fBsession\fR) are supported. +.SH "RETURN VALUES" +.PP +.TP +PAM_AUTH_ERR +This is returned by the account and auth services. +.TP +PAM_CRED_ERR +This is returned by the setcred function. +.TP +PAM_AUTHTOK_ERR +This is returned by the password service. +.TP +PAM_SESSION_ERR +This is returned by the session service. +.SH "EXAMPLES" +.PP +.nf + #%PAM\-1.0 + # + # If we don't have config entries for a service, the + # OTHER entries are used. To be secure, warn and deny + # access to everything. + other auth required pam_warn.so + other auth required pam_deny.so + other account required pam_warn.so + other account required pam_deny.so + other password required pam_warn.so + other password required pam_deny.so + other session required pam_warn.so + other session required pam_deny.so + +.fi +.sp +.SH "SEE ALSO" +.PP +\fBpam.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_deny was written by Andrew G. Morgan diff --git a/modules/pam_deny/pam_deny.8.xml b/modules/pam_deny/pam_deny.8.xml new file mode 100644 index 00000000..eaa0b387 --- /dev/null +++ b/modules/pam_deny/pam_deny.8.xml @@ -0,0 +1,132 @@ + + + + + + + pam_deny + 8 + Linux-PAM Manual + + + + pam_deny + The locking-out PAM module + + + + + pam_deny.so + + + + + + DESCRIPTION + + + This module can be used to deny access. It always indicates a failure + to the application through the PAM framework. It might be suitable + for using for default (the OTHER) entries. + + + + + + MODULE SERVICES PROVIDED + + All services (, , + and ) are supported. + + + + + RETURN VALUES + + + + + PAM_AUTH_ERR + + + This is returned by the account and auth services. + + + + + + PAM_CRED_ERR + + + This is returned by the setcred function. + + + + + + PAM_AUTHTOK_ERR + + + This is returned by the password service. + + + + + + PAM_SESSION_ERR + + + This is returned by the session service. + + + + + + + + + + EXAMPLES + + + #%PAM-1.0 + # + # If we don't have config entries for a service, the + # OTHER entries are used. To be secure, warn and deny + # access to everything. + other auth required pam_warn.so + other auth required pam_deny.so + other account required pam_warn.so + other account required pam_deny.so + other password required pam_warn.so + other password required pam_deny.so + other session required pam_warn.so + other session required pam_deny.so + + + + + + SEE ALSO + + + pam.conf5 + , + + pam.d8 + , + + pam8 + + + + + + AUTHOR + + pam_deny was written by Andrew G. Morgan <morgan@kernel.org> + + + + -- cgit v1.2.3