From d48c90b14254794fcad9ccc37873a8c663cce02d Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 8 Jan 2008 12:44:15 +0000 Subject: Relevant BUGIDs: Purpose of commit: cleanup Commit summary: --------------- Remove autogenerated documentation from CVS --- modules/pam_keyinit/.cvsignore | 2 + modules/pam_keyinit/README | 24 ------- modules/pam_keyinit/pam_keyinit.8 | 133 -------------------------------------- 3 files changed, 2 insertions(+), 157 deletions(-) delete mode 100644 modules/pam_keyinit/README delete mode 100644 modules/pam_keyinit/pam_keyinit.8 (limited to 'modules/pam_keyinit') diff --git a/modules/pam_keyinit/.cvsignore b/modules/pam_keyinit/.cvsignore index 9fb98574..a2072fc9 100644 --- a/modules/pam_keyinit/.cvsignore +++ b/modules/pam_keyinit/.cvsignore @@ -4,3 +4,5 @@ .libs Makefile Makefile.in +README +pam_keyinit.8 diff --git a/modules/pam_keyinit/README b/modules/pam_keyinit/README deleted file mode 100644 index a27077b3..00000000 --- a/modules/pam_keyinit/README +++ /dev/null @@ -1,24 +0,0 @@ -# $Id$ -*- text -*- -# - -This module makes sure the calling process has its own session keyring rather -than using the default per-user session keyring. - -The following words may be supplied as arguments to the module through the PAM -configuration scripts: - - (*) "force" - - This will cause the process's current session keyring to be replaced with - a new one. If this isn't supplied, a session keyring will only be created - if the process doesn't already have its own. - - (*) "revoke" - - If the module actually created a keyring, this will cause that keyring to - be revoked on session closure. - - (*) "debug" - - This will cause the module to write some debugging information to the - syslog. diff --git a/modules/pam_keyinit/pam_keyinit.8 b/modules/pam_keyinit/pam_keyinit.8 deleted file mode 100644 index 40b1e125..00000000 --- a/modules/pam_keyinit/pam_keyinit.8 +++ /dev/null @@ -1,133 +0,0 @@ -.\"Generated by db2man.xsl. Don't modify this, modify the source. -.de Sh \" Subsection -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp \" Vertical space (when we can't use .PP) -.if t .sp .5v -.if n .sp -.. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.TH "PAM_KEYINIT" 8 "" "" "" -.SH NAME -pam_keyinit \- Kernel session keyring initialiser module -.SH "SYNOPSIS" -.ad l -.hy 0 -.HP 15 -\fBpam_keyinit\&.so\fR [debug] [force] [revoke] -.ad -.hy - -.SH "DESCRIPTION" - -.PP -The pam_keyinit PAM module ensures that the invoking process has a session keyring other than the user default session keyring\&. - -.PP -The session component of the module checks to see if the process's session keyring is the user default, and, if it is, creates a new anonymous session keyring with which to replace it\&. - -.PP -If a new session keyring is created, it will install a link to the user common keyring in the session keyring so that keys common to the user will be automatically accessible through it\&. - -.PP -The session keyring of the invoking process will thenceforth be inherited by all its children unless they override it\&. - -.PP -This module is intended primarily for use by login processes\&. Be aware that after the session keyring has been replaced, the old session keyring and the keys it contains will no longer be accessible\&. - -.PP -This module should not, generally, be invoked by programs like \fIsu\fR, since it is usually desirable for the key set to percolate through to the alternate context\&. The keys have their own permissions system to manage this\&. - -.PP -This module should be included as early as possible in a PAM configuration, so that other PAM modules can attach tokens to the keyring\&. - -.PP -The keyutils package is used to manipulate keys more directly\&. This included in the Fedora Extras 5+ and Red Hat Enterprise Linux 4 U2+ and can also be obtained from: - -.PP - Keyutils : \fIhttp://people.redhat.com/~dhowells/keyutils/\fR - -.SH "OPTIONS" - -.TP -\fBdebug\fR -Log debug information with \fBsyslog\fR(3)\&. - -.TP -\fBforce\fR -Causes the session keyring of the invoking process to be replaced unconditionally\&. - -.TP -\fBrevoke\fR -Causes the session keyring of the invoking process to be revoked when the invoking process exits if the session keyring was created for this process in the first place\&. - -.SH "MODULE SERVICES PROVIDED" - -.PP -Only the \fIsession\fR service is supported\&. - -.SH "RETURN VALUES" - -.TP -PAM_SUCCESS -This module will usually return this value - -.TP -PAM_AUTH_ERR -Authentication failure\&. - -.TP -PAM_BUF_ERR -Memory buffer error\&. - -.TP -PAM_IGNORE -The return value should be ignored by PAM dispatch\&. - -.TP -PAM_SERVICE_ERR -Cannot determine the user name\&. - -.TP -PAM_SESSION_ERR -This module will return this value if its arguments are invalid or if a system error such as ENOMEM occurs\&. - -.TP -PAM_USER_UNKNOWN -User not known\&. - -.SH "EXAMPLES" - -.PP -Add this line to your login entries to start each login session with its own session keyring: - -.nf - -session required pam_keyinit\&.so - -.fi - - -.PP -This will prevent keys from one session leaking into another session for the same user\&. - -.SH "SEE ALSO" - -.PP - \fBpam\&.conf\fR(5), \fBpam\&.d\fR(8), \fBpam\fR(8) \fBkeyctl\fR(1) - -.SH "AUTHOR" - -.PP -pam_keyinit was written by David Howells, \&. - -- cgit v1.2.3