aboutsummaryrefslogtreecommitdiff
path: root/en_US.ISO8859-1/articles/pam/article.xml
diff options
context:
space:
mode:
Diffstat (limited to 'en_US.ISO8859-1/articles/pam/article.xml')
-rw-r--r--en_US.ISO8859-1/articles/pam/article.xml291
1 files changed, 132 insertions, 159 deletions
diff --git a/en_US.ISO8859-1/articles/pam/article.xml b/en_US.ISO8859-1/articles/pam/article.xml
index 6680a890e7..4755b6bec4 100644
--- a/en_US.ISO8859-1/articles/pam/article.xml
+++ b/en_US.ISO8859-1/articles/pam/article.xml
@@ -1,7 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
- "../../../share/xml/freebsd45.dtd">
-
+<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V5.0-Based Extension//EN"
+ "../../../share/xml/freebsd50.dtd">
<!--
- Copyright (c) 2001-2003 Networks Associates Technology, Inc.
- All rights reserved.
@@ -35,10 +34,9 @@
- OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- SUCH DAMAGE.
-->
-
-<article xmlns:xi="http://www.w3.org/2001/XInclude" lang='en'>
- <articleinfo>
- <title>Pluggable Authentication Modules</title>
+<article xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:lang="en">
+ <info><title>Pluggable Authentication Modules</title>
+
<abstract>
<para>This article describes the underlying principles and
@@ -55,14 +53,10 @@
</copyright>
<authorgroup>
- <author>
- <firstname>Dag-Erling</firstname>
- <surname>Sm&oslash;rgrav</surname>
- <contrib>Contributed by </contrib>
- </author>
+ <author><personname><firstname>Dag-Erling</firstname><surname>Sm&oslash;rgrav</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
- <legalnotice id="pam-legalnotice">
+ <legalnotice xml:id="pam-legalnotice">
<para>This article was written for the FreeBSD Project by
ThinkSec AS and Network Associates Laboratories, the Security
Research Division of Network Associates, Inc. under
@@ -70,7 +64,7 @@
as part of the DARPA CHATS research program.</para>
</legalnotice>
- <legalnotice id="trademarks" role="trademarks">
+ <legalnotice xml:id="trademarks" role="trademarks">
&tm-attrib.freebsd;
&tm-attrib.linux;
&tm-attrib.opengroup;
@@ -79,10 +73,10 @@
</legalnotice>
<releaseinfo>$FreeBSD$</releaseinfo>
- </articleinfo>
+ </info>
- <section id="pam-intro">
- <title id="pam-intro.title">Introduction</title>
+ <section xml:id="pam-intro">
+ <title xml:id="pam-intro.title">Introduction</title>
<para>The Pluggable Authentication Modules (PAM) library is a
generalized API for authentication-related services which allows
@@ -104,11 +98,11 @@
Linux and &solaris;.</para>
</section>
- <section id="pam-terms">
- <title id="pam-terms.title">Terms and conventions</title>
+ <section xml:id="pam-terms">
+ <title xml:id="pam-terms.title">Terms and conventions</title>
- <section id="pam-definitions">
- <title id="pam-definitions.title">Definitions</title>
+ <section xml:id="pam-definitions">
+ <title xml:id="pam-definitions.title">Definitions</title>
<para>The terminology surrounding PAM is rather confused.
Neither Samar and Lai's original paper nor the XSSO
@@ -253,8 +247,8 @@
</glosslist>
</section>
- <section id="pam-usage-examples">
- <title id="pam-usage-examples.title">Usage examples</title>
+ <section xml:id="pam-usage-examples">
+ <title xml:id="pam-usage-examples.title">Usage examples</title>
<para>This section aims to illustrate the meanings of some of
the terms defined above by way of a handful of simple
@@ -392,11 +386,11 @@ sshd password required pam_permit.so</programlisting>
-->
</section>
- <section id="pam-essentials">
- <title id="pam-essentials.title">PAM Essentials</title>
+ <section xml:id="pam-essentials">
+ <title xml:id="pam-essentials.title">PAM Essentials</title>
- <section id="pam-facilities-primitives">
- <title id="pam-facilities-primitives.title">Facilities and
+ <section xml:id="pam-facilities-primitives">
+ <title xml:id="pam-facilities-primitives.title">Facilities and
primitives</title>
<para>The PAM API offers six different authentication primitives
@@ -498,8 +492,8 @@ sshd password required pam_permit.so</programlisting>
</section>
- <section id="pam-modules">
- <title id="pam-modules.title">Modules</title>
+ <section xml:id="pam-modules">
+ <title xml:id="pam-modules.title">Modules</title>
<para>Modules are a very central concept in PAM; after all,
they are the <quote>M</quote> in <quote>PAM</quote>. A PAM
@@ -509,12 +503,12 @@ sshd password required pam_permit.so</programlisting>
authentication facility, for instance, include the &unix;
password database, NIS, LDAP and Radius.</para>
- <section id="pam-module-naming">
- <title id="pam-module-naming.title">Module Naming</title>
+ <section xml:id="pam-module-naming">
+ <title xml:id="pam-module-naming.title">Module Naming</title>
<para>FreeBSD implements each mechanism in a single module,
named
- <literal>pam_<replaceable>mechanism</replaceable>.so</literal>
+ <literal>pam_mechanism.so</literal>
(for instance, <literal>pam_unix.so</literal> for the &unix;
mechanism.) Other implementations sometimes have separate
modules for separate facilities, and include the facility
@@ -524,8 +518,8 @@ sshd password required pam_permit.so</programlisting>
commonly used to authenticate dialup users.</para>
</section>
- <section id="pam-module-versioning">
- <title id="pam-module-versioning.title">Module Versioning</title>
+ <section xml:id="pam-module-versioning">
+ <title xml:id="pam-module-versioning.title">Module Versioning</title>
<para>FreeBSD's original PAM implementation, based on
Linux-PAM, did not use version numbers for PAM modules.
@@ -549,8 +543,8 @@ sshd password required pam_permit.so</programlisting>
</section>
</section>
- <section id="pam-chains-policies">
- <title id="pam-chains-policies.title">Chains and
+ <section xml:id="pam-chains-policies">
+ <title xml:id="pam-chains-policies.title">Chains and
policies</title>
<para>When a server initiates a PAM transaction, the PAM library
@@ -657,8 +651,8 @@ sshd password required pam_permit.so</programlisting>
in the same chain as different, unrelated modules.</para>
</section>
- <section id="pam-transactions">
- <title id="pam-transactions.title">Transactions</title>
+ <section xml:id="pam-transactions">
+ <title xml:id="pam-transactions.title">Transactions</title>
<para>The lifecycle of a typical PAM transaction is described
below. Note that if any of these steps fails, the server
@@ -743,14 +737,14 @@ sshd password required pam_permit.so</programlisting>
</section>
</section>
- <section id="pam-config">
- <title id="pam-config.title">PAM Configuration</title>
+ <section xml:id="pam-config">
+ <title xml:id="pam-config.title">PAM Configuration</title>
- <section id="pam-config-file">
- <title id="pam-config-file.title">PAM policy files</title>
+ <section xml:id="pam-config-file">
+ <title xml:id="pam-config-file.title">PAM policy files</title>
- <section id="pam-config-pam.conf">
- <title id="pam-config-pam.conf.title">The
+ <section xml:id="pam-config-pam.conf">
+ <title xml:id="pam-config-pam.conf.title">The
<filename>/etc/pam.conf</filename> file</title>
<para>The traditional PAM policy file is
@@ -776,8 +770,8 @@ sshd password required pam_permit.so</programlisting>
Either way is fine; either way makes equal sense.</para>
</section>
- <section id="pam-config-pam.d">
- <title id="pam-config-pam.d.title">The
+ <section xml:id="pam-config-pam.d">
+ <title xml:id="pam-config-pam.d.title">The
<filename>/etc/pam.d</filename> directory</title>
<para>OpenPAM and Linux-PAM support an alternate configuration
@@ -816,8 +810,8 @@ sshd password required pam_permit.so</programlisting>
software packages.</para>
</section>
- <section id="pam-config-file-order">
- <title id="pam-config-file-order.title">The policy search
+ <section xml:id="pam-config-file-order">
+ <title xml:id="pam-config-file-order.title">The policy search
order</title>
<para>As we have seen above, PAM policies can be found in a
@@ -830,8 +824,8 @@ sshd password required pam_permit.so</programlisting>
</section>
</section>
- <section id="pam-config-breakdown">
- <title id="pam-config-breakdown.title">Breakdown of a
+ <section xml:id="pam-config-breakdown">
+ <title xml:id="pam-config-breakdown.title">Breakdown of a
configuration line</title>
<para>As explained in <xref linkend="pam-config-file"/>, each line in
@@ -864,8 +858,8 @@ sshd password required pam_permit.so</programlisting>
Unsurprisingly, OpenPAM does not support this syntax.</para>
</section>
- <section id="pam-policies">
- <title id="pam-policies.title">Policies</title>
+ <section xml:id="pam-policies">
+ <title xml:id="pam-policies.title">Policies</title>
<para>To configure PAM correctly, it is essential to understand
how policies are interpreted.</para>
@@ -896,7 +890,7 @@ sshd password required pam_permit.so</programlisting>
<colspec colwidth="1*" colname="other"/>
<thead>
<row>
- <entry colname="type"></entry>
+ <entry colname="type"/>
<entry colname="success"><literal>PAM_SUCCESS</literal></entry>
<entry colname="ignore"><literal>PAM_IGNORE</literal></entry>
<entry colname="other"><literal>other</literal></entry>
@@ -965,11 +959,11 @@ sshd password required pam_permit.so</programlisting>
</section>
</section>
- <section id="pam-freebsd-modules">
- <title id="pam-freebsd-modules.title">FreeBSD PAM Modules</title>
+ <section xml:id="pam-freebsd-modules">
+ <title xml:id="pam-freebsd-modules.title">FreeBSD PAM Modules</title>
- <section id="pam-modules-deny">
- <title id="pam-modules-deny.title">&man.pam.deny.8;</title>
+ <section xml:id="pam-modules-deny">
+ <title xml:id="pam-modules-deny.title">&man.pam.deny.8;</title>
<para>The &man.pam.deny.8; module is one of the simplest modules
available; it responds to any request with
@@ -979,8 +973,8 @@ sshd password required pam_permit.so</programlisting>
modules.</para>
</section>
- <section id="pam-modules-echo">
- <title id="pam-modules-echo.title">&man.pam.echo.8;</title>
+ <section xml:id="pam-modules-echo">
+ <title xml:id="pam-modules-echo.title">&man.pam.echo.8;</title>
<para>The &man.pam.echo.8; module simply passes its arguments to
the conversation function as a
@@ -990,8 +984,8 @@ sshd password required pam_permit.so</programlisting>
starting the authentication procedure.</para>
</section>
- <section id="pam-modules-exec">
- <title id="pam-modules-exec.title">&man.pam.exec.8;</title>
+ <section xml:id="pam-modules-exec">
+ <title xml:id="pam-modules-exec.title">&man.pam.exec.8;</title>
<para>The &man.pam.exec.8; module takes its first argument to be
the name of a program to execute, and the remaining arguments
@@ -1000,14 +994,14 @@ sshd password required pam_permit.so</programlisting>
time which mounts the user's home directory.</para>
</section>
- <section id="pam-modules-ftpusers">
- <title id="pam-modules-ftpusers.title">&man.pam.ftpusers.8;</title>
+ <section xml:id="pam-modules-ftpusers">
+ <title xml:id="pam-modules-ftpusers.title">&man.pam.ftpusers.8;</title>
<para>The &man.pam.ftpusers.8; module</para>
</section>
- <section id="pam-modules-group">
- <title id="pam-modules-group.title">&man.pam.group.8;</title>
+ <section xml:id="pam-modules-group">
+ <title xml:id="pam-modules-group.title">&man.pam.group.8;</title>
<para>The &man.pam.group.8; module accepts or rejects applicants
on the basis of their membership in a particular file group
@@ -1017,8 +1011,8 @@ sshd password required pam_permit.so</programlisting>
certain groups of users from a particular service.</para>
</section>
- <section id="pam-modules-guest">
- <title id="pam-modules-guest.title">&man.pam.guest.8;</title>
+ <section xml:id="pam-modules-guest">
+ <title xml:id="pam-modules-guest.title">&man.pam.guest.8;</title>
<para>The &man.pam.guest.8; module allows guest logins using
fixed login names. Various requirements can be placed on the
@@ -1028,26 +1022,26 @@ sshd password required pam_permit.so</programlisting>
anonymous FTP logins.</para>
</section>
- <section id="pam-modules-krb5">
- <title id="pam-modules-krb5.title">&man.pam.krb5.8;</title>
+ <section xml:id="pam-modules-krb5">
+ <title xml:id="pam-modules-krb5.title">&man.pam.krb5.8;</title>
<para>The &man.pam.krb5.8; module</para>
</section>
- <section id="pam-modules-ksu">
- <title id="pam-modules-ksu.title">&man.pam.ksu.8;</title>
+ <section xml:id="pam-modules-ksu">
+ <title xml:id="pam-modules-ksu.title">&man.pam.ksu.8;</title>
<para>The &man.pam.ksu.8; module</para>
</section>
- <section id="pam-modules-lastlog">
- <title id="pam-modules-lastlog.title">&man.pam.lastlog.8;</title>
+ <section xml:id="pam-modules-lastlog">
+ <title xml:id="pam-modules-lastlog.title">&man.pam.lastlog.8;</title>
<para>The &man.pam.lastlog.8; module</para>
</section>
- <section id="pam-modules-login-access">
- <title id="pam-modules-login-access.title">&man.pam.login.access.8;</title>
+ <section xml:id="pam-modules-login-access">
+ <title xml:id="pam-modules-login-access.title">&man.pam.login.access.8;</title>
<para>The &man.pam.login.access.8; module provides an
implementation of the account management primitive which
@@ -1055,8 +1049,8 @@ sshd password required pam_permit.so</programlisting>
&man.login.access.5; table.</para>
</section>
- <section id="pam-modules-nologin">
- <title id="pam-modules-nologin.title">&man.pam.nologin.8;</title>
+ <section xml:id="pam-modules-nologin">
+ <title xml:id="pam-modules-nologin.title">&man.pam.nologin.8;</title>
<para>The &man.pam.nologin.8; module refuses non-root logins
when <filename>/var/run/nologin</filename> exists. This file
@@ -1064,8 +1058,8 @@ sshd password required pam_permit.so</programlisting>
minutes remain until the scheduled shutdown time.</para>
</section>
- <section id="pam-modules-opie">
- <title id="pam-modules-opie.title">&man.pam.opie.8;</title>
+ <section xml:id="pam-modules-opie">
+ <title xml:id="pam-modules-opie.title">&man.pam.opie.8;</title>
<para>The &man.pam.opie.8; module implements the &man.opie.4;
authentication method. The &man.opie.4; system is a
@@ -1078,8 +1072,8 @@ sshd password required pam_permit.so</programlisting>
answered, it is not vulnerable to replay attacks.</para>
</section>
- <section id="pam-modules-opieaccess">
- <title id="pam-modules-opieaccess.title">&man.pam.opieaccess.8;</title>
+ <section xml:id="pam-modules-opieaccess">
+ <title xml:id="pam-modules-opieaccess.title">&man.pam.opieaccess.8;</title>
<para>The &man.pam.opieaccess.8; module is a companion module to
&man.pam.opie.8;. Its purpose is to enforce the restrictions
@@ -1096,14 +1090,14 @@ sshd password required pam_permit.so</programlisting>
<literal>auth</literal> chain.</para>
</section>
- <section id="pam-modules-passwdqc">
- <title id="pam-modules-passwdqc.title">&man.pam.passwdqc.8;</title>
+ <section xml:id="pam-modules-passwdqc">
+ <title xml:id="pam-modules-passwdqc.title">&man.pam.passwdqc.8;</title>
<para>The &man.pam.passwdqc.8; module</para>
</section>
- <section id="pam-modules-permit">
- <title id="pam-modules-permit.title">&man.pam.permit.8;</title>
+ <section xml:id="pam-modules-permit">
+ <title xml:id="pam-modules-permit.title">&man.pam.permit.8;</title>
<para>The &man.pam.permit.8; module is one of the simplest
modules available; it responds to any request with
@@ -1112,20 +1106,20 @@ sshd password required pam_permit.so</programlisting>
empty.</para>
</section>
- <section id="pam-modules-radius">
- <title id="pam-modules-radius.title">&man.pam.radius.8;</title>
+ <section xml:id="pam-modules-radius">
+ <title xml:id="pam-modules-radius.title">&man.pam.radius.8;</title>
<para>The &man.pam.radius.8; module</para>
</section>
- <section id="pam-modules-rhosts">
- <title id="pam-modules-rhosts.title">&man.pam.rhosts.8;</title>
+ <section xml:id="pam-modules-rhosts">
+ <title xml:id="pam-modules-rhosts.title">&man.pam.rhosts.8;</title>
<para>The &man.pam.rhosts.8; module</para>
</section>
- <section id="pam-modules-rootok">
- <title id="pam-modules-rootok.title">&man.pam.rootok.8;</title>
+ <section xml:id="pam-modules-rootok">
+ <title xml:id="pam-modules-rootok.title">&man.pam.rootok.8;</title>
<para>The &man.pam.rootok.8; module reports success if and only
if the real user id of the process calling it (which is
@@ -1135,14 +1129,14 @@ sshd password required pam_permit.so</programlisting>
access.</para>
</section>
- <section id="pam-modules-securetty">
- <title id="pam-modules-securetty.title">&man.pam.securetty.8;</title>
+ <section xml:id="pam-modules-securetty">
+ <title xml:id="pam-modules-securetty.title">&man.pam.securetty.8;</title>
<para>The &man.pam.securetty.8; module</para>
</section>
- <section id="pam-modules-self">
- <title id="pam-modules-self.title">&man.pam.self.8;</title>
+ <section xml:id="pam-modules-self">
+ <title xml:id="pam-modules-self.title">&man.pam.self.8;</title>
<para>The &man.pam.self.8; module reports success if and only if
the names of the applicant matches that of the target account.
@@ -1151,8 +1145,8 @@ sshd password required pam_permit.so</programlisting>
verified.</para>
</section>
- <section id="pam-modules-ssh">
- <title id="pam-modules-ssh.title">&man.pam.ssh.8;</title>
+ <section xml:id="pam-modules-ssh">
+ <title xml:id="pam-modules-ssh.title">&man.pam.ssh.8;</title>
<para>The &man.pam.ssh.8; module provides both authentication
and session services. The authentication service allows users
@@ -1166,14 +1160,14 @@ sshd password required pam_permit.so</programlisting>
console.</para>
</section>
- <section id="pam-modules-tacplus">
- <title id="pam-modules-tacplus.title">&man.pam.tacplus.8;</title>
+ <section xml:id="pam-modules-tacplus">
+ <title xml:id="pam-modules-tacplus.title">&man.pam.tacplus.8;</title>
<para>The &man.pam.tacplus.8; module</para>
</section>
- <section id="pam-modules-unix">
- <title id="pam-modules-unix.title">&man.pam.unix.8;</title>
+ <section xml:id="pam-modules-unix">
+ <title xml:id="pam-modules-unix.title">&man.pam.unix.8;</title>
<para>The &man.pam.unix.8; module implements traditional &unix;
password authentication, using &man.getpwnam.3; to obtain the
@@ -1187,8 +1181,8 @@ sshd password required pam_permit.so</programlisting>
</section>
</section>
- <section id="pam-appl-prog">
- <title id="pam-appl-prog.title">PAM Application Programming</title>
+ <section xml:id="pam-appl-prog">
+ <title xml:id="pam-appl-prog.title">PAM Application Programming</title>
<para><!--XXX-->This section has not yet been written.</para>
@@ -1207,33 +1201,31 @@ sshd password required pam_permit.so</programlisting>
</section>
- <section id="pam-module-prog">
- <title id="pam-module-prog.title">PAM Module Programming</title>
+ <section xml:id="pam-module-prog">
+ <title xml:id="pam-module-prog.title">PAM Module Programming</title>
<para><!--XXX-->This section has not yet been written.</para>
</section>
- <appendix id="pam-sample-appl">
- <title id="pam-sample-appl.title">Sample PAM Application</title>
+ <appendix xml:id="pam-sample-appl">
+ <title xml:id="pam-sample-appl.title">Sample PAM Application</title>
<para>The following is a minimal implementation of &man.su.1;
using PAM. Note that it uses the OpenPAM-specific
&man.openpam.ttyconv.3; conversation function, which is
- prototyped in <filename
- class="headerfile">security/openpam.h</filename>. If you wish
+ prototyped in <filename>security/openpam.h</filename>. If you wish
build this application on a system with a different PAM library,
you will have to provide your own conversation function. A
robust conversation function is surprisingly difficult to
- implement; the one presented in <xref
- linkend="pam-sample-conv"/> is a good
+ implement; the one presented in <xref linkend="pam-sample-conv"/> is a good
starting point, but should not be used in real-world
applications.</para>
-<programlisting><xi:include href="su.c" parse="text"/></programlisting>
+<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="su.c" parse="text"/></programlisting>
</appendix>
- <appendix id="pam-sample-module">
- <title id="pam-sample-module.title">Sample PAM Module</title>
+ <appendix xml:id="pam-sample-module">
+ <title xml:id="pam-sample-module.title">Sample PAM Module</title>
<para>The following is a minimal implementation of
&man.pam.unix.8;, offering only authentication services. It
@@ -1242,11 +1234,11 @@ sshd password required pam_permit.so</programlisting>
&man.pam.get.authtok.3;, which enormously simplifies prompting
the user for a password.</para>
-<programlisting><xi:include href="pam_unix.c" parse="text"/></programlisting>
+<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_unix.c" parse="text"/></programlisting>
</appendix>
- <appendix id="pam-sample-conv">
- <title id="pam-sample-conv.title">Sample PAM Conversation
+ <appendix xml:id="pam-sample-conv">
+ <title xml:id="pam-sample-conv.title">Sample PAM Conversation
Function</title>
<para>The conversation function presented below is a greatly
@@ -1258,57 +1250,46 @@ sshd password required pam_permit.so</programlisting>
your uses; we believe it to be as robust as a tty-oriented
conversation function can reasonably get.</para>
-<programlisting><xi:include href="converse.c" parse="text"/></programlisting>
+<programlisting><xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="converse.c" parse="text"/></programlisting>
</appendix>
- <bibliography id="pam-further">
- <title id="pam-further.title">Further Reading</title>
+ <bibliography xml:id="pam-further">
+ <info><title xml:id="pam-further.title">Further Reading</title>
+
<abstract>
<para>This is a list of documents relevant to PAM and related
issues. It is by no means complete.</para>
</abstract>
+ </info>
<bibliodiv>
<title>Papers</title>
<biblioentry>
- <title><ulink
- url="http://www.sun.com/software/solaris/pam/pam.external.pdf">
+ <citetitle><link xlink:href="http://www.sun.com/software/solaris/pam/pam.external.pdf">
Making Login Services Independent of Authentication
- Technologies</ulink></title>
+ Technologies</link></citetitle>
<authorgroup>
- <author>
- <surname>Samar</surname>
- <firstname>Vipin</firstname>
- </author>
- <author>
- <surname>Lai</surname>
- <firstname>Charlie</firstname>
- </author>
+ <author><personname><surname>Samar</surname><firstname>Vipin</firstname></personname></author>
+ <author><personname><surname>Lai</surname><firstname>Charlie</firstname></personname></author>
</authorgroup>
<orgname>Sun Microsystems</orgname>
</biblioentry>
<biblioentry>
- <title><ulink
- url="http://www.opengroup.org/pubs/catalog/p702.htm">X/Open
- Single Sign-on Preliminary Specification</ulink></title>
+ <citetitle><link xlink:href="http://www.opengroup.org/pubs/catalog/p702.htm">X/Open
+ Single Sign-on Preliminary Specification</link></citetitle>
<orgname>The Open Group</orgname>
- <isbn>1-85912-144-6</isbn>
+ <biblioid class="isbn">1-85912-144-6</biblioid>
<pubdate>June 1997</pubdate>
</biblioentry>
<biblioentry>
- <title><ulink
- url="http://www.kernel.org/pub/linux/libs/pam/pre/doc/current-draft.txt">
- Pluggable Authentication Modules</ulink></title>
- <author>
- <surname>Morgan</surname>
- <firstname>Andrew</firstname>
- <othername role="mi">G.</othername>
- </author>
- <pubdate>October 6, 1999</pubdate>
+ <citetitle><link xlink:href="http://www.kernel.org/pub/linux/libs/pam/pre/doc/current-draft.txt">
+ Pluggable Authentication Modules</link></citetitle>
+ <author><personname><surname>Morgan</surname><firstname>Andrew</firstname><othername role="mi">G.</othername></personname></author>
+ <pubdate>1999-10-06</pubdate>
</biblioentry>
</bibliodiv>
@@ -1316,9 +1297,8 @@ sshd password required pam_permit.so</programlisting>
<title>User Manuals</title>
<biblioentry>
- <title><ulink
- url="http://www.sun.com/software/solaris/pam/pam.admin.pdf">PAM
- Administration</ulink></title>
+ <citetitle><link xlink:href="http://www.sun.com/software/solaris/pam/pam.admin.pdf">PAM
+ Administration</link></citetitle>
<orgname>Sun Microsystems</orgname>
</biblioentry>
</bibliodiv>
@@ -1327,25 +1307,18 @@ sshd password required pam_permit.so</programlisting>
<title>Related Web pages</title>
<biblioentry>
- <title><ulink url="http://openpam.sourceforge.net/">OpenPAM homepage</ulink></title>
- <author>
- <surname>Sm&oslash;rgrav</surname>
- <firstname>Dag-Erling</firstname>
- </author>
+ <citetitle><link xlink:href="http://openpam.sourceforge.net/">OpenPAM homepage</link></citetitle>
+ <author><personname><surname>Sm&oslash;rgrav</surname><firstname>Dag-Erling</firstname></personname></author>
<orgname>ThinkSec AS</orgname>
</biblioentry>
<biblioentry>
- <title><ulink url="http://www.kernel.org/pub/linux/libs/pam/">Linux-PAM homepage</ulink></title>
- <author>
- <surname>Morgan</surname>
- <firstname>Andrew</firstname>
- <othername role="mi">G.</othername>
- </author>
+ <citetitle><link xlink:href="http://www.kernel.org/pub/linux/libs/pam/">Linux-PAM homepage</link></citetitle>
+ <author><personname><surname>Morgan</surname><firstname>Andrew</firstname><othername role="mi">G.</othername></personname></author>
</biblioentry>
<biblioentry>
- <title><ulink url="http://wwws.sun.com/software/solaris/pam/">Solaris PAM homepage</ulink></title>
+ <citetitle><link xlink:href="http://wwws.sun.com/software/solaris/pam/">Solaris PAM homepage</link></citetitle>
<orgname>Sun Microsystems</orgname>
</biblioentry>
</bibliodiv>