diff options
Diffstat (limited to 'contrib/libpam/doc/man')
| -rw-r--r-- | contrib/libpam/doc/man/pam.8 | 124 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam.conf.8 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam.d.8 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_authenticate.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_chauthtok.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_close_session.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_end.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_fail_delay.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_open_session.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_setcred.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_start.3 | 2 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/pam_strerror.3 | 14 | ||||
| -rw-r--r-- | contrib/libpam/doc/man/template-man | 2 |
13 files changed, 126 insertions, 34 deletions
diff --git a/contrib/libpam/doc/man/pam.8 b/contrib/libpam/doc/man/pam.8 index 75384416f2cfc..b814cebe2ec2a 100644 --- a/contrib/libpam/doc/man/pam.8 +++ b/contrib/libpam/doc/man/pam.8 @@ -1,7 +1,7 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam.8,v 1.2 1997/02/15 18:37:27 morgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@linux.kernel.org> -.TH PAM 8 "1997 Feb 9" "Linux-PAM 0.56" "Linux-PAM Manual" +.\" $Id: pam.8,v 1.2 2001/01/20 23:47:07 agmorgan Exp $ +.\" Copyright (c) Andrew G. Morgan 1996-7,2001 <morgan@kernel.org> +.TH PAM 8 "2001 Jan 20" "Linux-PAM 0.74" "Linux-PAM Manual" .SH NAME Linux-PAM \- Pluggable Authentication Modules for Linux @@ -197,7 +197,14 @@ The meaning of each of these tokens was explained above. The third field, .BR control ", " indicates the behavior of the PAM-API should the module fail to -succeed in its authentication task. Valid +succeed in its authentication task. There are two types of syntax for +this control field: the simple one has a single simple keyword; the +more complicated one involves a square-bracketed selection of +.B value=action +pairs. + +.sp +For the simple (historical) syntax valid .BR control values are: .BR requisite @@ -224,8 +231,97 @@ only module in the stack associated with this .BR service "+" type "." .sp +For the more complicated syntax valid +.B control +values have the following form: +.sp +.RB [value1=action1 value2=action2 ...] +.sp +Where +.B valueN +corresponds to the return code from the function invoked in the module +for which the line is defined. It is selected from one of these: +.BR success ; +.BR open_err ; +.BR symbol_err ; +.BR service_err ; +.BR system_err ; +.BR buf_err ; +.BR perm_denied ; +.BR auth_err ; +.BR cred_insufficient ; +.BR authinfo_unavail ; +.BR user_unknown ; +.BR maxtries ; +.BR new_authtok_reqd ; +.BR acct_expired ; +.BR session_err ; +.BR cred_unavail ; +.BR cred_expired ; +.BR cred_err ; +.BR no_module_data ; +.BR conv_err ; +.BR authtok_err ; +.BR authtok_recover_err ; +.BR authtok_lock_busy ; +.BR authtok_disable_aging ; +.BR try_again ; +.BR ignore ; +.BR abort ; +.BR authtok_expired ; +.BR module_unknown ; +.BR bad_item "; and" +.BR default . +The last of these, +.BR default , +implies 'all +.BR valueN 's +not mentioned explicitly. Note, the full list of PAM errors is +available in /usr/include/security/_pam_types.h . The +.B actionN +can be: an unsigned integer, +.BR J , +signifying an action of 'jump over the next J modules in the stack'; +or take one of the following forms: +.br +.B ignore +- when used with a stack of modules, the module's return status will +not contribute to the return code the application obtains; +.br +.B bad +- this action indicates that the return code should be thought of as +indicative of the module failing. If this module is the first in the +stack to fail, its status value will be used for that of the whole +stack. +.br +.B die +- equivalent to bad with the side effect of terminating the module +stack and PAM immediately returning to the application. +.br +.B ok +- this tells PAM that the administrator thinks this return code +should contribute directly to the return code of the full stack of +modules. In other words, if the former state of the stack would lead +to a return of +.BR PAM_SUCCESS , +the module's return code will override this value. Note, if the former +state of the stack holds some value that is indicative of a modules +failure, this 'ok' value will not be used to override that value. +.br +.B done +- equivalent to ok with the side effect of terminating the module +stack and PAM immediately returning to the application. +.br +.B reset +- clear all memory of the state of the module stack and start again +with the next stacked module. + +.sp .BR module-path -- this is the full filename of the PAM to be used by the application +- this is either the full filename of the PAM to be used by the +application (it begins with a '/'), or a relative pathname from the +default module location: +.BR /lib/security/ . .sp .BR module-arguments @@ -238,19 +334,13 @@ documented for each individual module. .br .BR /etc/pam.d/ " - the" .BR Linux-PAM -configuration directory. If this directory is present, the +configuration directory. Generally, if this directory is present, the .B /etc/pam.conf file is ignored. .br -.BR /usr/lib/libpam.so.X " - the dynamic library" +.BR /lib/libpam.so.X " - the dynamic library" .br -.BR /usr/lib/security/*.so " - the PAMs - -.sp -Note, to conform to the Linux File-system standard, the libraries and -modules in your system may be located in -.BR /lib " and " /lib/security -respectively. +.BR /lib/security/*.so " - the PAMs .SH ERRORS Typically errors generated by the @@ -261,8 +351,8 @@ system of libraries, will be written to .SH "CONFORMING TO" DCE-RFC 86.0, October 1995. .br -Contains additional features, currently under consideration by the -DCE-RFC committee. +Contains additional features, but remains backwardly compatible with +this RFC. .SH BUGS .sp 2 @@ -273,7 +363,7 @@ None known. The three .BR Linux-PAM Guides, for -.BR "System administrators" ", " +.BR "system administrators" ", " .BR "module developers" ", " and .BR "application developers" ". " diff --git a/contrib/libpam/doc/man/pam.conf.8 b/contrib/libpam/doc/man/pam.conf.8 index ea2dd98bfc9f3..d067b5596eab1 100644 --- a/contrib/libpam/doc/man/pam.conf.8 +++ b/contrib/libpam/doc/man/pam.conf.8 @@ -1 +1 @@ -.so man8/pam.8 +.so pam.8 diff --git a/contrib/libpam/doc/man/pam.d.8 b/contrib/libpam/doc/man/pam.d.8 index ea2dd98bfc9f3..d067b5596eab1 100644 --- a/contrib/libpam/doc/man/pam.d.8 +++ b/contrib/libpam/doc/man/pam.d.8 @@ -1 +1 @@ -.so man8/pam.8 +.so pam.8 diff --git a/contrib/libpam/doc/man/pam_authenticate.3 b/contrib/libpam/doc/man/pam_authenticate.3 index f631c47286beb..7383f5f06b405 100644 --- a/contrib/libpam/doc/man/pam_authenticate.3 +++ b/contrib/libpam/doc/man/pam_authenticate.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_authenticate.3,v 1.2 1997/02/15 18:39:59 morgan Exp $ +.\" $Id: pam_authenticate.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> .TH PAM_AUTHENTICATE 3 "1996 Dec 9" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_chauthtok.3 b/contrib/libpam/doc/man/pam_chauthtok.3 index b0997d5928937..a0466f0fccc66 100644 --- a/contrib/libpam/doc/man/pam_chauthtok.3 +++ b/contrib/libpam/doc/man/pam_chauthtok.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_chauthtok.3,v 1.2 1997/02/15 18:42:23 morgan Exp $ +.\" $Id: pam_chauthtok.3,v 1.1.1.1 2000/06/20 22:10:57 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_CHAUTHTOK 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_close_session.3 b/contrib/libpam/doc/man/pam_close_session.3 index c809a0e4f0d8e..d851700cda024 100644 --- a/contrib/libpam/doc/man/pam_close_session.3 +++ b/contrib/libpam/doc/man/pam_close_session.3 @@ -1 +1 @@ -.so man3/pam_open_session.3 +.so pam_open_session.3 diff --git a/contrib/libpam/doc/man/pam_end.3 b/contrib/libpam/doc/man/pam_end.3 index 06fdabb9c4629..de999f240cfbc 100644 --- a/contrib/libpam/doc/man/pam_end.3 +++ b/contrib/libpam/doc/man/pam_end.3 @@ -1 +1 @@ -.so man3/pam_start.3 +.so pam_start.3 diff --git a/contrib/libpam/doc/man/pam_fail_delay.3 b/contrib/libpam/doc/man/pam_fail_delay.3 index 42bccd6b92587..3b72f3d98b426 100644 --- a/contrib/libpam/doc/man/pam_fail_delay.3 +++ b/contrib/libpam/doc/man/pam_fail_delay.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_fail_delay.3,v 1.2 1997/02/15 18:47:46 morgan Exp morgan $ +.\" $Id: pam_fail_delay.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_FAIL_DELAY 3 "1997 Jan 12" "Linux-PAM 0.56" "Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_open_session.3 b/contrib/libpam/doc/man/pam_open_session.3 index 1b2dcf980bdbc..53f6adf12c75e 100644 --- a/contrib/libpam/doc/man/pam_open_session.3 +++ b/contrib/libpam/doc/man/pam_open_session.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_open_session.3,v 1.2 1997/02/15 18:49:02 morgan Exp $ +.\" $Id: pam_open_session.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_OPEN_SESSION 3 "1997 Jan 4" "Linux-PAM 0.55" "App. Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_setcred.3 b/contrib/libpam/doc/man/pam_setcred.3 index 388a5d7667030..ea251405ac7d4 100644 --- a/contrib/libpam/doc/man/pam_setcred.3 +++ b/contrib/libpam/doc/man/pam_setcred.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_setcred.3,v 1.2 1997/02/15 18:50:49 morgan Exp morgan $ +.\" $Id: pam_setcred.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996,1997 <morgan@parc.power.net> .TH PAM_SETCRED 3 "1997 July 6" "Linux-PAM 0.58" "App. Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_start.3 b/contrib/libpam/doc/man/pam_start.3 index 0299533b4f5ef..a912cc7546641 100644 --- a/contrib/libpam/doc/man/pam_start.3 +++ b/contrib/libpam/doc/man/pam_start.3 @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: pam_start.3,v 1.2 1997/02/15 18:51:54 morgan Exp $ +.\" $Id: pam_start.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> .TH PAM_START 3 "1997 Feb 15" "Linux-PAM 0.56" "Application Programmers' Manual" .SH NAME diff --git a/contrib/libpam/doc/man/pam_strerror.3 b/contrib/libpam/doc/man/pam_strerror.3 index 33b4fda4c31e8..b2318f2884c76 100644 --- a/contrib/libpam/doc/man/pam_strerror.3 +++ b/contrib/libpam/doc/man/pam_strerror.3 @@ -1,8 +1,8 @@ .\" Hey Emacs! This file is -*- nroff -*- source. .\" ripped off from Rick Faith's getgroups man page -.\" $Id: pam_strerror.3,v 1.2 1997/02/15 18:53:04 morgan Exp $ -.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@parc.power.net> -.TH PAM_STRERROR 3 "1997 Feb 15" "Linux-PAM 0.56" "Programmers' Manual" +.\" $Id: pam_strerror.3,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ +.\" Copyright (c) Andrew G. Morgan 1996-7 <morgan@linux.kernel.org> +.TH PAM_STRERROR 3 "1999 Oct 4" "Linux-PAM 0.70" "Programmers' Manual" .SH NAME pam_strerror \- return a textual description of a Linux-PAM error @@ -14,14 +14,16 @@ or, .br .B #include <security/pam_modules.h> .sp -.BI "const char *pam_strerror(" int " pam_error); +.BI "const char * pam_strerror( pam_handle_t " "*pamh" ", int " pam_error ");" .sp 2 .SH DESCRIPTION .B pam_strerror -This function returns a pointer to a line of text describing the +This function returns some text describing the .BR Linux-PAM -error passed as its sole argument. +error associated with the +.B pam_error +argument. .SH "RETURN VALUE" diff --git a/contrib/libpam/doc/man/template-man b/contrib/libpam/doc/man/template-man index a635c8bd8024f..11e7a061504ab 100644 --- a/contrib/libpam/doc/man/template-man +++ b/contrib/libpam/doc/man/template-man @@ -1,5 +1,5 @@ .\" Hey Emacs! This file is -*- nroff -*- source. -.\" $Id: template-man,v 1.1 1997/01/04 18:25:13 morgan Exp $ +.\" $Id: template-man,v 1.1.1.1 2000/06/20 22:10:58 agmorgan Exp $ .\" Copyright (c) Andrew G. Morgan 1997 <morgan@parc.power.net> .TH PAM_???? 2 "1997 Jan 4" "Linux-PAM 0.55" "Application Programmers' Manual" .SH NAME |