summaryrefslogtreecommitdiff
path: root/lib/libpam
diff options
context:
space:
mode:
authorRuslan Ermilov <ru@FreeBSD.org>2001-07-11 08:36:26 +0000
committerRuslan Ermilov <ru@FreeBSD.org>2001-07-11 08:36:26 +0000
commit08ecaa10b26796016ee009d7bb5cb9ece21f4107 (patch)
treeb89ebcb0a6cb75906d655ab39c97810fbe1b1891 /lib/libpam
parent63b81b76ca69b7ad1ba48ff1a0ecbe810d11fbce (diff)
downloadsrc-test2-08ecaa10b26796016ee009d7bb5cb9ece21f4107.tar.gz
src-test2-08ecaa10b26796016ee009d7bb5cb9ece21f4107.zip
Notes
Diffstat (limited to 'lib/libpam')
-rw-r--r--lib/libpam/modules/pam_deny/pam_deny.812
-rw-r--r--lib/libpam/modules/pam_ftp/pam_ftp.813
-rw-r--r--lib/libpam/modules/pam_nologin/pam_nologin.86
-rw-r--r--lib/libpam/modules/pam_opie/pam_opie.810
-rw-r--r--lib/libpam/modules/pam_permit/pam_permit.815
-rw-r--r--lib/libpam/modules/pam_rootok/pam_rootok.88
-rw-r--r--lib/libpam/modules/pam_securetty/pam_securetty.814
-rw-r--r--lib/libpam/modules/pam_ssh/pam_ssh.816
-rw-r--r--lib/libpam/modules/pam_tacplus/pam_tacplus.816
-rw-r--r--lib/libpam/modules/pam_unix/pam_unix.816
10 files changed, 67 insertions, 59 deletions
diff --git a/lib/libpam/modules/pam_deny/pam_deny.8 b/lib/libpam/modules/pam_deny/pam_deny.8
index ed35bc507fb8..954a3c83a515 100644
--- a/lib/libpam/modules/pam_deny/pam_deny.8
+++ b/lib/libpam/modules/pam_deny/pam_deny.8
@@ -44,14 +44,14 @@ authentication,
account management,
session management and
password management.
-In terms of the
+In terms of the
.Ar module-type
parameter, these are the
-.Dv auth ,
-.Dv account ,
-.Dv session
+.Dq Li auth ,
+.Dq Li account ,
+.Dq Li session ,
and
-.Dv password
+.Dq Li password
features.
.Pp
The Deny module
@@ -62,7 +62,7 @@ and to
unwanted functionality.
.Pp
The following options may be passed to the module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_ftp/pam_ftp.8 b/lib/libpam/modules/pam_ftp/pam_ftp.8
index 423564b9caaa..8193cdf2da61 100644
--- a/lib/libpam/modules/pam_ftp/pam_ftp.8
+++ b/lib/libpam/modules/pam_ftp/pam_ftp.8
@@ -41,17 +41,20 @@ The FTP authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss FTP Authentication Module
The FTP authentication component
.Pq Fn pam_sm_authenticate ,
authenticates the anonymous user
-.Pq usually Do anonymous Dc or Do ftp Dc
+(usually
+.Dq anonymous
+or
+.Dq ftp )
usually by simply requesting an email address as a password.
The supplied email address is broken up
into its username and host parts,
@@ -66,7 +69,7 @@ This module is intended for the
service.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm no_anon"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -77,7 +80,7 @@ Disallow anonymous access.
.It Cm ignore
Ingnore the password supplied,
and do not use its constituent parts
-.Pq username and hostname
+(username and hostname)
as
.Dv PAM_RUSER
and
diff --git a/lib/libpam/modules/pam_nologin/pam_nologin.8 b/lib/libpam/modules/pam_nologin/pam_nologin.8
index dd3998176059..4aac6f8cef2f 100644
--- a/lib/libpam/modules/pam_nologin/pam_nologin.8
+++ b/lib/libpam/modules/pam_nologin/pam_nologin.8
@@ -41,10 +41,10 @@ The NoLogin authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss NoLogin Authentication Module
@@ -63,7 +63,7 @@ to non-superusers
before failure is returned.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_opie/pam_opie.8 b/lib/libpam/modules/pam_opie/pam_opie.8
index 9f00a9022c34..8723cc9dbff9 100644
--- a/lib/libpam/modules/pam_opie/pam_opie.8
+++ b/lib/libpam/modules/pam_opie/pam_opie.8
@@ -41,10 +41,10 @@ The OPIE authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
that of authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss OPIE Authentication Module
@@ -59,7 +59,7 @@ and verifies that this is correct with
.Xr opiechallenge 3 .
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm auth_as_self"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -69,7 +69,7 @@ level.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -85,7 +85,7 @@ default OPIE password database.
.Sh SEE ALSO
.Xr passwd 1 ,
.Xr opiechallenge 3 ,
-.Xr opie 4 ,
.Xr syslog 3 ,
+.Xr opie 4 ,
.Xr pam.conf 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_permit/pam_permit.8 b/lib/libpam/modules/pam_permit/pam_permit.8
index f396fe7820e6..5ffb3bf80b27 100644
--- a/lib/libpam/modules/pam_permit/pam_permit.8
+++ b/lib/libpam/modules/pam_permit/pam_permit.8
@@ -44,30 +44,31 @@ authentication,
account management,
session management and
password management.
-In terms of the
+In terms of the
.Ar module-type
parameter, these are the
-.Dv auth ,
-.Dv account ,
-.Dv session
+.Dq Li auth ,
+.Dq Li account ,
+.Dq Li session ,
and
-.Dv password
+.Dq Li password
features.
.Pp
The Promiscuous module
will universally allow all requests.
It is primarily of use during testing,
-and to silence
+and to silence
.Dq noisy
PAM-enabled applications.
.Pp
The following options may be passed to the module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
.Dv LOG_DEBUG
level.
+.El
.Sh SEE ALSO
.Xr syslog 3 ,
.Xr pam.conf 5 ,
diff --git a/lib/libpam/modules/pam_rootok/pam_rootok.8 b/lib/libpam/modules/pam_rootok/pam_rootok.8
index 805fc6c1efa3..56a90b51025f 100644
--- a/lib/libpam/modules/pam_rootok/pam_rootok.8
+++ b/lib/libpam/modules/pam_rootok/pam_rootok.8
@@ -41,23 +41,23 @@ The RootOK authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss RootOK Authentication Module
The RootOK authentication component
.Pq Fn pam_sm_authenticate ,
always returns success for the superuser;
-.Em ie,
+i.e.,
if
.Xr getuid 2
returns 0.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.8 b/lib/libpam/modules/pam_securetty/pam_securetty.8
index 33267a392df2..20283e66cc94 100644
--- a/lib/libpam/modules/pam_securetty/pam_securetty.8
+++ b/lib/libpam/modules/pam_securetty/pam_securetty.8
@@ -41,10 +41,10 @@ The SecureTTY authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss SecureTTY Authentication Module
@@ -62,12 +62,14 @@ by
.Xr getttynam 3
(see
.Xr ttys 5 ) ,
-and the entry (a struct ttyent) has the
+and the entry (a
+.Vt "struct ttyent" )
+has the
.Dv TTY_SECURE
flag set.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -75,8 +77,8 @@ debugging information at
level.
.El
.Sh SEE ALSO
-.Xr getttyynam 3 ,
+.Xr getttynam 3 ,
.Xr syslog 3 ,
-.Xr ttys 5 ,
.Xr pam.conf 5 ,
+.Xr ttys 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.8 b/lib/libpam/modules/pam_ssh/pam_ssh.8
index ad4323cc6164..07a637fcf36d 100644
--- a/lib/libpam/modules/pam_ssh/pam_ssh.8
+++ b/lib/libpam/modules/pam_ssh/pam_ssh.8
@@ -44,15 +44,15 @@ authentication service module for PAM,
provides functionality for two PAM categories:
authentication
and account management.
-In terms of the
+In terms of the
.Ar module-type
parameter, they are the
-.Dv auth
+.Dq Li auth
and
-.Dv account
+.Dq Li account
features.
It also provides a null function for session management.
-.Ss Ux Authentication Module
+.Ss Ux Ss Authentication Module
The
.Ux
authentication component
@@ -97,7 +97,7 @@ the user is prompted for another password.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -112,7 +112,7 @@ then this option
will forgo password prompting,
and silently allow authentication to succeed.
.El
-.Ss Ux Account Management Module
+.Ss Ux Ss Account Management Module
The
.Ux
account management component
@@ -134,7 +134,7 @@ level.
.Sh FILES
.Bl -tag -xwidth ".Pa /etc/master.passwd" -compact
.It Pa /etc/master.passwd
-default
+default
.Ux
password database.
.El
@@ -142,7 +142,7 @@ password database.
.Xr passwd 1 ,
.Xr getuid 2 ,
.Xr crypt 3 ,
-.Xr passwd 5 ,
.Xr syslog 3 ,
.Xr pam.conf 5 ,
+.Xr passwd 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 b/lib/libpam/modules/pam_tacplus/pam_tacplus.8
index 67ec965b464e..ae1e019c8a0c 100644
--- a/lib/libpam/modules/pam_tacplus/pam_tacplus.8
+++ b/lib/libpam/modules/pam_tacplus/pam_tacplus.8
@@ -40,7 +40,7 @@
.\"
.Dd August 2, 1999
.Dt PAM_TACPLUS 8
-.Os FreeBSD
+.Os
.Sh NAME
.Nm pam_tacplus
.Nd TACACS+ authentication PAM module
@@ -60,7 +60,7 @@ for the PAM (Pluggable Authentication Module) framework.
The
.Nm
module accepts these optional parameters:
-.Bl -tag -width Fl
+.Bl -tag -xwidth ".Cm use_first_pass"
.It Cm use_first_pass
causes
.Nm
@@ -69,7 +69,8 @@ If no password has been entered then authentication fails.
.It Cm try_first_pass
causes
.Nm
-to use a previously entered password, if one is available. If no
+to use a previously entered password, if one is available.
+If no
password has been entered,
.Nm
prompts for one as usual.
@@ -77,14 +78,15 @@ prompts for one as usual.
causes echoing to be left on if
.Nm
prompts for a password.
-.It Cm conf Ns No = Ns Ar pathname
+.It Cm conf Ns = Ns Ar pathname
specifies a non-standard location for the TACACS+ client configuration file
-(normally located in /etc/tacplus.conf).
-.It Cm template_user Ns No = Ns Ar username
+(normally located in
+.Pa /etc/tacplus.conf ) .
+.It Cm template_user Ns = Ns Ar username
specifies a user whose
.Xr passwd 5
entry will be used as a template to create the session environment
-if the supplied username doesn't exist in local password database.
+if the supplied username does not exist in local password database.
The user
will be authenticated with the supplied username and password, but his
credentials to the system will be presented as the ones for
diff --git a/lib/libpam/modules/pam_unix/pam_unix.8 b/lib/libpam/modules/pam_unix/pam_unix.8
index ad4323cc6164..07a637fcf36d 100644
--- a/lib/libpam/modules/pam_unix/pam_unix.8
+++ b/lib/libpam/modules/pam_unix/pam_unix.8
@@ -44,15 +44,15 @@ authentication service module for PAM,
provides functionality for two PAM categories:
authentication
and account management.
-In terms of the
+In terms of the
.Ar module-type
parameter, they are the
-.Dv auth
+.Dq Li auth
and
-.Dv account
+.Dq Li account
features.
It also provides a null function for session management.
-.Ss Ux Authentication Module
+.Ss Ux Ss Authentication Module
The
.Ux
authentication component
@@ -97,7 +97,7 @@ the user is prompted for another password.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -112,7 +112,7 @@ then this option
will forgo password prompting,
and silently allow authentication to succeed.
.El
-.Ss Ux Account Management Module
+.Ss Ux Ss Account Management Module
The
.Ux
account management component
@@ -134,7 +134,7 @@ level.
.Sh FILES
.Bl -tag -xwidth ".Pa /etc/master.passwd" -compact
.It Pa /etc/master.passwd
-default
+default
.Ux
password database.
.El
@@ -142,7 +142,7 @@ password database.
.Xr passwd 1 ,
.Xr getuid 2 ,
.Xr crypt 3 ,
-.Xr passwd 5 ,
.Xr syslog 3 ,
.Xr pam.conf 5 ,
+.Xr passwd 5 ,
.Xr pam 8