diff options
author | Ruslan Ermilov <ru@FreeBSD.org> | 2001-07-11 08:36:26 +0000 |
---|---|---|
committer | Ruslan Ermilov <ru@FreeBSD.org> | 2001-07-11 08:36:26 +0000 |
commit | 08ecaa10b26796016ee009d7bb5cb9ece21f4107 (patch) | |
tree | b89ebcb0a6cb75906d655ab39c97810fbe1b1891 /lib/libpam | |
parent | 63b81b76ca69b7ad1ba48ff1a0ecbe810d11fbce (diff) | |
download | src-test2-08ecaa10b26796016ee009d7bb5cb9ece21f4107.tar.gz src-test2-08ecaa10b26796016ee009d7bb5cb9ece21f4107.zip |
Notes
Diffstat (limited to 'lib/libpam')
-rw-r--r-- | lib/libpam/modules/pam_deny/pam_deny.8 | 12 | ||||
-rw-r--r-- | lib/libpam/modules/pam_ftp/pam_ftp.8 | 13 | ||||
-rw-r--r-- | lib/libpam/modules/pam_nologin/pam_nologin.8 | 6 | ||||
-rw-r--r-- | lib/libpam/modules/pam_opie/pam_opie.8 | 10 | ||||
-rw-r--r-- | lib/libpam/modules/pam_permit/pam_permit.8 | 15 | ||||
-rw-r--r-- | lib/libpam/modules/pam_rootok/pam_rootok.8 | 8 | ||||
-rw-r--r-- | lib/libpam/modules/pam_securetty/pam_securetty.8 | 14 | ||||
-rw-r--r-- | lib/libpam/modules/pam_ssh/pam_ssh.8 | 16 | ||||
-rw-r--r-- | lib/libpam/modules/pam_tacplus/pam_tacplus.8 | 16 | ||||
-rw-r--r-- | lib/libpam/modules/pam_unix/pam_unix.8 | 16 |
10 files changed, 67 insertions, 59 deletions
diff --git a/lib/libpam/modules/pam_deny/pam_deny.8 b/lib/libpam/modules/pam_deny/pam_deny.8 index ed35bc507fb8..954a3c83a515 100644 --- a/lib/libpam/modules/pam_deny/pam_deny.8 +++ b/lib/libpam/modules/pam_deny/pam_deny.8 @@ -44,14 +44,14 @@ authentication, account management, session management and password management. -In terms of the +In terms of the .Ar module-type parameter, these are the -.Dv auth , -.Dv account , -.Dv session +.Dq Li auth , +.Dq Li account , +.Dq Li session , and -.Dv password +.Dq Li password features. .Pp The Deny module @@ -62,7 +62,7 @@ and to unwanted functionality. .Pp The following options may be passed to the module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_ftp/pam_ftp.8 b/lib/libpam/modules/pam_ftp/pam_ftp.8 index 423564b9caaa..8193cdf2da61 100644 --- a/lib/libpam/modules/pam_ftp/pam_ftp.8 +++ b/lib/libpam/modules/pam_ftp/pam_ftp.8 @@ -41,17 +41,20 @@ The FTP authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss FTP Authentication Module The FTP authentication component .Pq Fn pam_sm_authenticate , authenticates the anonymous user -.Pq usually Do anonymous Dc or Do ftp Dc +(usually +.Dq anonymous +or +.Dq ftp ) usually by simply requesting an email address as a password. The supplied email address is broken up into its username and host parts, @@ -66,7 +69,7 @@ This module is intended for the service. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm no_anon" .It Cm debug .Xr syslog 3 debugging information at @@ -77,7 +80,7 @@ Disallow anonymous access. .It Cm ignore Ingnore the password supplied, and do not use its constituent parts -.Pq username and hostname +(username and hostname) as .Dv PAM_RUSER and diff --git a/lib/libpam/modules/pam_nologin/pam_nologin.8 b/lib/libpam/modules/pam_nologin/pam_nologin.8 index dd3998176059..4aac6f8cef2f 100644 --- a/lib/libpam/modules/pam_nologin/pam_nologin.8 +++ b/lib/libpam/modules/pam_nologin/pam_nologin.8 @@ -41,10 +41,10 @@ The NoLogin authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss NoLogin Authentication Module @@ -63,7 +63,7 @@ to non-superusers before failure is returned. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_opie/pam_opie.8 b/lib/libpam/modules/pam_opie/pam_opie.8 index 9f00a9022c34..8723cc9dbff9 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.8 +++ b/lib/libpam/modules/pam_opie/pam_opie.8 @@ -41,10 +41,10 @@ The OPIE authentication service module for PAM, .Nm provides functionality for only one PAM category: that of authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss OPIE Authentication Module @@ -59,7 +59,7 @@ and verifies that this is correct with .Xr opiechallenge 3 . .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm auth_as_self" .It Cm debug .Xr syslog 3 debugging information at @@ -69,7 +69,7 @@ level. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -85,7 +85,7 @@ default OPIE password database. .Sh SEE ALSO .Xr passwd 1 , .Xr opiechallenge 3 , -.Xr opie 4 , .Xr syslog 3 , +.Xr opie 4 , .Xr pam.conf 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_permit/pam_permit.8 b/lib/libpam/modules/pam_permit/pam_permit.8 index f396fe7820e6..5ffb3bf80b27 100644 --- a/lib/libpam/modules/pam_permit/pam_permit.8 +++ b/lib/libpam/modules/pam_permit/pam_permit.8 @@ -44,30 +44,31 @@ authentication, account management, session management and password management. -In terms of the +In terms of the .Ar module-type parameter, these are the -.Dv auth , -.Dv account , -.Dv session +.Dq Li auth , +.Dq Li account , +.Dq Li session , and -.Dv password +.Dq Li password features. .Pp The Promiscuous module will universally allow all requests. It is primarily of use during testing, -and to silence +and to silence .Dq noisy PAM-enabled applications. .Pp The following options may be passed to the module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at .Dv LOG_DEBUG level. +.El .Sh SEE ALSO .Xr syslog 3 , .Xr pam.conf 5 , diff --git a/lib/libpam/modules/pam_rootok/pam_rootok.8 b/lib/libpam/modules/pam_rootok/pam_rootok.8 index 805fc6c1efa3..56a90b51025f 100644 --- a/lib/libpam/modules/pam_rootok/pam_rootok.8 +++ b/lib/libpam/modules/pam_rootok/pam_rootok.8 @@ -41,23 +41,23 @@ The RootOK authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss RootOK Authentication Module The RootOK authentication component .Pq Fn pam_sm_authenticate , always returns success for the superuser; -.Em ie, +i.e., if .Xr getuid 2 returns 0. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.8 b/lib/libpam/modules/pam_securetty/pam_securetty.8 index 33267a392df2..20283e66cc94 100644 --- a/lib/libpam/modules/pam_securetty/pam_securetty.8 +++ b/lib/libpam/modules/pam_securetty/pam_securetty.8 @@ -41,10 +41,10 @@ The SecureTTY authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss SecureTTY Authentication Module @@ -62,12 +62,14 @@ by .Xr getttynam 3 (see .Xr ttys 5 ) , -and the entry (a struct ttyent) has the +and the entry (a +.Vt "struct ttyent" ) +has the .Dv TTY_SECURE flag set. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at @@ -75,8 +77,8 @@ debugging information at level. .El .Sh SEE ALSO -.Xr getttyynam 3 , +.Xr getttynam 3 , .Xr syslog 3 , -.Xr ttys 5 , .Xr pam.conf 5 , +.Xr ttys 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.8 b/lib/libpam/modules/pam_ssh/pam_ssh.8 index ad4323cc6164..07a637fcf36d 100644 --- a/lib/libpam/modules/pam_ssh/pam_ssh.8 +++ b/lib/libpam/modules/pam_ssh/pam_ssh.8 @@ -44,15 +44,15 @@ authentication service module for PAM, provides functionality for two PAM categories: authentication and account management. -In terms of the +In terms of the .Ar module-type parameter, they are the -.Dv auth +.Dq Li auth and -.Dv account +.Dq Li account features. It also provides a null function for session management. -.Ss Ux Authentication Module +.Ss Ux Ss Authentication Module The .Ux authentication component @@ -97,7 +97,7 @@ the user is prompted for another password. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -112,7 +112,7 @@ then this option will forgo password prompting, and silently allow authentication to succeed. .El -.Ss Ux Account Management Module +.Ss Ux Ss Account Management Module The .Ux account management component @@ -134,7 +134,7 @@ level. .Sh FILES .Bl -tag -xwidth ".Pa /etc/master.passwd" -compact .It Pa /etc/master.passwd -default +default .Ux password database. .El @@ -142,7 +142,7 @@ password database. .Xr passwd 1 , .Xr getuid 2 , .Xr crypt 3 , -.Xr passwd 5 , .Xr syslog 3 , .Xr pam.conf 5 , +.Xr passwd 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 b/lib/libpam/modules/pam_tacplus/pam_tacplus.8 index 67ec965b464e..ae1e019c8a0c 100644 --- a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 +++ b/lib/libpam/modules/pam_tacplus/pam_tacplus.8 @@ -40,7 +40,7 @@ .\" .Dd August 2, 1999 .Dt PAM_TACPLUS 8 -.Os FreeBSD +.Os .Sh NAME .Nm pam_tacplus .Nd TACACS+ authentication PAM module @@ -60,7 +60,7 @@ for the PAM (Pluggable Authentication Module) framework. The .Nm module accepts these optional parameters: -.Bl -tag -width Fl +.Bl -tag -xwidth ".Cm use_first_pass" .It Cm use_first_pass causes .Nm @@ -69,7 +69,8 @@ If no password has been entered then authentication fails. .It Cm try_first_pass causes .Nm -to use a previously entered password, if one is available. If no +to use a previously entered password, if one is available. +If no password has been entered, .Nm prompts for one as usual. @@ -77,14 +78,15 @@ prompts for one as usual. causes echoing to be left on if .Nm prompts for a password. -.It Cm conf Ns No = Ns Ar pathname +.It Cm conf Ns = Ns Ar pathname specifies a non-standard location for the TACACS+ client configuration file -(normally located in /etc/tacplus.conf). -.It Cm template_user Ns No = Ns Ar username +(normally located in +.Pa /etc/tacplus.conf ) . +.It Cm template_user Ns = Ns Ar username specifies a user whose .Xr passwd 5 entry will be used as a template to create the session environment -if the supplied username doesn't exist in local password database. +if the supplied username does not exist in local password database. The user will be authenticated with the supplied username and password, but his credentials to the system will be presented as the ones for diff --git a/lib/libpam/modules/pam_unix/pam_unix.8 b/lib/libpam/modules/pam_unix/pam_unix.8 index ad4323cc6164..07a637fcf36d 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.8 +++ b/lib/libpam/modules/pam_unix/pam_unix.8 @@ -44,15 +44,15 @@ authentication service module for PAM, provides functionality for two PAM categories: authentication and account management. -In terms of the +In terms of the .Ar module-type parameter, they are the -.Dv auth +.Dq Li auth and -.Dv account +.Dq Li account features. It also provides a null function for session management. -.Ss Ux Authentication Module +.Ss Ux Ss Authentication Module The .Ux authentication component @@ -97,7 +97,7 @@ the user is prompted for another password. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -112,7 +112,7 @@ then this option will forgo password prompting, and silently allow authentication to succeed. .El -.Ss Ux Account Management Module +.Ss Ux Ss Account Management Module The .Ux account management component @@ -134,7 +134,7 @@ level. .Sh FILES .Bl -tag -xwidth ".Pa /etc/master.passwd" -compact .It Pa /etc/master.passwd -default +default .Ux password database. .El @@ -142,7 +142,7 @@ password database. .Xr passwd 1 , .Xr getuid 2 , .Xr crypt 3 , -.Xr passwd 5 , .Xr syslog 3 , .Xr pam.conf 5 , +.Xr passwd 5 , .Xr pam 8 |