diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2012-08-16 15:46:56 +0200 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2012-08-16 15:46:56 +0200 |
| commit | c62981a43a7da5d7c10e432874e7c66b47a4f363 (patch) | |
| tree | c0d4d476aca0ecca293fccccce798718d489b506 | |
| parent | 5fccc33d3f2aa476293505fa7dace98495dccaee (diff) | |
| download | pam-c62981a43a7da5d7c10e432874e7c66b47a4f363.tar.gz pam-c62981a43a7da5d7c10e432874e7c66b47a4f363.tar.bz2 pam-c62981a43a7da5d7c10e432874e7c66b47a4f363.zip | |
Small documentation and define fixes
modules/pam_limits/limits.conf.5.xml: Document race of maxlogins [#10]
modules/pam_namespace/pam_namespace.h: Define MS_SLAVE if necessary
modules/pam_pwhistory/pam_pwhistory.c: Document how the module works
modules/pam_unix/pam_unix.8.xml: Document remember option obsoleted by pam_pwhistory [#6]
| -rw-r--r-- | modules/pam_limits/limits.conf.5.xml | 3 | ||||
| -rw-r--r-- | modules/pam_namespace/pam_namespace.h | 4 | ||||
| -rw-r--r-- | modules/pam_pwhistory/pam_pwhistory.c | 7 | ||||
| -rw-r--r-- | modules/pam_unix/pam_unix.8.xml | 2 |
4 files changed, 14 insertions, 2 deletions
diff --git a/modules/pam_limits/limits.conf.5.xml b/modules/pam_limits/limits.conf.5.xml index 4b6b5baf..ecc6d5ff 100644 --- a/modules/pam_limits/limits.conf.5.xml +++ b/modules/pam_limits/limits.conf.5.xml @@ -290,6 +290,9 @@ Also, please note that all limit settings are set <emphasis>per login</emphasis>. They are not global, nor are they permanent; existing only for the duration of the session. + One exception is the <emphasis>maxlogin</emphasis> option, this one + is system wide. But there is a race, concurrent logins at the same + time will not always be detect as such but only counted as one. </para> <para> In the <emphasis>limits</emphasis> configuration file, the diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index 1d0c11c6..51d23886 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -81,6 +81,10 @@ #ifndef MS_PRIVATE #define MS_PRIVATE (1<<18) #endif +#ifndef MS_SLAVE +#define MS_SLAVE (1<<19) +#endif + /* * Module defines diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c index e9b28eb1..654edd39 100644 --- a/modules/pam_pwhistory/pam_pwhistory.c +++ b/modules/pam_pwhistory/pam_pwhistory.c @@ -1,6 +1,6 @@ /* - * Copyright (c) 2008 Thorsten Kukuk - * Author: Thorsten Kukuk <kukuk@suse.de> + * Copyright (c) 2008, 2012 Thorsten Kukuk + * Author: Thorsten Kukuk <kukuk@thkukuk.de> * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -103,6 +103,9 @@ parse_option (pam_handle_t *pamh, const char *argv, options_t *options) } +/* This module saves the current crypted password in /etc/security/opasswd + and then compares the new password with all entries in this file. */ + PAM_EXTERN int pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv) { diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml index c272e3ce..0a42d7a3 100644 --- a/modules/pam_unix/pam_unix.8.xml +++ b/modules/pam_unix/pam_unix.8.xml @@ -223,6 +223,8 @@ user are saved in <filename>/etc/security/opasswd</filename> in order to force password change history and keep the user from alternating between the same password too frequently. + Instead of this option the <command>pam_pwhistory</command> + module should be used. </para> </listitem> </varlistentry> |