diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-10-27 09:41:24 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-10-27 09:41:24 +0000 |
| commit | 0c44a58532cbdc0ee7df92fcbc33d82519df9761 (patch) | |
| tree | 64de578a8fe481241139e9667c126518894d00d6 | |
| parent | dba185605b1f9ce2d8d7e90b956abe9fa0487f24 (diff) | |
| download | pam-0c44a58532cbdc0ee7df92fcbc33d82519df9761.tar.gz pam-0c44a58532cbdc0ee7df92fcbc33d82519df9761.tar.bz2 pam-0c44a58532cbdc0ee7df92fcbc33d82519df9761.zip | |
Relevant BUGIDs: 1197444
Purpose of commit: cleanup
Commit summary:
---------------
doc/man/pam.8: Fix wording for authentication chapter
| -rw-r--r-- | ChangeLog | 20 | ||||
| -rw-r--r-- | doc/man/pam.8 | 16 |
2 files changed, 20 insertions, 16 deletions
@@ -1,3 +1,7 @@ +2005-10-27 Thorsten Kukuk <kukuk@suse.de> + + * doc/man/pam.8: Fix wording for authentication chapter [#1197444] + 2005-10-26 Tomas Mraz <t8m@centrum.cz> * modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary), @@ -6,15 +10,15 @@ uid to 0 before executing the helper if SELinux is enabled. * modules/pam_unix/unix_chkpwd.c (main): Disable user check only if real uid is 0 (CVE-2005-2977). Log failed password check attempt. - - + + 2005-10-20 Tomas Mraz <t8m@centrum.cz> * configure.in: Added check for xauth binary and --with-xauth option. * config.h.in: Added configurable PAM_PATH_XAUTH. * modules/pam_xauth/README, modules/pam_xauth/pam_xauth.8: Document where xauth is looked for. - * modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement + * modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement searching xauth binary on multiple places. (run_coprocess): Don't use execvp as it can be a security risk. @@ -103,16 +107,16 @@ 2005-09-26 Tomas Mraz <t8m@centrum.cz> * NEWS: Add a few missing entries from CHANGELOG. - + * AUTHORS: Fixed entries for Toady and me. - + * Makefile.am (M4_FILES): Fixed out of tree build. * doc/specs/Makefile.am (EXTRA_DIST): Removed lex.yy.c (spec, lex.yy.c): Fixed out of tree build. - + * modules/pam_userdb/README: Document try_first_pass and use_first_pass options, remove use_authtok option. - + 2005-09-26 Dmitry V. Levin <ldv@altlinux.org> @@ -182,7 +186,7 @@ * po/zh_TW.po: Likewise. 2005-09-23 Tomas Mraz <t8m@centrum.cz> - + * modules/pam_access/pam_access.c (from_match): Support NULL from. (string_match): Support NULL string, add NONE keyword matching it. (pam_sm_acct_mgmt): Don't fail when ttyname returns NULL. diff --git a/doc/man/pam.8 b/doc/man/pam.8 index 50fc9767..fc032bcc 100644 --- a/doc/man/pam.8 +++ b/doc/man/pam.8 @@ -1,7 +1,7 @@ .\" Hey Emacs! This file is -*- nroff -*- source. .\" $Id$ .\" Copyright (c) Andrew G. Morgan 1996-7,2001 <morgan@kernel.org> -.TH PAM 8 "2001 Jan 20" "Linux-PAM 0.74" "Linux-PAM Manual" +.TH PAM 8 "2005 Oct 27" "Linux-PAM 1.0" "Linux-PAM Manual" .SH NAME Linux-PAM \- Pluggable Authentication Modules for Linux @@ -81,9 +81,9 @@ expired?; is this user permitted access to the requested service? .br .BR auth "entication - " -establish the user is who they claim to be. Typically this is via some -challenge-response request that the user must satisfy: if you are who -you claim to be please enter your password. Not all authentications +authenticate a user and set up user credentials. Typically this is via +some challenge-response request that the user must satisfy: if you are +who you claim to be please enter your password. Not all authentications are of this type, there exist hardware based authentication schemes (such as the use of smart-cards and biometric devices), with suitable modules, these may be substituted seamlessly for more standard @@ -149,7 +149,7 @@ first three being case-insensitive: The syntax of files contained in the .B /etc/pam.d/ directory, are identical except for the absence of any -.I service +.I service field. In this case, the .I service is the name of the file in the @@ -169,7 +169,7 @@ The .BR service is typically the familiar name of the corresponding application: .BR login -and +and .BR su are good examples. The .BR service "-name, " other ", " @@ -285,7 +285,7 @@ implies 'all not mentioned explicitly. Note, the full list of PAM errors is available in /usr/include/security/_pam_types.h . The .B actionN -can be: an unsigned integer, +can be: an unsigned integer, .BR J , signifying an action of 'jump over the next J modules in the stack'; or take one of the following forms: @@ -294,7 +294,7 @@ or take one of the following forms: - when used with a stack of modules, the module's return status will not contribute to the return code the application obtains; .br -.B bad +.B bad - this action indicates that the return code should be thought of as indicative of the module failing. If this module is the first in the stack to fail, its status value will be used for that of the whole |