diff options
| author | Stefan Schubert <schubi@suse.de> | 2022-02-16 11:51:35 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2022-06-30 09:48:52 +0000 |
| commit | 543e122a80e25e9597cff418b837e214114bad1f (patch) | |
| tree | 62c826f7198a6b5533144a690c0ad35c9141ea7b /modules/pam_namespace/namespace.conf.5.xml | |
| parent | 21affb5b1b90e3d0ac36556c5536ee81ef08aca4 (diff) | |
| download | pam-543e122a80e25e9597cff418b837e214114bad1f.tar.gz pam-543e122a80e25e9597cff418b837e214114bad1f.tar.bz2 pam-543e122a80e25e9597cff418b837e214114bad1f.zip | |
pam_namespace: use vendor specific namespace.conf and namespace.init as fallback
Use the vendor directory as fallback for a distribution provided default
config and scripts if there is no configuration in /etc.
pam_namespace.c: Take care about the fallback configuration in vendor directory.
pam_namespace.h: Define vendor specific files and directories.
pam_namespace.8.xml: Add description for vendor directories and files.
namespace.conf.5.xml: Add description for vendor directories and files.
Diffstat (limited to 'modules/pam_namespace/namespace.conf.5.xml')
| -rw-r--r-- | modules/pam_namespace/namespace.conf.5.xml | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml index a94b49e2..67f8c043 100644 --- a/modules/pam_namespace/namespace.conf.5.xml +++ b/modules/pam_namespace/namespace.conf.5.xml @@ -30,13 +30,29 @@ directory path and the instance directory path as its arguments. </para> - <para> + <para condition="without_vendordir"> The <filename>/etc/security/namespace.conf</filename> file specifies which directories are polyinstantiated, how they are polyinstantiated, how instance directories would be named, and any users for whom polyinstantiation would not be performed. </para> + <para condition="with_vendordir"> + The <filename>/etc/security/namespace.conf</filename> file + ( or <filename>%vendordir%/security/namespace.conf</filename> if it does + not exist) specifies which directories are polyinstantiated, how they are + polyinstantiated, how instance directories would be named, and any users + for whom polyinstantiation would not be performed. + Then individual <filename>*.conf</filename> files from the + <filename>/etc/security/namespace.d/</filename> and + <filename>%vendordir%/security/namespace.d</filename> directories are taken too. + If <filename>/etc/security/namespace.d/@filename@.conf</filename> exists, then + <filename>%vendordir%/security/namespace.d/@filename@.conf</filename> will not be used. + All <filename>namespace.d/*.conf</filename> files are sorted by their + <filename>@filename@.conf</filename> in lexicographic order regardless of which + of the directories they reside in. + </para> + <para> When someone logs in, the file <filename>namespace.conf</filename> is scanned. Comments are marked by <emphasis>#</emphasis> characters. |