pam_namespace: use vendor specific namespace.conf and namespace.init as fallback

Use the vendor directory as fallback for a distribution provided default config and scripts if there is no configuration in /etc. pam_namespace.c: Take care about the fallback configuration in vendor directory. pam_namespace.h: Define vendor specific files and directories. pam_namespace.8.xml: Add description for vendor directories and files. namespace.conf.5.xml: Add description for vendor directories and files.
author: Stefan Schubert <schubi@suse.de> 2022-02-16 11:51:35 +0100
committer: Dmitry V. Levin <ldv@altlinux.org> 2022-06-30 09:48:52 +0000
commit: 543e122a80e25e9597cff418b837e214114bad1f (patch)
tree: 62c826f7198a6b5533144a690c0ad35c9141ea7b /modules/pam_namespace/pam_namespace.8.xml
parent: 21affb5b1b90e3d0ac36556c5536ee81ef08aca4 (diff)
download: pam-543e122a80e25e9597cff418b837e214114bad1f.tar.gz
pam-543e122a80e25e9597cff418b837e214114bad1f.tar.bz2
pam-543e122a80e25e9597cff418b837e214114bad1f.zip
1 files changed, 30 insertions, 0 deletions
diff --git a/modules/pam_namespace/pam_namespace.8.xml b/modules/pam_namespace/pam_namespace.8.xml
index 57c44c4b..ddaa00b4 100644
--- a/modules/pam_namespace/pam_namespace.8.xml
+++ b/modules/pam_namespace/pam_namespace.8.xml
@@ -74,6 +74,12 @@
       and the user name as its arguments.
     </para>
 
+    <para condition="with_vendordir">
+      If <filename>/etc/security/namespace.init</filename> does not exist,
+      <filename>%vendordir%/security/namespace.init</filename> is the
+      alternative to be used for it.
+    </para>
+
     <para>
       The pam_namespace module disassociates the session namespace from
       the parent namespace. Any mounts/unmounts performed in the parent
@@ -313,6 +319,14 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry condition="with_vendordir">
+        <term><filename>%vendordir%/security/namespace.conf</filename></term>
+        <listitem>
+          <para>Default configuration file if
+	  <filename>/etc/security/namespace.conf</filename> does not exist.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><filename>/etc/security/namespace.d</filename></term>
         <listitem>
@@ -320,12 +334,28 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry condition="with_vendordir">
+        <term><filename>%vendordir%/security/namespace.d</filename></term>
+        <listitem>
+          <para>Directory for additional vendor specific configuration files.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><filename>/etc/security/namespace.init</filename></term>
         <listitem>
           <para>Init script for instance directories</para>
         </listitem>
       </varlistentry>
+
+      <varlistentry condition="with_vendordir">
+        <term><filename>%vendordir%/security/namespace.init</filename></term>
+        <listitem>
+          <para>Vendor init script for instance directories if
+	  /etc/security/namespace.init does not exist.
+	  </para>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
author	Stefan Schubert <schubi@suse.de>	2022-02-16 11:51:35 +0100
committer	Dmitry V. Levin <ldv@altlinux.org>	2022-06-30 09:48:52 +0000
commit	543e122a80e25e9597cff418b837e214114bad1f (patch)
tree	62c826f7198a6b5533144a690c0ad35c9141ea7b /modules/pam_namespace/pam_namespace.8.xml
parent	21affb5b1b90e3d0ac36556c5536ee81ef08aca4 (diff)
download	pam-543e122a80e25e9597cff418b837e214114bad1f.tar.gz pam-543e122a80e25e9597cff418b837e214114bad1f.tar.bz2 pam-543e122a80e25e9597cff418b837e214114bad1f.zip