From 449f88eeb44e910b25261e8e5bead120d3757fec Mon Sep 17 00:00:00 2001 From: "Andrew G. Morgan" Date: Thu, 11 Jul 2002 05:43:50 +0000 Subject: Relevant BUGIDs: 476963 Purpose of commit: new feature Commit summary: --------------- some applications are not prepared to get a SIGCHLD from a child process they didn't think they launched, so we now suppress this signal for the duration of use of the helper binary. The 'noreap' module argument is provided to override this new default. --- doc/modules/pam_pwdb.sgml | 12 ++++++++++-- doc/modules/pam_unix.sgml | 22 +++++++++++++++------- doc/pam_source.sgml | 2 +- 3 files changed, 26 insertions(+), 10 deletions(-) (limited to 'doc') diff --git a/doc/modules/pam_pwdb.sgml b/doc/modules/pam_pwdb.sgml index 2ee102e1..51f4f86d 100644 --- a/doc/modules/pam_pwdb.sgml +++ b/doc/modules/pam_pwdb.sgml @@ -99,7 +99,8 @@ login account required pam_pwdb.so Description: @@ -137,7 +138,14 @@ password when it is stored in a read protected database. This binary is very simple and will only check the password of the user invoking it. It is called transparently on behalf of the user by the authenticating component of this module. In this way it is possible -for applications like xlock to work without being setuid-root. +for applications like xlock to work without being +setuid-root. The module, by default, will temporarily turn off + The likeauth argument makes the module return the same value diff --git a/doc/modules/pam_unix.sgml b/doc/modules/pam_unix.sgml index 286cd3f8..86c584a8 100644 --- a/doc/modules/pam_unix.sgml +++ b/doc/modules/pam_unix.sgml @@ -97,7 +97,8 @@ login account required pam_unix.so Description: @@ -125,18 +126,25 @@ authentication component from requesting a delay should the authentication as a whole fail. The default action is for the module to request a delay-on-failure of the order of one second. -

-Remaining arguments, supported by the other functions of this module, -are silently ignored. Other arguments are logged as errors through - A helper binary, unix_chkpwd, is provided to check the user's password when it is stored in a read protected database. This binary is very simple and will only check the password of the user invoking it. It is called transparently on behalf of the user by the authenticating component of this module. In this way it is possible -for applications like xlock to work without being setuid-root. +for applications like xlock to work without being +setuid-root. The module, by default, will temporarily turn off + +Remaining arguments, supported by the other functions of this module, +are silently ignored. Other arguments are logged as errors through +Examples/suggested usage: diff --git a/doc/pam_source.sgml b/doc/pam_source.sgml index 2dd5783e..674404b4 100644 --- a/doc/pam_source.sgml +++ b/doc/pam_source.sgml @@ -46,7 +46,7 @@ DAMAGE. The Linux-PAM System Administrators' Guide <author>Andrew G. Morgan, <tt>morgan@kernel.org</tt> -<date>DRAFT v0.76 2002/06/26 +<date>DRAFT v0.77 2002/07/10 <abstract> This manual documents what a system-administrator needs to know about the <bf>Linux-PAM</bf> library. It covers the correct syntax of the -- cgit v1.2.3