diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libpam/modules/pam_deny/pam_deny.8 | 12 | ||||
-rw-r--r-- | lib/libpam/modules/pam_ftp/pam_ftp.8 | 13 | ||||
-rw-r--r-- | lib/libpam/modules/pam_nologin/pam_nologin.8 | 6 | ||||
-rw-r--r-- | lib/libpam/modules/pam_opie/pam_opie.8 | 10 | ||||
-rw-r--r-- | lib/libpam/modules/pam_permit/pam_permit.8 | 15 | ||||
-rw-r--r-- | lib/libpam/modules/pam_rootok/pam_rootok.8 | 8 | ||||
-rw-r--r-- | lib/libpam/modules/pam_securetty/pam_securetty.8 | 14 | ||||
-rw-r--r-- | lib/libpam/modules/pam_ssh/pam_ssh.8 | 16 | ||||
-rw-r--r-- | lib/libpam/modules/pam_tacplus/pam_tacplus.8 | 16 | ||||
-rw-r--r-- | lib/libpam/modules/pam_unix/pam_unix.8 | 16 |
10 files changed, 67 insertions, 59 deletions
diff --git a/lib/libpam/modules/pam_deny/pam_deny.8 b/lib/libpam/modules/pam_deny/pam_deny.8 index ed35bc5..954a3c8 100644 --- a/lib/libpam/modules/pam_deny/pam_deny.8 +++ b/lib/libpam/modules/pam_deny/pam_deny.8 @@ -44,14 +44,14 @@ authentication, account management, session management and password management. -In terms of the +In terms of the .Ar module-type parameter, these are the -.Dv auth , -.Dv account , -.Dv session +.Dq Li auth , +.Dq Li account , +.Dq Li session , and -.Dv password +.Dq Li password features. .Pp The Deny module @@ -62,7 +62,7 @@ and to unwanted functionality. .Pp The following options may be passed to the module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_ftp/pam_ftp.8 b/lib/libpam/modules/pam_ftp/pam_ftp.8 index 423564b..8193cdf 100644 --- a/lib/libpam/modules/pam_ftp/pam_ftp.8 +++ b/lib/libpam/modules/pam_ftp/pam_ftp.8 @@ -41,17 +41,20 @@ The FTP authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss FTP Authentication Module The FTP authentication component .Pq Fn pam_sm_authenticate , authenticates the anonymous user -.Pq usually Do anonymous Dc or Do ftp Dc +(usually +.Dq anonymous +or +.Dq ftp ) usually by simply requesting an email address as a password. The supplied email address is broken up into its username and host parts, @@ -66,7 +69,7 @@ This module is intended for the service. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm no_anon" .It Cm debug .Xr syslog 3 debugging information at @@ -77,7 +80,7 @@ Disallow anonymous access. .It Cm ignore Ingnore the password supplied, and do not use its constituent parts -.Pq username and hostname +(username and hostname) as .Dv PAM_RUSER and diff --git a/lib/libpam/modules/pam_nologin/pam_nologin.8 b/lib/libpam/modules/pam_nologin/pam_nologin.8 index dd39981..4aac6f8 100644 --- a/lib/libpam/modules/pam_nologin/pam_nologin.8 +++ b/lib/libpam/modules/pam_nologin/pam_nologin.8 @@ -41,10 +41,10 @@ The NoLogin authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss NoLogin Authentication Module @@ -63,7 +63,7 @@ to non-superusers before failure is returned. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_opie/pam_opie.8 b/lib/libpam/modules/pam_opie/pam_opie.8 index 9f00a90..8723cc9 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.8 +++ b/lib/libpam/modules/pam_opie/pam_opie.8 @@ -41,10 +41,10 @@ The OPIE authentication service module for PAM, .Nm provides functionality for only one PAM category: that of authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss OPIE Authentication Module @@ -59,7 +59,7 @@ and verifies that this is correct with .Xr opiechallenge 3 . .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm auth_as_self" .It Cm debug .Xr syslog 3 debugging information at @@ -69,7 +69,7 @@ level. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -85,7 +85,7 @@ default OPIE password database. .Sh SEE ALSO .Xr passwd 1 , .Xr opiechallenge 3 , -.Xr opie 4 , .Xr syslog 3 , +.Xr opie 4 , .Xr pam.conf 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_permit/pam_permit.8 b/lib/libpam/modules/pam_permit/pam_permit.8 index f396fe7..5ffb3bf 100644 --- a/lib/libpam/modules/pam_permit/pam_permit.8 +++ b/lib/libpam/modules/pam_permit/pam_permit.8 @@ -44,30 +44,31 @@ authentication, account management, session management and password management. -In terms of the +In terms of the .Ar module-type parameter, these are the -.Dv auth , -.Dv account , -.Dv session +.Dq Li auth , +.Dq Li account , +.Dq Li session , and -.Dv password +.Dq Li password features. .Pp The Promiscuous module will universally allow all requests. It is primarily of use during testing, -and to silence +and to silence .Dq noisy PAM-enabled applications. .Pp The following options may be passed to the module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at .Dv LOG_DEBUG level. +.El .Sh SEE ALSO .Xr syslog 3 , .Xr pam.conf 5 , diff --git a/lib/libpam/modules/pam_rootok/pam_rootok.8 b/lib/libpam/modules/pam_rootok/pam_rootok.8 index 805fc6c..56a90b5 100644 --- a/lib/libpam/modules/pam_rootok/pam_rootok.8 +++ b/lib/libpam/modules/pam_rootok/pam_rootok.8 @@ -41,23 +41,23 @@ The RootOK authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss RootOK Authentication Module The RootOK authentication component .Pq Fn pam_sm_authenticate , always returns success for the superuser; -.Em ie, +i.e., if .Xr getuid 2 returns 0. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.8 b/lib/libpam/modules/pam_securetty/pam_securetty.8 index 33267a3..20283e6 100644 --- a/lib/libpam/modules/pam_securetty/pam_securetty.8 +++ b/lib/libpam/modules/pam_securetty/pam_securetty.8 @@ -41,10 +41,10 @@ The SecureTTY authentication service module for PAM, .Nm provides functionality for only one PAM category: authentication. -In terms of the +In terms of the .Ar module-type parameter, this is the -.Dv auth +.Dq Li auth feature. It also provides a null function for session management. .Ss SecureTTY Authentication Module @@ -62,12 +62,14 @@ by .Xr getttynam 3 (see .Xr ttys 5 ) , -and the entry (a struct ttyent) has the +and the entry (a +.Vt "struct ttyent" ) +has the .Dv TTY_SECURE flag set. .Pp The following options may be passed to the authentication module: -.Bl -tag -xwidth ".Cm use_first_pass" +.Bl -tag -xwidth ".Cm debug" .It Cm debug .Xr syslog 3 debugging information at @@ -75,8 +77,8 @@ debugging information at level. .El .Sh SEE ALSO -.Xr getttyynam 3 , +.Xr getttynam 3 , .Xr syslog 3 , -.Xr ttys 5 , .Xr pam.conf 5 , +.Xr ttys 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.8 b/lib/libpam/modules/pam_ssh/pam_ssh.8 index ad4323c..07a637f 100644 --- a/lib/libpam/modules/pam_ssh/pam_ssh.8 +++ b/lib/libpam/modules/pam_ssh/pam_ssh.8 @@ -44,15 +44,15 @@ authentication service module for PAM, provides functionality for two PAM categories: authentication and account management. -In terms of the +In terms of the .Ar module-type parameter, they are the -.Dv auth +.Dq Li auth and -.Dv account +.Dq Li account features. It also provides a null function for session management. -.Ss Ux Authentication Module +.Ss Ux Ss Authentication Module The .Ux authentication component @@ -97,7 +97,7 @@ the user is prompted for another password. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -112,7 +112,7 @@ then this option will forgo password prompting, and silently allow authentication to succeed. .El -.Ss Ux Account Management Module +.Ss Ux Ss Account Management Module The .Ux account management component @@ -134,7 +134,7 @@ level. .Sh FILES .Bl -tag -xwidth ".Pa /etc/master.passwd" -compact .It Pa /etc/master.passwd -default +default .Ux password database. .El @@ -142,7 +142,7 @@ password database. .Xr passwd 1 , .Xr getuid 2 , .Xr crypt 3 , -.Xr passwd 5 , .Xr syslog 3 , .Xr pam.conf 5 , +.Xr passwd 5 , .Xr pam 8 diff --git a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 b/lib/libpam/modules/pam_tacplus/pam_tacplus.8 index 67ec965..ae1e019 100644 --- a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 +++ b/lib/libpam/modules/pam_tacplus/pam_tacplus.8 @@ -40,7 +40,7 @@ .\" .Dd August 2, 1999 .Dt PAM_TACPLUS 8 -.Os FreeBSD +.Os .Sh NAME .Nm pam_tacplus .Nd TACACS+ authentication PAM module @@ -60,7 +60,7 @@ for the PAM (Pluggable Authentication Module) framework. The .Nm module accepts these optional parameters: -.Bl -tag -width Fl +.Bl -tag -xwidth ".Cm use_first_pass" .It Cm use_first_pass causes .Nm @@ -69,7 +69,8 @@ If no password has been entered then authentication fails. .It Cm try_first_pass causes .Nm -to use a previously entered password, if one is available. If no +to use a previously entered password, if one is available. +If no password has been entered, .Nm prompts for one as usual. @@ -77,14 +78,15 @@ prompts for one as usual. causes echoing to be left on if .Nm prompts for a password. -.It Cm conf Ns No = Ns Ar pathname +.It Cm conf Ns = Ns Ar pathname specifies a non-standard location for the TACACS+ client configuration file -(normally located in /etc/tacplus.conf). -.It Cm template_user Ns No = Ns Ar username +(normally located in +.Pa /etc/tacplus.conf ) . +.It Cm template_user Ns = Ns Ar username specifies a user whose .Xr passwd 5 entry will be used as a template to create the session environment -if the supplied username doesn't exist in local password database. +if the supplied username does not exist in local password database. The user will be authenticated with the supplied username and password, but his credentials to the system will be presented as the ones for diff --git a/lib/libpam/modules/pam_unix/pam_unix.8 b/lib/libpam/modules/pam_unix/pam_unix.8 index ad4323c..07a637f 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.8 +++ b/lib/libpam/modules/pam_unix/pam_unix.8 @@ -44,15 +44,15 @@ authentication service module for PAM, provides functionality for two PAM categories: authentication and account management. -In terms of the +In terms of the .Ar module-type parameter, they are the -.Dv auth +.Dq Li auth and -.Dv account +.Dq Li account features. It also provides a null function for session management. -.Ss Ux Authentication Module +.Ss Ux Ss Authentication Module The .Ux authentication component @@ -97,7 +97,7 @@ the user is prompted for another password. This option will require the user to authenticate themself as the user given by -.Fn getuid 2 , +.Xr getuid 2 , not as the account they are attempting to access. This is primarily for services like .Xr su 1 , @@ -112,7 +112,7 @@ then this option will forgo password prompting, and silently allow authentication to succeed. .El -.Ss Ux Account Management Module +.Ss Ux Ss Account Management Module The .Ux account management component @@ -134,7 +134,7 @@ level. .Sh FILES .Bl -tag -xwidth ".Pa /etc/master.passwd" -compact .It Pa /etc/master.passwd -default +default .Ux password database. .El @@ -142,7 +142,7 @@ password database. .Xr passwd 1 , .Xr getuid 2 , .Xr crypt 3 , -.Xr passwd 5 , .Xr syslog 3 , .Xr pam.conf 5 , +.Xr passwd 5 , .Xr pam 8 |