summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/libpam/modules/pam_deny/pam_deny.812
-rw-r--r--lib/libpam/modules/pam_ftp/pam_ftp.813
-rw-r--r--lib/libpam/modules/pam_nologin/pam_nologin.86
-rw-r--r--lib/libpam/modules/pam_opie/pam_opie.810
-rw-r--r--lib/libpam/modules/pam_permit/pam_permit.815
-rw-r--r--lib/libpam/modules/pam_rootok/pam_rootok.88
-rw-r--r--lib/libpam/modules/pam_securetty/pam_securetty.814
-rw-r--r--lib/libpam/modules/pam_ssh/pam_ssh.816
-rw-r--r--lib/libpam/modules/pam_tacplus/pam_tacplus.816
-rw-r--r--lib/libpam/modules/pam_unix/pam_unix.816
10 files changed, 67 insertions, 59 deletions
diff --git a/lib/libpam/modules/pam_deny/pam_deny.8 b/lib/libpam/modules/pam_deny/pam_deny.8
index ed35bc5..954a3c8 100644
--- a/lib/libpam/modules/pam_deny/pam_deny.8
+++ b/lib/libpam/modules/pam_deny/pam_deny.8
@@ -44,14 +44,14 @@ authentication,
account management,
session management and
password management.
-In terms of the
+In terms of the
.Ar module-type
parameter, these are the
-.Dv auth ,
-.Dv account ,
-.Dv session
+.Dq Li auth ,
+.Dq Li account ,
+.Dq Li session ,
and
-.Dv password
+.Dq Li password
features.
.Pp
The Deny module
@@ -62,7 +62,7 @@ and to
unwanted functionality.
.Pp
The following options may be passed to the module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_ftp/pam_ftp.8 b/lib/libpam/modules/pam_ftp/pam_ftp.8
index 423564b..8193cdf 100644
--- a/lib/libpam/modules/pam_ftp/pam_ftp.8
+++ b/lib/libpam/modules/pam_ftp/pam_ftp.8
@@ -41,17 +41,20 @@ The FTP authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss FTP Authentication Module
The FTP authentication component
.Pq Fn pam_sm_authenticate ,
authenticates the anonymous user
-.Pq usually Do anonymous Dc or Do ftp Dc
+(usually
+.Dq anonymous
+or
+.Dq ftp )
usually by simply requesting an email address as a password.
The supplied email address is broken up
into its username and host parts,
@@ -66,7 +69,7 @@ This module is intended for the
service.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm no_anon"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -77,7 +80,7 @@ Disallow anonymous access.
.It Cm ignore
Ingnore the password supplied,
and do not use its constituent parts
-.Pq username and hostname
+(username and hostname)
as
.Dv PAM_RUSER
and
diff --git a/lib/libpam/modules/pam_nologin/pam_nologin.8 b/lib/libpam/modules/pam_nologin/pam_nologin.8
index dd39981..4aac6f8 100644
--- a/lib/libpam/modules/pam_nologin/pam_nologin.8
+++ b/lib/libpam/modules/pam_nologin/pam_nologin.8
@@ -41,10 +41,10 @@ The NoLogin authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss NoLogin Authentication Module
@@ -63,7 +63,7 @@ to non-superusers
before failure is returned.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_opie/pam_opie.8 b/lib/libpam/modules/pam_opie/pam_opie.8
index 9f00a90..8723cc9 100644
--- a/lib/libpam/modules/pam_opie/pam_opie.8
+++ b/lib/libpam/modules/pam_opie/pam_opie.8
@@ -41,10 +41,10 @@ The OPIE authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
that of authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss OPIE Authentication Module
@@ -59,7 +59,7 @@ and verifies that this is correct with
.Xr opiechallenge 3 .
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm auth_as_self"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -69,7 +69,7 @@ level.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -85,7 +85,7 @@ default OPIE password database.
.Sh SEE ALSO
.Xr passwd 1 ,
.Xr opiechallenge 3 ,
-.Xr opie 4 ,
.Xr syslog 3 ,
+.Xr opie 4 ,
.Xr pam.conf 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_permit/pam_permit.8 b/lib/libpam/modules/pam_permit/pam_permit.8
index f396fe7..5ffb3bf 100644
--- a/lib/libpam/modules/pam_permit/pam_permit.8
+++ b/lib/libpam/modules/pam_permit/pam_permit.8
@@ -44,30 +44,31 @@ authentication,
account management,
session management and
password management.
-In terms of the
+In terms of the
.Ar module-type
parameter, these are the
-.Dv auth ,
-.Dv account ,
-.Dv session
+.Dq Li auth ,
+.Dq Li account ,
+.Dq Li session ,
and
-.Dv password
+.Dq Li password
features.
.Pp
The Promiscuous module
will universally allow all requests.
It is primarily of use during testing,
-and to silence
+and to silence
.Dq noisy
PAM-enabled applications.
.Pp
The following options may be passed to the module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
.Dv LOG_DEBUG
level.
+.El
.Sh SEE ALSO
.Xr syslog 3 ,
.Xr pam.conf 5 ,
diff --git a/lib/libpam/modules/pam_rootok/pam_rootok.8 b/lib/libpam/modules/pam_rootok/pam_rootok.8
index 805fc6c..56a90b5 100644
--- a/lib/libpam/modules/pam_rootok/pam_rootok.8
+++ b/lib/libpam/modules/pam_rootok/pam_rootok.8
@@ -41,23 +41,23 @@ The RootOK authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss RootOK Authentication Module
The RootOK authentication component
.Pq Fn pam_sm_authenticate ,
always returns success for the superuser;
-.Em ie,
+i.e.,
if
.Xr getuid 2
returns 0.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.8 b/lib/libpam/modules/pam_securetty/pam_securetty.8
index 33267a3..20283e6 100644
--- a/lib/libpam/modules/pam_securetty/pam_securetty.8
+++ b/lib/libpam/modules/pam_securetty/pam_securetty.8
@@ -41,10 +41,10 @@ The SecureTTY authentication service module for PAM,
.Nm
provides functionality for only one PAM category:
authentication.
-In terms of the
+In terms of the
.Ar module-type
parameter, this is the
-.Dv auth
+.Dq Li auth
feature.
It also provides a null function for session management.
.Ss SecureTTY Authentication Module
@@ -62,12 +62,14 @@ by
.Xr getttynam 3
(see
.Xr ttys 5 ) ,
-and the entry (a struct ttyent) has the
+and the entry (a
+.Vt "struct ttyent" )
+has the
.Dv TTY_SECURE
flag set.
.Pp
The following options may be passed to the authentication module:
-.Bl -tag -xwidth ".Cm use_first_pass"
+.Bl -tag -xwidth ".Cm debug"
.It Cm debug
.Xr syslog 3
debugging information at
@@ -75,8 +77,8 @@ debugging information at
level.
.El
.Sh SEE ALSO
-.Xr getttyynam 3 ,
+.Xr getttynam 3 ,
.Xr syslog 3 ,
-.Xr ttys 5 ,
.Xr pam.conf 5 ,
+.Xr ttys 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_ssh/pam_ssh.8 b/lib/libpam/modules/pam_ssh/pam_ssh.8
index ad4323c..07a637f 100644
--- a/lib/libpam/modules/pam_ssh/pam_ssh.8
+++ b/lib/libpam/modules/pam_ssh/pam_ssh.8
@@ -44,15 +44,15 @@ authentication service module for PAM,
provides functionality for two PAM categories:
authentication
and account management.
-In terms of the
+In terms of the
.Ar module-type
parameter, they are the
-.Dv auth
+.Dq Li auth
and
-.Dv account
+.Dq Li account
features.
It also provides a null function for session management.
-.Ss Ux Authentication Module
+.Ss Ux Ss Authentication Module
The
.Ux
authentication component
@@ -97,7 +97,7 @@ the user is prompted for another password.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -112,7 +112,7 @@ then this option
will forgo password prompting,
and silently allow authentication to succeed.
.El
-.Ss Ux Account Management Module
+.Ss Ux Ss Account Management Module
The
.Ux
account management component
@@ -134,7 +134,7 @@ level.
.Sh FILES
.Bl -tag -xwidth ".Pa /etc/master.passwd" -compact
.It Pa /etc/master.passwd
-default
+default
.Ux
password database.
.El
@@ -142,7 +142,7 @@ password database.
.Xr passwd 1 ,
.Xr getuid 2 ,
.Xr crypt 3 ,
-.Xr passwd 5 ,
.Xr syslog 3 ,
.Xr pam.conf 5 ,
+.Xr passwd 5 ,
.Xr pam 8
diff --git a/lib/libpam/modules/pam_tacplus/pam_tacplus.8 b/lib/libpam/modules/pam_tacplus/pam_tacplus.8
index 67ec965..ae1e019 100644
--- a/lib/libpam/modules/pam_tacplus/pam_tacplus.8
+++ b/lib/libpam/modules/pam_tacplus/pam_tacplus.8
@@ -40,7 +40,7 @@
.\"
.Dd August 2, 1999
.Dt PAM_TACPLUS 8
-.Os FreeBSD
+.Os
.Sh NAME
.Nm pam_tacplus
.Nd TACACS+ authentication PAM module
@@ -60,7 +60,7 @@ for the PAM (Pluggable Authentication Module) framework.
The
.Nm
module accepts these optional parameters:
-.Bl -tag -width Fl
+.Bl -tag -xwidth ".Cm use_first_pass"
.It Cm use_first_pass
causes
.Nm
@@ -69,7 +69,8 @@ If no password has been entered then authentication fails.
.It Cm try_first_pass
causes
.Nm
-to use a previously entered password, if one is available. If no
+to use a previously entered password, if one is available.
+If no
password has been entered,
.Nm
prompts for one as usual.
@@ -77,14 +78,15 @@ prompts for one as usual.
causes echoing to be left on if
.Nm
prompts for a password.
-.It Cm conf Ns No = Ns Ar pathname
+.It Cm conf Ns = Ns Ar pathname
specifies a non-standard location for the TACACS+ client configuration file
-(normally located in /etc/tacplus.conf).
-.It Cm template_user Ns No = Ns Ar username
+(normally located in
+.Pa /etc/tacplus.conf ) .
+.It Cm template_user Ns = Ns Ar username
specifies a user whose
.Xr passwd 5
entry will be used as a template to create the session environment
-if the supplied username doesn't exist in local password database.
+if the supplied username does not exist in local password database.
The user
will be authenticated with the supplied username and password, but his
credentials to the system will be presented as the ones for
diff --git a/lib/libpam/modules/pam_unix/pam_unix.8 b/lib/libpam/modules/pam_unix/pam_unix.8
index ad4323c..07a637f 100644
--- a/lib/libpam/modules/pam_unix/pam_unix.8
+++ b/lib/libpam/modules/pam_unix/pam_unix.8
@@ -44,15 +44,15 @@ authentication service module for PAM,
provides functionality for two PAM categories:
authentication
and account management.
-In terms of the
+In terms of the
.Ar module-type
parameter, they are the
-.Dv auth
+.Dq Li auth
and
-.Dv account
+.Dq Li account
features.
It also provides a null function for session management.
-.Ss Ux Authentication Module
+.Ss Ux Ss Authentication Module
The
.Ux
authentication component
@@ -97,7 +97,7 @@ the user is prompted for another password.
This option will require the user
to authenticate themself as the user
given by
-.Fn getuid 2 ,
+.Xr getuid 2 ,
not as the account they are attempting to access.
This is primarily for services like
.Xr su 1 ,
@@ -112,7 +112,7 @@ then this option
will forgo password prompting,
and silently allow authentication to succeed.
.El
-.Ss Ux Account Management Module
+.Ss Ux Ss Account Management Module
The
.Ux
account management component
@@ -134,7 +134,7 @@ level.
.Sh FILES
.Bl -tag -xwidth ".Pa /etc/master.passwd" -compact
.It Pa /etc/master.passwd
-default
+default
.Ux
password database.
.El
@@ -142,7 +142,7 @@ password database.
.Xr passwd 1 ,
.Xr getuid 2 ,
.Xr crypt 3 ,
-.Xr passwd 5 ,
.Xr syslog 3 ,
.Xr pam.conf 5 ,
+.Xr passwd 5 ,
.Xr pam 8
OpenPOWER on IntegriCloud