+2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pwconv.8.xml: Fix typos.
+ * man/chpasswd.8.xml, man/chgpasswd.8.xml: Document the NONE crypt
+ method.
+ * man/login.defs.d/MAIL_DIR.xml: Add comment regarding useradd not
+ using MAIL_FILE.
+ * man/login.defs.d/ERASECHAR.xml, man/login.defs.d/KILLCHAR.xml,
+ man/login.defs.d/CONSOLE_GROUPS.xml, man/login.defs.d/ENV_HZ.xml,
+ man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
+ These variables are also used by some tools when compiled with PAM
+ support.
+ * man/login.defs.d/ENV_HZ.xml: Add note that it is only used by
+ sulogin when compiled with PAM support.
+ * man/login.defs.d/ENV_SUPATH.xml: Typos: ENV_PATH -> ENV_SUPATH,
+ and mention sbin in the path.
+ * man/login.defs.d/LOGIN_STRING.xml: Fix typo: confition ->
+ condition.
+ * man/sg.1.xml: Add CONFIGURATION section (SYSLOG_SG_ENAB).
+ * man/su.1.xml: ENV_HZ, LOGIN_STRING, MAIL_DIR, USERGROUPS_ENAB
+ are only used when su is compiled without PAM support.
+ * man/login.defs.5.xml: Added variables: OBSCURE_CHECKS_ENAB
+ PASS_ALWAYS_WARN PASS_CHANGE_TRIES SULOG_FILE SU_NAME
+ SU_WHEEL_ONLY SYSLOG_SG_ENAB SYSLOG_SU_ENAB.
+ * man/login.defs.5.xml: ENVIRON_FILE is only used when compiled
+ without PAM support.
+ * man/login.defs.5.xml: sulogin uses variables even when compiled
+ with PAM support.
+ * man/login.1.xml: ENV_HZ ENV_PATH ENV_SUPATH MAIL_DIR UMASK are
+ only used when login is not compiled with PAM support.
+
2007-12-09 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Make sure is_console is only defined when USE_PAM
<listitem>
<para>Use the specified method to encrypt the passwords.</para>
<para>
- The available methods are DES, MD5, and SHA256 or SHA512
- if compiled with the ENCRYPTMETHOD_SELECT flag.
+ The available methods are DES, MD5, NONE, and SHA256 or SHA512
+ if your libc support these methods.
</para>
</listitem>
</varlistentry>
<listitem>
<para>Use the specified method to encrypt the passwords.</para>
<para>
- The available methods are DES, MD5, and SHA256 or SHA512
- if compiled with the ENCRYPTMETHOD_SELECT flag.
+ The available methods are DES, MD5, NONE, and SHA256 or SHA512
+ if your libc support these methods.
</para>
</listitem>
</varlistentry>
&CONSOLE;
&CONSOLE_GROUPS;
&DEFAULT_HOME;
- &ENV_HZ;
- &ENV_PATH;
- &ENV_SUPATH;
+ <phrase condition="no_pam">&ENV_HZ;</phrase>
+ <phrase condition="no_pam">&ENV_PATH;</phrase>
+ <phrase condition="no_pam">&ENV_SUPATH;</phrase>
&ENV_TZ;
&ENVIRON_FILE;
&ERASECHAR;
&LOG_OK_LOGINS;
&LOG_UNKFAIL_ENAB;
&MAIL_CHECK_ENAB;
- &MAIL_DIR;
+ <phrase condition="no_pam">&MAIL_DIR;</phrase>
&MOTD_FILE;
&NOLOGINS_FILE;
&PORTTIME_CHECKS_ENAB;
&TTYGROUP; <!-- documents also TTYPERM -->
&TTYTYPE_FILE;
&ULIMIT;
- &UMASK;
+ <phrase condition="no_pam">&UMASK;</phrase>
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
+<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
+<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
+<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
+<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
+<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
+<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
+<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
<phrase condition="no_pam">CONSOLE</phrase>
CONSOLE_GROUPS DEFAULT_HOME
<phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
- ENV_TZ</phrase>
- ENVIRON_FILE ERASECHAR FAIL_DELAY
+ ENV_TZ ENVIRON_FILE</phrase>
+ ERASECHAR FAIL_DELAY
<phrase condition="no_pam">FAILLOG_ENAB</phrase>
FAKE_SHELL
<phrase condition="no_pam">FTMP_FILE</phrase>
<para>
<phrase condition="no_pam">CONSOLE</phrase>
CONSOLE_GROUPS DEFAULT_HOME
- <phrase condition="no_pam">ENV_HZ</phrase>
- ENVIRON_FILE ENV_PATH ENV_SUPATH
+ <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase>
+ ENV_PATH ENV_SUPATH
<phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
SULOG_FILE SU_NAME
</para>
</listitem>
</varlistentry>
- <varlistentry condition="no_pam">
+ <varlistentry>
<term>sulogin</term>
<listitem>
<para>
-<varlistentry condition="no_pam">
+<varlistentry>
<term><option>CONSOLE_GROUPS</option> (string)</term>
<listitem>
<para>
-<varlistentry condition="no_pam">
+<varlistentry>
+ <!-- XXX: When compiled with PAM support, only sulogin uses ENV_HZ -->
<term><option>ENV_HZ</option> (string)</term>
<listitem>
<para>
<replaceable>HZ=</replaceable>. A common value on Linux is
<replaceable>HZ=100</replaceable>.
</para>
+ <para condition="pam">
+ The <envar>HZ</envar> environment variable is only set when the user
+ (the superuser) logs in with <command>sulogin</command>.
+ </para>
<!-- TODO: it can in fact be used to set any other variable-->
</listitem>
</varlistentry>
-<varlistentry condition="no_pam">
+<varlistentry>
<term><option>ENV_PATH</option> (string)</term>
<listitem>
<para>
-<varlistentry condition="no_pam">
- <term><option>ENV_PATH</option> (string)</term>
+<varlistentry>
+ <term><option>ENV_SUPATH</option> (string)</term>
<listitem>
<para>
If set, it will be used to define the PATH environment variable when
the superuser login. The value can be preceded by
<replaceable>PATH=</replaceable>, or a colon separated list of paths
- (for example <replaceable>/bin:/usr/bin</replaceable>). The default
- value is <replaceable>PATH=/bin:/usr/bin</replaceable>.
+ (for example <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>).
+ The default value is <replaceable>PATH=/bin:/usr/bin</replaceable>.
</para>
<!-- TODO: it can in fact be used to set any other variable-->
</listitem>
-<varlistentry condition="no_pam">
+<varlistentry>
<term><option>ERASECHAR</option> (number)</term>
<listitem>
<para>
-<varlistentry condition="no_pam">
+<varlistentry>
<term><option>KILLCHAR</option> (number)</term>
<listitem>
<para>
-<varlistentry confition="no_pam">
+<varlistentry condition="no_pam">
<term><option>LOGIN_STRING</option> (string)</term>
<listitem>
<para>
</para>
</listitem>
</varlistentry>
+<!-- FIXME: MAIL_FILE not used in useradd -->
<para>
The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables
are used by <command>useradd</command>, <command>usermod</command>, and
<title>CONFIGURATION</title>
<para>
The following configuration variable in
- <filename>/etc/login.defs</filename> change the behavior of
+ <filename>/etc/login.defs</filename> changes the behavior of
<command>grpconv</command> and <command>grpunconv</command>:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
<para>
- The following configuration variable in
+ The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of
<command>pwconv</command>:
</para>
<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
+]>
<refentry id='sg.1'>
<!-- $Id$ -->
<refmeta>
</para>
</refsect1>
+ <refsect1 id='configuration'>
+ <title>CONFIGURATION</title>
+ <para>
+ The following configuration variables in
+ <filename>/etc/login.defs</filename> change the behavior of this
+ tool:
+ </para>
+ <variablelist>
+ &SYSLOG_SG_ENAB;
+ </variablelist>
+ </refsect1>
+
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
&CONSOLE;
&CONSOLE_GROUPS;
&DEFAULT_HOME;
- &ENV_HZ;
+ <phrase condition="no_pam">&ENV_HZ;</phrase>
&ENVIRON_FILE;
&ENV_PATH;
&ENV_SUPATH;
&ENV_TZ;
- &LOGIN_STRING;
+ <phrase condition="no_pam">&LOGIN_STRING;</phrase>
&MAIL_CHECK_ENAB;
- &MAIL_DIR;
+ <phrase condition="no_pam">&MAIL_DIR;</phrase>
"AS_ENAB;
&SULOG_FILE;
&SU_NAME;
&SU_WHEEL_ONLY;
&SYSLOG_SU_ENAB;
- &USERGROUPS_ENAB;
+ <phrase condition="no_pam">&USERGROUPS_ENAB;</phrase>
</variablelist>
</refsect1>
projects / shadow / commitdiff