* doc/guide.tex: Include example PAM configuration file

ejabberd.pam (thanks to Evgeniy Khramtsov)(EJAB-704)
* doc/guide.html: Likewise

SVN Revision: 1489

diff --git a/ChangeLog b/ChangeLog
index f8538030c1317cf8b5e73188c0b65f960ec786ba..cefe351f19e6735ac968f947f671e3571f1725b3 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2008-07-24  Badlop  <badlop@process-one.net>
 
+       * doc/guide.tex: Include example PAM configuration file
+       ejabberd.pam (thanks to Evgeniy Khramtsov)(EJAB-704)
+       * doc/guide.html: Likewise
+
        * src/mod_proxy65/mod_proxy65_lib.erl: Send protocol compliant
        SOCKS5 reply; this breaks support of uncompliant Psi<0.10 (thanks
        to Felix Geyer)(EJAB-632)

diff --git a/doc/guide.html b/doc/guide.html
index c67f1210330431a7872231ca3343ec0092c78202..af65e7ea9612146cda3851fcb9c0735c55b62d98 100644 (file)
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -976,8 +976,12 @@ version, you can <TT>kill(1)</TT> <TT>epam</TT> process periodically to reduce i
 consumption: <TT>ejabberd</TT> will restart this process immediately.
 </LI><LI CLASS="li-itemize"><TT>epam</TT> program tries to turn off delays on authentication failures.
 However, some PAM modules ignore this behavior and rely on their own configuration options.
-The example configuration file <TT>ejabberd.pam</TT> shows how to turn off delays in
-<TT>pam_unix.so</TT> module. It is not a ready to use configuration file: you must use it
+You can create a configuration file <TT>ejabberd.pam</TT>.
+This example shows how to turn off delays in <TT>pam_unix.so</TT> module:
+<PRE CLASS="verbatim">#%PAM-1.0
+auth        sufficient  pam_unix.so likeauth nullok nodelay
+account     sufficient  pam_unix.so
+</PRE>That is not a ready to use configuration file: you must use it
 as a hint when building your own PAM configuration instead. Note that if you want to disable
 delays on authentication failures in the PAM configuration file, you have to restrict access
 to this file, so a malicious user can&#X2019;t use your configuration to perform brute-force

diff --git a/doc/guide.tex b/doc/guide.tex
index 355a84a37398943f7ccdcd0952ce3e4ad7152c7c..bf07f39e51a3f350a9de6eedc75f73b1d3e8277e 100644 (file)
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -1159,8 +1159,14 @@ version, you can \term{kill(1)} \term{epam} process periodically to reduce its m
 consumption: \ejabberd{} will restart this process immediately.
 \item \term{epam} program tries to turn off delays on authentication failures.
 However, some PAM modules ignore this behavior and rely on their own configuration options.
-The example configuration file \term{ejabberd.pam} shows how to turn off delays in
-\term{pam\_unix.so} module. It is not a ready to use configuration file: you must use it
+You can create a configuration file \term{ejabberd.pam}.
+This example shows how to turn off delays in \term{pam\_unix.so} module:
+\begin{verbatim}
+#%PAM-1.0
+auth        sufficient  pam_unix.so likeauth nullok nodelay
+account     sufficient  pam_unix.so
+\end{verbatim}
+That is not a ready to use configuration file: you must use it
 as a hint when building your own PAM configuration instead. Note that if you want to disable
 delays on authentication failures in the PAM configuration file, you have to restrict access
 to this file, so a malicious user can't use your configuration to perform brute-force