Small documentation and define fixes

modules/pam_limits/limits.conf.5.xml: Document race of maxlogins [#10]
modules/pam_namespace/pam_namespace.h: Define MS_SLAVE if necessary
modules/pam_pwhistory/pam_pwhistory.c: Document how the module works
modules/pam_unix/pam_unix.8.xml: Document remember option obsoleted by pam_pwhistory [#6]

diff --git a/modules/pam_limits/limits.conf.5.xml b/modules/pam_limits/limits.conf.5.xml
index 4b6b5baff77b1e273c852f50b7043a65baf54c08..ecc6d5ff992d38c60bb680bf9bc207d872aedf16 100644 (file)
--- a/modules/pam_limits/limits.conf.5.xml
+++ b/modules/pam_limits/limits.conf.5.xml
@@ -290,6 +290,9 @@
       Also, please note that all limit settings are set
       <emphasis>per login</emphasis>. They are not global, nor are they
       permanent; existing only for the duration of the session.
+      One exception is the <emphasis>maxlogin</emphasis> option, this one
+      is system wide. But there is a race, concurrent logins at the same
+      time will not always be detect as such but only counted as one.
     </para>
     <para>
       In the <emphasis>limits</emphasis> configuration file, the

diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h
index 1d0c11c6b5f2fd49b804b7ecb6f8ba994dcbee30..51d2388636030953401312ccbd45c586429b02dd 100644 (file)
--- a/modules/pam_namespace/pam_namespace.h
+++ b/modules/pam_namespace/pam_namespace.h
@@ -81,6 +81,10 @@
 #ifndef MS_PRIVATE
 #define MS_PRIVATE (1<<18)
 #endif
+#ifndef MS_SLAVE
+#define MS_SLAVE (1<<19)
+#endif
+
 
 /*
  * Module defines

diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
index e9b28eb162580f8b8b8e302923d07776fcbcb52f..654edd391aa6b3026995daae14606a78904ad50e 100644 (file)
--- a/modules/pam_pwhistory/pam_pwhistory.c
+++ b/modules/pam_pwhistory/pam_pwhistory.c
@@ -1,6 +1,6 @@
 /*
- * Copyright (c) 2008 Thorsten Kukuk
- * Author: Thorsten Kukuk <kukuk@suse.de>
+ * Copyright (c) 2008, 2012 Thorsten Kukuk
+ * Author: Thorsten Kukuk <kukuk@thkukuk.de>
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -103,6 +103,9 @@ parse_option (pam_handle_t *pamh, const char *argv, options_t *options)
 }
 
 
+/* This module saves the current crypted password in /etc/security/opasswd
+   and then compares the new password with all entries in this file. */
+
 PAM_EXTERN int
 pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
 {

diff --git a/modules/pam_unix/pam_unix.8.xml b/modules/pam_unix/pam_unix.8.xml
index c272e3cea93079971047954d5c84571e65dea169..0a42d7a3dea8852e10651c1a82cd67ce1eda58c0 100644 (file)
--- a/modules/pam_unix/pam_unix.8.xml
+++ b/modules/pam_unix/pam_unix.8.xml
@@ -223,6 +223,8 @@
             user are saved in <filename>/etc/security/opasswd</filename>
             in order to force password change history and keep the user
             from alternating between the same password too frequently.
+            Instead of this option the <command>pam_pwhistory</command>
+            module should be used.
           </para>
         </listitem>
       </varlistentry>