* man/chpasswd.8.xml: Describe how chpasswd in case of error.

* man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
	* man/chpasswd.8.xml: Differentiate the files and configurations
	needed for PAM and non PAM versions.
This commit is contained in:
nekral-guest 2009-05-09 13:14:56 +00:00
parent b60e8b6b45
commit 0921785ca2
2 changed files with 49 additions and 19 deletions

View File

@ -1,3 +1,10 @@
2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
* man/chpasswd.8.xml: Describe how chpasswd in case of error.
* man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
* man/chpasswd.8.xml: Differentiate the files and configurations
needed for PAM and non PAM versions.
2009-05-07 Nicolas François <nicolas.francois@centraliens.net> 2009-05-07 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: failcount does not need to be signed. * src/login.c: failcount does not need to be signed.

View File

@ -67,6 +67,7 @@
<emphasis remap='I'>user_name</emphasis>:<emphasis <emphasis remap='I'>user_name</emphasis>:<emphasis
remap='I'>password</emphasis> remap='I'>password</emphasis>
</para> </para>
<refsect2 condition="no_pam">
<para> <para>
By default the supplied password must be in clear-text, and is By default the supplied password must be in clear-text, and is
encrypted by <command>chpasswd</command>. encrypted by <command>chpasswd</command>.
@ -78,6 +79,26 @@
and can be overwiten with the <option>-e</option>, and can be overwiten with the <option>-e</option>,
<option>-m</option>, or <option>-c</option> options. <option>-m</option>, or <option>-c</option> options.
</para> </para>
<para>
<command>chpasswd</command> first update the password in memory,
and then commit all the changes to disk if no errors occured for
any users.
</para>
</refsect2>
<refsect2 condition="pam">
<para>
The supplied passwords must be in clear-text.
</para>
<para>
PAM is used to update the password in the system database
according to the PAM chpasswd configuration.
</para>
<para>
When <command>chpasswd</command> fails to update a password, it
continues updating the passwords of the next users, and will
return an error code on exit.
</para>
</refsect2>
<para> <para>
This command is intended to be used in a large system environment This command is intended to be used in a large system environment
where many accounts are created at a single time. where many accounts are created at a single time.
@ -91,6 +112,14 @@
are: are:
</para> </para>
<variablelist remap='IP'> <variablelist remap='IP'>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
</variablelist>
<variablelist remap='IP' condition="no_pam">
<varlistentry> <varlistentry>
<term><option>-c</option>, <option>--crypt-method</option></term> <term><option>-c</option>, <option>--crypt-method</option></term>
<listitem> <listitem>
@ -110,12 +139,6 @@
<para>Supplied passwords are in encrypted form.</para> <para>Supplied passwords are in encrypted form.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><option>-h</option>, <option>--help</option></term>
<listitem>
<para>Display help message and exit.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>-m</option>, <option>--md5</option></term> <term><option>-m</option>, <option>--md5</option></term>
<listitem> <listitem>
@ -159,15 +182,9 @@
Remember to set permissions or umask to prevent readability of Remember to set permissions or umask to prevent readability of
unencrypted files by other users. unencrypted files by other users.
</para> </para>
<para>
PAM is not used to update the passwords.
Only <filename>/etc/passwd</filename> and
<filename>/etc/shadow</filename> are updated, and the various checks
or options provided by PAM modules are not used.
</para>
</refsect1> </refsect1>
<refsect1 id='configuration'> <refsect1 id='configuration' condition="no_pam">
<title>CONFIGURATION</title> <title>CONFIGURATION</title>
<para> <para>
The following configuration variables in The following configuration variables in
@ -184,24 +201,30 @@
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>
<varlistentry> <varlistentry condition="no_pam">
<term><filename>/etc/passwd</filename></term> <term><filename>/etc/passwd</filename></term>
<listitem> <listitem>
<para>User account information.</para> <para>User account information.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry condition="no_pam">
<term><filename>/etc/shadow</filename></term> <term><filename>/etc/shadow</filename></term>
<listitem> <listitem>
<para>Secure user account information.</para> <para>Secure user account information.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry condition="no_pam">
<term><filename>/etc/login.defs</filename></term> <term><filename>/etc/login.defs</filename></term>
<listitem> <listitem>
<para>Shadow password suite configuration.</para> <para>Shadow password suite configuration.</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry condition="pam">
<term><filename>/etc/pam.d/chpasswd</filename></term>
<listitem>
<para>PAM configuration for <command>chpasswd</command>.</para>
</listitem>
</varlistentry>
</variablelist> </variablelist>
</refsect1> </refsect1>
@ -214,11 +237,11 @@
<citerefentry> <citerefentry>
<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum> <refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>, </citerefentry>,
<citerefentry> <citerefentry condition="no_pam">
<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum> <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>, </citerefentry>,
<citerefentry> <citerefentry>
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum> <refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
</citerefentry>. </citerefentry>.
</para> </para>
</refsect1> </refsect1>