emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

login.defs.5: Document the new variables in login.defs

Browse Source 
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman 2013-01-22 01:12:58 -08:00 committed by Serge Hallyn
parent a881a2c8d4
commit 23fd6cb1da
4 changed files with 102 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
man/Makefile.am
View File

@ -163,6 +163,8 @@ login_defs_v = \
USERDEL_CMD.xml \ USERDEL_CMD.xml \
USERGROUPS_ENAB.xml \ USERGROUPS_ENAB.xml \
USE_TCB.xml \ USE_TCB.xml \
SUB_GID_COUNT.xml \
SUB_UID_COUNT.xml \
SYS_GID_MAX.xml \ SYS_GID_MAX.xml \
SYS_UID_MAX.xml SYS_UID_MAX.xml

8
man/login.defs.5.xml
View File

@ -78,6 +78,8 @@
<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml"> <!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml"> <!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml"> <!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml">
<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml">
<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml"> <!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml">
<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml"> <!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml"> <!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
@ -216,6 +218,8 @@
&SULOG_FILE; &SULOG_FILE;
&SU_NAME; &SU_NAME;
&SU_WHEEL_ONLY; &SU_WHEEL_ONLY;
&SUB_GID_COUNT; <!-- documents also SUB_GID_MIN SUB_GID_MAX -->
&SUB_UID_COUNT; <!-- documents also SUB_UID_MIN SUB_UID_MAX -->
&SYS_GID_MAX; <!-- documents also SYS_GID_MIN --> &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
&SYS_UID_MAX; <!-- documents also SYS_UID_MIN --> &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
&SYSLOG_SG_ENAB; &SYSLOG_SG_ENAB;
@ -393,6 +397,8 @@
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
<phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS
SHA_CRYPT_MIN_ROUNDS</phrase> SHA_CRYPT_MIN_ROUNDS</phrase>
SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
UMASK UMASK
</para> </para>
@ -470,6 +476,8 @@
GID_MAX GID_MIN GID_MAX GID_MIN
MAIL_DIR MAX_MEMBERS_PER_GROUP MAIL_DIR MAX_MEMBERS_PER_GROUP
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN
SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN
SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN
UMASK UMASK
<phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase> <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase>

46
man/login.defs.d/SUB_GID_COUNT.xml Normal file
View File

@ -0,0 +1,46 @@
<!--
Copyright (c) 2013, Eric W. Biederman
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the copyright holders or contributors may not be used to
endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<varlistentry>
<term><option>SUB_GID_MIN</option> (number)</term>
<term><option>SUB_GID_MAX</option> (number)</term>
<term><option>SUB_GID_COUNT</option> (number)</term>
<listitem>
<para>
The commands <command>useradd</command> and <command>newusers</command>
allocate <option>SUB_GID_COUNT</option> unused group IDs from the range
<option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each
new user.
</para>
<para>
The default values for <option>SUB_GID_MAN</option>,
<option>SUB_GID_MIN</option>, <option>SUB_GID_COUNT</option>
are respectively 100000, 600100000 and 10000.
</para>
</listitem>
</varlistentry>

46
man/login.defs.d/SUB_UID_COUNT.xml Normal file
View File

@ -0,0 +1,46 @@
<!--
Copyright (c) 2013, Eric W. Biederman
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. The name of the copyright holders or contributors may not be used to
endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<varlistentry>
<term><option>SUB_UID_MIN</option> (number)</term>
<term><option>SUB_UID_MAX</option> (number)</term>
<term><option>SUB_UID_COUNT</option> (number)</term>
<listitem>
<para>
The commands <command>useradd</command> and <command>newusers</command>
allocate <option>SUB_UID_COUNT</option> unused user IDs from the range
<option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each
new user.
</para>
<para>
The default values for <option>SUB_GID_MAN</option>,
<option>SUB_GID_MIN</option>, <option>SUB_GID_COUNT</option>
are respectively 100000, 600100000 and 10000.
</para>
</listitem>
</varlistentry>