emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* man/pwck.8.xml: The shadow file is optional.

Browse Source 
* man/pwck.8.xml: Updated description of the checks. Added
	description of the shadow checks.
	* man/pwck.8.xml: Updated description of the checks.
This commit is contained in:
nekral-guest 2009-06-20 13:02:33 +00:00
parent 885692e3c5
commit 7e96d749e4
3 changed files with 71 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,10 @@
2009-06-20 Nicolas François <nicolas.francois@centraliens.net>
* man/pwck.8.xml: The shadow file is optional.
* man/pwck.8.xml: Updated description of the checks. Added
description of the shadow checks.
* man/pwck.8.xml: Updated description of the checks.
2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
* man/po/fr.po: Fixed typo (forunis)

37
man/grpck.8.xml
View File

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1992 - 1993, Julianne Frances Haugh
Copyright (c) 2007 - 2008, Nicolas François
Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
@ -69,11 +69,11 @@
<title>DESCRIPTION</title>
<para>
The <command>grpck</command> command verifies the integrity of the
system authentication information. All entries in
groups information. It checks that all entries in
<filename>/etc/group</filename> <phrase condition="gshadow">and
<filename>/etc/gshadow</filename></phrase>
are checked to see that the entry has the proper format and valid data
in each field. The user is prompted to delete entries that are
have the proper format and contain valid data.
The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
</para>
@ -84,16 +84,33 @@
<para>the correct number of fields</para>
</listitem>
<listitem>
<para>a unique group name</para>
<para>a unique and valid group name</para>
</listitem>
<listitem>
<para>a valid list of members and administrators</para>
<para>
a valid group identifier
<phrase condition="gshadow"> (<filename>/etc/group</filename>
only)</phrase>
</para>
</listitem>
<listitem>
<para>
a valid list of members
<phrase condition="gshadow"> and administrators</phrase>
</para>
</listitem>
<listitem condition="gshadow">
<para>
a corresponding entry in the <filename>/etc/gshadow</filename>
file (respectively <filename>/etc/group</filename> for the
<filename>gshadow</filename> checks)
</para>
</listitem>
</itemizedlist>
<para>
The checks for correct number of fields and unique group name are
fatal. If the entry has the wrong number of fields, the user will be
fatal. If an entry has the wrong number of fields, the user will be
prompted to delete the entire line. If the user does not answer
affirmatively, all further checks are bypassed. An entry with a
duplicated group name is prompted for deletion, but the remaining
@ -103,10 +120,12 @@
</para>
<para>
The commands which operate on the <filename>/etc/group</filename> file
The commands which operate on the <filename>/etc/group</filename>
<phrase condition="no_gshadow">file</phrase><phrase
condition="gshadow">and <filename>/etc/gshadow</filename> files</phrase>
are not able to alter corrupted or duplicated entries.
<command>grpck</command> should be used in those circumstances to
remove the offending entry.
remove the offending entries.
</para>
</refsect1>

41
man/pwck.8.xml
View File

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1992 , Julianne Frances Haugh
Copyright (c) 2007 - 2008, Nicolas François
Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
@ -70,9 +70,11 @@
<arg choice='plain'>
<replaceable>passwd</replaceable>
</arg>
<arg choice='opt'>
<arg choice='plain'>
<replaceable>shadow</replaceable>
</arg>
</arg>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
@ -81,10 +83,10 @@
<title>DESCRIPTION</title>
<para>
The <command>pwck</command> command verifies the integrity of the
system authentication information. All entries in the
users and authentication information. It checks that all entries in
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
are checked to see that the entry has the proper format and valid data
in each field. The user is prompted to delete entries that are
have the proper format and contain valid data.
The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
</para>
@ -94,7 +96,7 @@
<para>the correct number of fields</para>
</listitem>
<listitem>
<para>a unique user name</para>
<para>a unique and valid user name</para>
</listitem>
<listitem>
<para>a valid user and group identifier</para>
@ -110,6 +112,35 @@
</listitem>
</itemizedlist>
<para>
<filename>shadow</filename> checks are enabled when a second file
parameter is specified or when <filename>/etc/shadow</filename>
exists on the system.
</para>
<para>
These checks are the following:
</para>
<itemizedlist mark='bullet'>
<listitem>
<para>
every passwd entry has a matching shadow entry, and every shadow
entry has a matching passwd entry
</para>
</listitem>
<listitem>
<para>passwords are specified in the shadowed file</para>
</listitem>
<listitem>
<para>shadow entries have the correct number of fields</para>
</listitem>
<listitem>
<para>shadow entries are unique in shadow</para>
</listitem>
<listitem>
<para>the last password changes are not in the future</para>
</listitem>
</itemizedlist>
<para>
The checks for correct number of fields and unique user name are
fatal. If the entry has the wrong number of fields, the user will be