* man/login.defs.d/CONSOLE_GROUPS.xml,

man/login.defs.d/CONSOLE.xml, man/login.defs.d/DEFAULT_HOME.xml,
  man/login.defs.d/ENV_HZ.xml, man/login.defs.d/ENVIRON_FILE.xml,
  man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml,
  man/login.defs.d/ENV_TZ.xml, man/login.defs.d/ERASECHAR.xml,
  man/login.defs.d/FAIL_DELAY.xml,
  man/login.defs.d/FAILLOG_ENAB.xml,
  man/login.defs.d/FAKE_SHELL.xml, man/login.defs.d/FTMP_FILE.xml,
  man/login.defs.d/HUSHLOGIN_FILE.xml,
  man/login.defs.d/ISSUE_FILE.xml, man/login.defs.d/KILLCHAR.xml,
  man/login.defs.d/LASTLOG_ENAB.xml, man/login.defs.d/LOGIN_RETRIES.xml,
  man/login.defs.d/LOGIN_TIMEOUT.xml, man/login.defs.d/LOG_OK_LOGINS.xml,
  man/login.defs.d/LOG_UNKFAIL_ENAB.xml,
  man/login.defs.d/MAIL_CHECK_ENAB.xml, man/login.defs.d/MOTD_FILE.xml,
  man/login.defs.d/NOLOGINS_FILE.xml,
  man/login.defs.d/OBSCURE_CHECKS_ENAB.xml,
  man/login.defs.d/PASS_ALWAYS_WARN.xml,
  man/login.defs.d/PASS_CHANGE_TRIES.xml,
  man/login.defs.d/PASS_MAX_LEN.xml,
  man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
  man/login.defs.d/QUOTAS_ENAB.xml, man/login.defs.d/SULOG_FILE.xml,
  man/login.defs.d/SU_NAME.xml, man/login.defs.d/SU_WHEEL_ONLY.xml,
  man/login.defs.d/SYSLOG_SG_ENAB.xml,
  man/login.defs.d/SYSLOG_SU_ENAB.xml,
  man/login.defs.d/TTYGROUP.xml, man/login.defs.d/TTYTYPE_FILE.xml,
  man/login.defs.d/ULIMIT.xml, man/login.defs.d/USERGROUPS_ENAB.xml:
  New documentation of login.defs variables.
* man/login.defs.d/MAIL_DIR.xml: Updated. It now contains the
  MAIL_FILE documentation.
* man/login.defs.d/LOGIN_STRING.xml: Updated. Mentions %s.
* man/pwconv.8.xml, man/groupmems.8.xml, man/groupdel.8.xml,
  man/useradd.8.xml, man/pwck.8.xml, man/groupadd.8.xml,
  man/sulogin.8.xml, man/newgrp.1.xml, man/usermod.8.xml,
  man/su.1.xml, man/vipw.8.xml, man/passwd.1.xml,
  man/groupmod.8.xml, man/login.1.xml, man/userdel.8.xml,
  man/grpck.8.xml: Added CONFIGURATION section.
* man/generate_mans.mak: The generations of manpages depends on
  the variables from the Makefiles. Add the dependency on Makefile.
* man/login.defs.5.xml: New login.defs variable documented.
* man/Makefile.am: Added XML variable documentation to the
  distributed files.
This commit is contained in:
nekral-guest 2007-12-08 23:24:40 +00:00
parent 6c6a220b2e
commit 8c4d98edc1
67 changed files with 11603 additions and 6112 deletions

View File

@ -1,3 +1,47 @@
2007-12-08 Nicolas François <nicolas.francois@centraliens.net>
* man/login.defs.d/CONSOLE_GROUPS.xml,
man/login.defs.d/CONSOLE.xml, man/login.defs.d/DEFAULT_HOME.xml,
man/login.defs.d/ENV_HZ.xml, man/login.defs.d/ENVIRON_FILE.xml,
man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml,
man/login.defs.d/ENV_TZ.xml, man/login.defs.d/ERASECHAR.xml,
man/login.defs.d/FAIL_DELAY.xml,
man/login.defs.d/FAILLOG_ENAB.xml,
man/login.defs.d/FAKE_SHELL.xml, man/login.defs.d/FTMP_FILE.xml,
man/login.defs.d/HUSHLOGIN_FILE.xml,
man/login.defs.d/ISSUE_FILE.xml, man/login.defs.d/KILLCHAR.xml,
man/login.defs.d/LASTLOG_ENAB.xml, man/login.defs.d/LOGIN_RETRIES.xml,
man/login.defs.d/LOGIN_TIMEOUT.xml, man/login.defs.d/LOG_OK_LOGINS.xml,
man/login.defs.d/LOG_UNKFAIL_ENAB.xml,
man/login.defs.d/MAIL_CHECK_ENAB.xml, man/login.defs.d/MOTD_FILE.xml,
man/login.defs.d/NOLOGINS_FILE.xml,
man/login.defs.d/OBSCURE_CHECKS_ENAB.xml,
man/login.defs.d/PASS_ALWAYS_WARN.xml,
man/login.defs.d/PASS_CHANGE_TRIES.xml,
man/login.defs.d/PASS_MAX_LEN.xml,
man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
man/login.defs.d/QUOTAS_ENAB.xml, man/login.defs.d/SULOG_FILE.xml,
man/login.defs.d/SU_NAME.xml, man/login.defs.d/SU_WHEEL_ONLY.xml,
man/login.defs.d/SYSLOG_SG_ENAB.xml,
man/login.defs.d/SYSLOG_SU_ENAB.xml,
man/login.defs.d/TTYGROUP.xml, man/login.defs.d/TTYTYPE_FILE.xml,
man/login.defs.d/ULIMIT.xml, man/login.defs.d/USERGROUPS_ENAB.xml:
New documentation of login.defs variables.
* man/login.defs.d/MAIL_DIR.xml: Updated. It now contains the
MAIL_FILE documentation.
* man/login.defs.d/LOGIN_STRING.xml: Updated. Mentions %s.
* man/pwconv.8.xml, man/groupmems.8.xml, man/groupdel.8.xml,
man/useradd.8.xml, man/pwck.8.xml, man/groupadd.8.xml,
man/sulogin.8.xml, man/newgrp.1.xml, man/usermod.8.xml,
man/su.1.xml, man/vipw.8.xml, man/passwd.1.xml,
man/groupmod.8.xml, man/login.1.xml, man/userdel.8.xml,
man/grpck.8.xml: Added CONFIGURATION section.
* man/generate_mans.mak: The generations of manpages depends on
the variables from the Makefiles. Add the dependency on Makefile.
* man/login.defs.5.xml: New login.defs variable documented.
* man/Makefile.am: Added XML variable documentation to the
distributed files.
2007-12-05 Nicolas François <nicolas.francois@centraliens.net> 2007-12-05 Nicolas François <nicolas.francois@centraliens.net>
* man/gshadow.5.xml: Fix the newgrp section in the gshadow.5 * man/gshadow.5.xml: Fix the newgrp section in the gshadow.5

View File

@ -103,19 +103,58 @@ login_defs_v = \
CHFN_AUTH.xml \ CHFN_AUTH.xml \
CHFN_RESTRICT.xml \ CHFN_RESTRICT.xml \
CHSH_AUTH.xml \ CHSH_AUTH.xml \
CONSOLE.xml \
CONSOLE_GROUPS.xml \
DEFAULT_HOME.xml \
ENCRYPT_METHOD.xml \ ENCRYPT_METHOD.xml \
ENV_HZ.xml \
ENVIRON_FILE.xml \
ENV_PATH.xml \
ENV_SUPATH.xml \
ENV_TZ.xml \
ERASECHAR.xml \
FAIL_DELAY.xml \
FAILLOG_ENAB.xml \
FAKE_SHELL.xml \
FTMP_FILE.xml \
GID_MAX.xml \ GID_MAX.xml \
HUSHLOGIN_FILE.xml \
ISSUE_FILE.xml \
KILLCHAR.xml \
LASTLOG_ENAB.xml \
LOGIN_RETRIES.xml \
LOGIN_STRING.xml \ LOGIN_STRING.xml \
LOGIN_TIMEOUT.xml \
LOG_OK_LOGINS.xml \
LOG_UNKFAIL_ENAB.xml \
MAIL_CHECK_ENAB.xml \
MAIL_DIR.xml \ MAIL_DIR.xml \
MAX_MEMBERS_PER_GROUP.xml \ MAX_MEMBERS_PER_GROUP.xml \
MD5_CRYPT_ENAB.xml \ MD5_CRYPT_ENAB.xml \
MOTD_FILE.xml \
NOLOGINS_FILE.xml \
OBSCURE_CHECKS_ENAB.xml \
PASS_ALWAYS_WARN.xml \
PASS_CHANGE_TRIES.xml \
PASS_MAX_DAYS.xml \ PASS_MAX_DAYS.xml \
PASS_MAX_LEN.xml \
PASS_MIN_DAYS.xml \ PASS_MIN_DAYS.xml \
PASS_WARN_AGE.xml \ PASS_WARN_AGE.xml \
PORTTIME_CHECKS_ENAB.xml \
QUOTAS_ENAB.xml \
SHA_CRYPT_MIN_ROUNDS.xml \ SHA_CRYPT_MIN_ROUNDS.xml \
SULOG_FILE.xml \
SU_NAME.xml \
SU_WHEEL_ONLY.xml \
SYSLOG_SG_ENAB.xml \
SYSLOG_SU_ENAB.xml \
TTYGROUP.xml \
TTYTYPE_FILE.xml \
UID_MAX.xml \ UID_MAX.xml \
ULIMIT.xml \
UMASK.xml \ UMASK.xml \
USERDEL_CMD.xml USERDEL_CMD.xml \
USERGROUPS_ENAB.xml
EXTRA_DIST = \ EXTRA_DIST = \
$(man_MANS) \ $(man_MANS) \

View File

@ -17,7 +17,7 @@ else
SHA_CRYPT_COND=no_sha_crypt SHA_CRYPT_COND=no_sha_crypt
endif endif
%: %.xml %: %.xml Makefile
$(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(SHA_CRYPT_COND)" \ $(XSLTPROC) --stringparam profile.condition "$(PAM_COND);$(SHADOWGRP_COND);$(SHA_CRYPT_COND)" \
-nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $< -nonet http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl $<

View File

@ -1,4 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='groupadd.8'> <refentry id='groupadd.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -110,6 +115,19 @@
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&GID_MAX; <!-- documents also GID_MIN -->
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='groupdel.8'> <refentry id='groupdel.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -39,6 +43,18 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='groupmems.8'> <refentry id='groupmems.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -99,6 +103,18 @@
</programlisting> </programlisting>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='groupmod.8'> <refentry id='groupmod.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -88,6 +92,18 @@
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='grpck.8'> <refentry id='grpck.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -83,6 +87,18 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,40 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml">
<!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml">
<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml">
<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml">
<!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml">
<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml">
<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
<!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
<!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
<!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml">
<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
]>
<refentry id='login.1'> <refentry id='login.1'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -194,6 +230,50 @@
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&CONSOLE;
&CONSOLE_GROUPS;
&DEFAULT_HOME;
&ENV_HZ;
&ENV_PATH;
&ENV_SUPATH;
&ENV_TZ;
&ENVIRON_FILE;
&ERASECHAR;
&FAIL_DELAY;
&FAILLOG_ENAB;
&FAKE_SHELL;
&FTMP_FILE;
&HUSHLOGIN_FILE;
&ISSUE_FILE;
&KILLCHAR;
&LASTLOG_ENAB;
&LOGIN_RETRIES;
&LOGIN_STRING;
&LOGIN_TIMEOUT;
&LOG_OK_LOGINS;
&LOG_UNKFAIL_ENAB;
&MAIL_CHECK_ENAB;
&MAIL_DIR;
&MOTD_FILE;
&NOLOGINS_FILE;
&PORTTIME_CHECKS_ENAB;
&QUOTAS_ENAB;
&TTYGROUP; <!-- documents also TTYPERM -->
&TTYTYPE_FILE;
&ULIMIT;
&UMASK;
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -4,19 +4,50 @@
<!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml"> <!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml">
<!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml"> <!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml">
<!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml"> <!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml">
<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml"> <!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml">
<!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml">
<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml">
<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml">
<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml">
<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml"> <!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
<!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml">
<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml">
<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml">
<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml">
<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml">
<!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml">
<!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml">
<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml"> <!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
<!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml">
<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml"> <!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml"> <!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml"> <!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml">
<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml">
<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml"> <!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml"> <!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml"> <!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml">
<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml"> <!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml">
<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml">
<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml"> <!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml">
<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml"> <!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml"> <!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
]> ]>
<refentry id='login.defs.5'> <refentry id='login.defs.5'>
@ -69,27 +100,64 @@
&CHFN_AUTH; &CHFN_AUTH;
&CHFN_RESTRICT; &CHFN_RESTRICT;
&CHSH_AUTH; &CHSH_AUTH;
&CONSOLE;
&CONSOLE_GROUPS;
&DEFAULT_HOME;
&ENCRYPT_METHOD; &ENCRYPT_METHOD;
&GID_MAX; <!--document also GID_MIN--> &ENV_HZ;
&ENV_PATH;
&ENV_SUPATH;
&ENV_TZ;
&ENVIRON_FILE;
&ERASECHAR;
&FAIL_DELAY;
&FAILLOG_ENAB;
&FAKE_SHELL;
&FTMP_FILE;
&GID_MAX; <!-- documents also GID_MIN -->
&HUSHLOGIN_FILE;
&ISSUE_FILE;
&KILLCHAR;
&LASTLOG_ENAB;
&LOG_OK_LOGINS;
&LOG_UNKFAIL_ENAB;
&LOGIN_RETRIES;
&LOGIN_STRING; &LOGIN_STRING;
&LOGIN_TIMEOUT;
&MAIL_CHECK_ENAB;
&MAIL_DIR; &MAIL_DIR;
&MAX_MEMBERS_PER_GROUP; &MAX_MEMBERS_PER_GROUP;
&MD5_CRYPT_ENAB; &MD5_CRYPT_ENAB;
&MOTD_FILE;
&NOLOGINS_FILE;
&OBSCURE_CHECKS_ENAB;
&PASS_ALWAYS_WARN;
&PASS_CHANGE_TRIES;
&PASS_MAX_DAYS; &PASS_MAX_DAYS;
&PASS_MIN_DAYS; &PASS_MIN_DAYS;
&PASS_WARN_AGE; &PASS_WARN_AGE;
</variablelist> <para>
<para> <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and
<option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and <option>PASS_WARN_AGE</option> are only used at the
<option>PASS_WARN_AGE</option> are only used at the time of account creation. Any changes to these settings won't affect
time of account creation. Any changes to these settings won't affect existing accounts.
existing accounts. </para>
</para> &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
<variablelist remap='IP'> &PORTTIME_CHECKS_ENAB;
&SHA_CRYPT_MIN_ROUNDS; <!--document also SHA_CRYPT_MAX_ROUNDS--> &QUOTAS_ENAB;
&UID_MAX; <!--document also UID_MIN--> &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS -->
&SULOG_FILE;
&SU_NAME;
&SU_WHEEL_ONLY;
&SYSLOG_SG_ENAB;
&SYSLOG_SU_ENAB;
&TTYGROUP;
&TTYTYPE_FILE;
&UID_MAX; <!-- documents also UID_MIN -->
&ULIMIT;
&UMASK; &UMASK;
&USERDEL_CMD; &USERDEL_CMD;
&USERGROUPS_ENAB;
</variablelist> </variablelist>
</refsect1> </refsect1>
@ -161,6 +229,12 @@
<para>MAX_MEMBERS_PER_GROUP</para> <para>MAX_MEMBERS_PER_GROUP</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term>groupmems</term>
<listitem>
<para>MAX_MEMBERS_PER_GROUP</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>groupmod</term> <term>groupmod</term>
<listitem> <listitem>
@ -192,13 +266,26 @@
<term>login</term> <term>login</term>
<listitem> <listitem>
<para> <para>
CONSOLE CONSOLE_GROUPS DEFAULT_HOME ENV_HZ ENV_PATH ENV_SUPATH <phrase condition="no_pam">CONSOLE</phrase>
ENV_TZ ENVIRON_FILE ERASECHAR FAIL_DELAY FAILLOG_ENAB CONSOLE_GROUPS DEFAULT_HOME
FAKE_SHELL FTMP_FILE HUSHLOGIN_FILE ISSUE_FILE KILLCHAR <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH
LASTLOG_ENAB LOGIN_RETRIES LOGIN_STRING LOGIN_TIMEOUT ENV_TZ</phrase>
LOG_OK_LOGINS LOG_UNKFAIL_ENAB MAIL_CHECK_ENAB MAIL_DIR ENVIRON_FILE ERASECHAR FAIL_DELAY
MAIL_FILE MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB <phrase condition="no_pam">FAILLOG_ENAB</phrase>
QUOTAS_ENAB TTYGROUP TTYPERM TTYTYPE_FILE ULIMIT UMASK FAKE_SHELL
<phrase condition="no_pam">FTMP_FILE</phrase>
HUSHLOGIN_FILE
<phrase condition="no_pam">ISSUE_FILE</phrase>
KILLCHAR
<phrase condition="no_pam">LASTLOG_ENAB</phrase>
LOGIN_RETRIES
<phrase condition="no_pam">LOGIN_STRING</phrase>
LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB
<phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE
MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB
QUOTAS_ENAB</phrase>
TTYGROUP TTYPERM TTYTYPE_FILE
<phrase condition="no_pam">ULIMIT UMASK</phrase>
USERGROUPS_ENAB USERGROUPS_ENAB
</para> </para>
</listitem> </listitem>
@ -217,13 +304,13 @@
<listitem> <listitem>
<para> <para>
ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SHA_CRYPT_MIN_ROUNDS PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE SHA_CRYPT_MAX_ROUNDS
UMASK SHA_CRYPT_MIN_ROUNDS UMASK
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<!-- nologin: no variables --> <!-- nologin: no variables -->
<varlistentry> <varlistentry condition="no_pam">
<term>passwd</term> <term>passwd</term>
<listitem> <listitem>
<para> <para>
@ -248,11 +335,39 @@
</listitem> </listitem>
</varlistentry> </varlistentry>
<!-- pwunconv: no variables --> <!-- pwunconv: no variables -->
<varlistentry>
<term>su</term>
<listitem>
<para>
<phrase condition="no_pam">CONSOLE</phrase>
CONSOLE_GROUPS DEFAULT_HOME
<phrase condition="no_pam">ENV_HZ</phrase>
ENVIRON_FILE ENV_PATH ENV_SUPATH
<phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB
MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase>
SULOG_FILE SU_NAME
<phrase condition="no_pam">SU_WHEEL_ONLY</phrase>
SYSLOG_SU_ENAB
<phrase condition="no_pam">USERGROUPS_ENAB</phrase>
</para>
</listitem>
</varlistentry>
<varlistentry condition="no_pam">
<term>sulogin</term>
<listitem>
<para>
ENV_HZ
<phrase condition="no_pam">ENV_TZ</phrase>
</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term>useradd</term> <term>useradd</term>
<listitem> <listitem>
<para> <para>
<!-- RedHat: CREATE_HOME-->
GID_MAX GID_MIN GID_MAX GID_MIN
MAIL_DIR MAX_MEMBERS_PER_GROUP
PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE
UID_MAX UID_MIN UID_MAX UID_MIN
UMASK UMASK
@ -262,22 +377,30 @@
<varlistentry> <varlistentry>
<term>userdel</term> <term>userdel</term>
<listitem> <listitem>
<para>MAIL_DIR <para>
USERDEL_CMD MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD
USERGROUPS_ENAB
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>
<term>usermod</term> <term>usermod</term>
<listitem> <listitem>
<para>MAIL_DIR</para> <para>
<!-- .ad --> MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>vipw</term>
<listitem>
<para>MAX_MEMBERS_PER_GROUP</para>
</listitem> </listitem>
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='bugs'> <refsect1 id='bugs' condition="pam">
<title>BUGS</title> <title>BUGS</title>
<para> <para>
Much of the functionality that used to be provided by the shadow Much of the functionality that used to be provided by the shadow

View File

@ -0,0 +1,13 @@
<varlistentry condition="no_pam">
<term><option>CONSOLE</option> (string)</term>
<listitem>
<para>
If defined, either full pathname of a file containing device names
or a ":" delimited list of device names. Root logins will be
allowed only upon these devices.
</para>
<para>
If not defined, root will be allowed on any device.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,14 @@
<varlistentry condition="no_pam">
<term><option>CONSOLE_GROUPS</option> (string)</term>
<listitem>
<para>
List of groups to add to the user's supplementary group set when
logging in on the console (as determined by the CONSOLE setting).
Default is none.
<para>
</para>
Use with caution - it is possible for users to gain permanent access
to these groups, even when not logged in on the console.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,14 @@
<varlistentry>
<term><option>DEFAULT_HOME</option> (boolean)</term>
<listitem>
<para>
Indicate if login is allowed if we can't cd to the home directory.
Default in no.
</para>
<para>
If set to <replaceable>yes</replaceable>, the user will login in
the root (<filename>/</filename>) directory if it is not possible to
cd to her home directory.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry condition="no_pam">
<term><option>ENVIRON_FILE</option> (string)</term>
<listitem>
<para>
If this file exists and is readable, login environment will be
read from it. Every line should be in the form name=value.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,12 @@
<varlistentry condition="no_pam">
<term><option>ENV_HZ</option> (string)</term>
<listitem>
<para>
If set, it will be used to define the HZ environment variable when
a user login. The value must be preceded by
<replaceable>HZ=</replaceable>. A common value on Linux is
<replaceable>HZ=100</replaceable>.
</para>
<!-- TODO: it can in fact be used to set any other variable-->
</listitem>
</varlistentry>

View File

@ -0,0 +1,13 @@
<varlistentry condition="no_pam">
<term><option>ENV_PATH</option> (string)</term>
<listitem>
<para>
If set, it will be used to define the PATH environment variable when
a regular user login. The value can be preceded by
<replaceable>PATH=</replaceable>, or a colon separated list of paths
(for example <replaceable>/bin:/usr/bin</replaceable>). The default
value is <replaceable>PATH=/bin:/usr/bin</replaceable>.
</para>
<!-- TODO: it can in fact be used to set any other variable-->
</listitem>
</varlistentry>

View File

@ -0,0 +1,13 @@
<varlistentry condition="no_pam">
<term><option>ENV_PATH</option> (string)</term>
<listitem>
<para>
If set, it will be used to define the PATH environment variable when
the superuser login. The value can be preceded by
<replaceable>PATH=</replaceable>, or a colon separated list of paths
(for example <replaceable>/bin:/usr/bin</replaceable>). The default
value is <replaceable>PATH=/bin:/usr/bin</replaceable>.
</para>
<!-- TODO: it can in fact be used to set any other variable-->
</listitem>
</varlistentry>

View File

@ -0,0 +1,18 @@
<varlistentry condition="no_pam">
<term><option>ENV_TZ</option> (string)</term>
<listitem>
<para>
If set, it will be used to define the TZ environment variable when
a user login. The value can be the name of a timezone preceded by
<replaceable>TZ=</replaceable> (for example
<replaceable>TZ=CST6CDT</replaceable>), or the full path to the file
containing the timezone specification (for example
<filename>/etc/tzname</filename>).
</para>
<!-- TODO: it can in fact be used to set any other variable-->
<para>
If a full path is specified but the file does not exist or cannot be
read, the default is to use <replaceable>TZ=CST6CDT</replaceable>.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,13 @@
<varlistentry condition="no_pam">
<term><option>ERASECHAR</option> (number)</term>
<listitem>
<para>
Terminal ERASE character (<replaceable>010</replaceable> =
backspace, <replaceable>0177</replaceable> = DEL).
</para>
<para>
The value can be prefixed "0" for an octal value, or "0x" for an
hexadecimal value.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry condition="no_pam">
<term><option>FAILLOG_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable logging and display of <filename>/var/log/faillog</filename>
login failure info.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry>
<term><option>FAIL_DELAY</option> (number)</term>
<listitem>
<para>
Delay in seconds before being allowed another attempt after a login
failure.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry>
<term><option>FAKE_SHELL</option> (string)</term>
<listitem>
<para>
If set, <command>login</command> will execute this shell instead of
the users' shell specified in <filename>/etc/passwd</filename>.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>FTMP_FILE</option> (string)</term>
<listitem>
<para>
If defined, login failures will be logged in this file in a utmp format.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,12 @@
<varlistentry>
<term><option>HUSHLOGIN_FILE</option> (string)</term>
<listitem>
<para>
If defined, this file can inhibit all the usual chatter during the
login sequence. If a full pathname is specified, then hushed mode
will be enabled if the user's name or shell are found in the file.
If not a full pathname, then hushed mode will be enabled if the file
exists in the user's home directory.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>ISSUE_FILE</option> (string)</term>
<listitem>
<para>
If defined, this file will be displayed before each login prompt.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,12 @@
<varlistentry condition="no_pam">
<term><option>KILLCHAR</option> (number)</term>
<listitem>
<para>
Terminal KILL character (<replaceable>025</replaceable> = CTRL/U).
</para>
<para>
The value can be prefixed "0" for an octal value, or "0x" for an
hexadecimal value.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>LASTLOG_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable logging and display of /var/log/lastlog login time info.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,14 @@
<varlistentry>
<term><option>LOGIN_RETRIES</option> (number)</term>
<listitem>
<para>
Maximum number of login retries in case of bad password.
</para>
<para condition="pam">
This will most likely be overriden by PAM, since the default
pam_unix module has it's own built in of 3 retries. However, this is
a safe fallback in case you are using an authentication module that
does not enforce PAM_MAXTRIES.
</para>
</listitem>
</varlistentry>

View File

@ -6,5 +6,9 @@
"Password: ", or a translation of that string. If you set this "Password: ", or a translation of that string. If you set this
variable, the prompt will no be translated. variable, the prompt will no be translated.
</para> </para>
<para>
If the string contains <replaceable>%s</replaceable>, this will be
replaced by the user's name.
</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry>
<term><option>LOGIN_TIMEOUT</option> (number)</term>
<listitem>
<para>
Max time in seconds for login.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry>
<term><option>LOG_OK_LOGINS</option> (boolean)</term>
<listitem>
<para>
Enable logging of successful logins.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,13 @@
<varlistentry>
<term><option>LOG_UNKFAIL_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable display of unknown usernames when login failures are
recorded.
</para>
<para>
Note: logging unknown usernames may be a security issue if an user
enter her password instead of her login name.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,12 @@
<varlistentry condition="no_pam">
<term><option>MAIL_CHECK_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable checking and display of mailbox status upon login.
</para>
<para>
You should disable it if the shell startup files already check for
mail ("mailx -e" or equivalent).
</para>
</listitem>
</varlistentry>

View File

@ -7,4 +7,23 @@
specified, a compile-time default is used. specified, a compile-time default is used.
</para> </para>
</listitem> </listitem>
</varlistentry><varlistentry>
<term><option>MAIL_FILE</option> (string)</term>
<listitem>
<para>
Defines the location of the users mail spool files relatively to
their home directory.
</para>
</listitem>
</varlistentry> </varlistentry>
<para>
The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables
are used by <command>useradd</command>, <command>usermod</command>, and
<command>userdel</command> to create, move, or delete the user's mail
spool.
</para>
<para condition="no_pam">
If <option>MAIL_CHECK_ENAB</option> is set to
<replaceable>yes</replaceable>, they are also used to define the
<envar>MAIL</envar> environment variable.
</para>

View File

@ -0,0 +1,9 @@
<varlistentry condition="no_pam">
<term><option>MOTD_FILE</option> (string)</term>
<listitem>
<para>
If defined, ":" delimited list of "message of the day" files to be
displayed upon login.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,10 @@
<varlistentry condition="no_pam">
<term><option>NOLOGINS_FILE</option> (string)</term>
<listitem>
<para>
If defined, name of file whose presence will inhibit non-root
logins. The contents of this file should be a message indicating
why logins are inhibited.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>OBSCURE_CHECKS_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable additional checks upon password changes.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>PASS_ALWAYS_WARN</option> (boolean)</term>
<listitem>
<para>
Warn about weak passwords (but still allow them) if you are root.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry condition="no_pam">
<term><option>PASS_CHANGE_TRIES</option> (number)</term>
<listitem>
<para>
Maximum number of attempts to change password if rejected (too
easy).
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,13 @@
<varlistentry condition="no_pam">
<term><option>PASS_MAX_LEN</option> (number)</term>
<term><option>PASS_MIN_LEN</option> (number)</term>
<listitem>
<para>
Number of significant characters in the password for crypt().
<option>PASS_MAX_LEN</option> is 8 by default. Don't change unless
your crypt() is better. This is ignored if
<option>MD5_CRYPT_ENAB</option> set to
<replaceable>yes</replaceable>.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>PORTTIME_CHECKS_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable checking of time restrictions specified in /etc/porttime.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry condition="no_pam">
<term><option>QUOTAS_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable setting of ulimit, umask, and niceness from passwd gecos
field.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry>
<term><option>SULOG_FILE</option> (string)</term>
<listitem>
<para>
If defined, all su activity is logged to this file.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,11 @@
<varlistentry>
<term><option>SU_NAME</option> (string)</term>
<listitem>
<para>
If defined, the command name to display when running "su -". For
example, if this is defined as "su" then a "ps" will display the
command is "-su". If not defined, then "ps" would display the name
of the shell actually being run, e.g. something like "-sh".
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,14 @@
<!-- TODO: TBC -->
<varlistentry condition="no_pam">
<term><option>SU_WHEEL_ONLY</option> (boolean)</term>
<listitem>
<para>
If <replaceable>yes</replaceable>, the user must be listed as a
member of the first gid 0 group in <filename>/etc/group</filename>
(called <replaceable>root</replaceable> on most Linux systems) to be
able to <command>su</command> to uid 0 accounts. If the group
doesn't exist or is empty, no one will be able to
<command>su</command> to uid 0.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry>
<term><option>SYSLOG_SG_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable "syslog" logging of <command>sg</command> activity.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry>
<term><option>SYSLOG_SU_ENAB</option> (boolean)</term>
<listitem>
<para>
Enable "syslog" logging of <command>su</command> activity - in
addition to sulog file logging.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,26 @@
<varlistentry>
<term><option>TTYGROUP</option> (string)</term>
<term><option>TTYPERM</option> (string)</term>
<listitem>
<para>
The terminal permissions: the login tty will be owned by the
<option>TTYGROUP</option> group, and the permissions will be set to
<option>TTYPERM</option>.
</para>
<para>
By default, the ownership of the terminal is set to the user's
primary group and the permissions are set to
<replaceable>0600</replaceable>.
</para>
<para>
<option>TTYGROUP</option> can be either the name of a group or a
numeric group identifier.
</para>
<para>
If you have a <command>write</command> program which is "setgid" to
a special group which owns the terminals, define TTYGROUP to the
group number and TTYPERM to 0620. Otherwise leave TTYGROUP
commented out and assign TTYPERM to either 622 or 600.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,9 @@
<varlistentry>
<term><option>TTYTYPE_FILE</option> (string)</term>
<listitem>
<para>
If defined, file which maps tty line to TERM environment parameter.
Each line of the file is in a format something like "vt100 tty01".
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,8 @@
<varlistentry condition="no_pam">
<term><option>ULIMIT</option> (number)</term>
<listitem>
<para>
Default <command>ulimit</command> value.
</para>
</listitem>
</varlistentry>

View File

@ -0,0 +1,14 @@
<varlistentry>
<term><option>USERGROUPS_ENAB</option> (boolean)</term>
<listitem>
<para condition="no_pam">
Enable setting of the umask group bits to be the same as owner bits
(examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
the same as gid, and username is the same as the primary group name.
<para>
</para>
If set to <replaceable>yes</replaceable>, userdel will remove the
user's group if it contains no more members.
</para>
</listitem>
</varlistentry>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="ISO-8859-1"?> <?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml">
]>
<refentry id='newgrp.1'> <refentry id='newgrp.1'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -50,6 +54,18 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&SYSLOG_SG_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml">
<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml">
<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml">
<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml">
<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml">
<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml">
<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml">
]>
<refentry id='passwd.1'> <refentry id='passwd.1'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -320,6 +330,24 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration' condition="no_pam">
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&ENCRYPT_METHOD;
&MD5_CRYPT_ENAB;
&OBSCURE_CHECKS_ENAB;
&PASS_ALWAYS_WARN;
&PASS_CHANGE_TRIES;
&PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN -->
&SHA_CRYPT_MIN_ROUNDS;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,4 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
]>
<refentry id='pwck.8'> <refentry id='pwck.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -141,6 +147,20 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&PASS_MAX_DAYS;
&PASS_MIN_DAYS;
&PASS_WARN_AGE;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
]>
<refentry id='pwconv.8'> <refentry id='pwconv.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -105,6 +112,28 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variable in
<filename>/etc/login.defs</filename> change the behavior of
<command>grpconv</command> and <command>grpunconv</command>:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
<para>
The following configuration variable in
<filename>/etc/login.defs</filename> change the behavior of
<command>pwconv</command>:
</para>
<variablelist>
&PASS_MAX_DAYS;
&PASS_MIN_DAYS;
&PASS_WARN_AGE;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,24 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml">
<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml">
<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml">
<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml">
<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml">
<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml">
<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml">
<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml">
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml">
<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml">
<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml">
<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml">
<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
]>
<refentry id='su.1'> <refentry id='su.1'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -172,6 +192,34 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&CONSOLE;
&CONSOLE_GROUPS;
&DEFAULT_HOME;
&ENV_HZ;
&ENVIRON_FILE;
&ENV_PATH;
&ENV_SUPATH;
&ENV_TZ;
&LOGIN_STRING;
&MAIL_CHECK_ENAB;
&MAIL_DIR;
&QUOTAS_ENAB;
&SULOG_FILE;
&SU_NAME;
&SU_WHEEL_ONLY;
&SYSLOG_SU_ENAB;
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml">
<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml">
]>
<refentry id='sulogin.8'> <refentry id='sulogin.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -74,6 +79,19 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&ENV_HZ;
&ENV_TZ;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml">
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml">
<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml">
]>
<refentry id='useradd.8'> <refentry id='useradd.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -367,6 +378,25 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&GID_MAX; <!-- documents also GID_MIN -->
&MAIL_DIR;
&MAX_MEMBERS_PER_GROUP;
&PASS_MAX_DAYS;
&PASS_MIN_DAYS;
&PASS_WARN_AGE;
&UID_MAX; <!-- documents also UID_MIN -->
&UMASK;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml">
<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
]>
<refentry id='userdel.8'> <refentry id='userdel.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -85,6 +92,21 @@
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAIL_DIR; <!-- documents also MAIL_FILE -->
&MAX_MEMBERS_PER_GROUP;
&USERDEL_CMD;
&USERGROUPS_ENAB;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml">
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='usermod.8'> <refentry id='usermod.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -256,6 +261,19 @@
</para> </para>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAIL_DIR; <!-- documents also MAIL_FILE -->
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>

View File

@ -1,4 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml">
]>
<refentry id='vipw.8'> <refentry id='vipw.8'>
<!-- $Id$ --> <!-- $Id$ -->
<refmeta> <refmeta>
@ -87,6 +91,18 @@
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='configuration'>
<title>CONFIGURATION</title>
<para>
The following configuration variables in
<filename>/etc/login.defs</filename> change the behavior of this
tool:
</para>
<variablelist>
&MAX_MEMBERS_PER_GROUP;
</variablelist>
</refsect1>
<refsect1 id='files'> <refsect1 id='files'>
<title>FILES</title> <title>FILES</title>
<variablelist> <variablelist>
@ -116,6 +132,7 @@
</varlistentry> </varlistentry>
</variablelist> </variablelist>
</refsect1> </refsect1>
<refsect1 id='see_also'> <refsect1 id='see_also'>
<title>SEE ALSO</title> <title>SEE ALSO</title>
<para> <para>