diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-05-21 13:16:36 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-05-21 13:21:04 +0300 |
commit | 3e9c3f3c3b9edce9e3821f11be27350cae33b288 (patch) | |
tree | 42ed9005d45ed65dc0d02dbe8b3b5bf5e06c3cce | |
parent | 66dcf254f5446419428ae95e5de28752b82f1e23 (diff) | |
download | pam-modules-3e9c3f3c3b9edce9e3821f11be27350cae33b288.tar.gz pam-modules-3e9c3f3c3b9edce9e3821f11be27350cae33b288.tar.bz2 |
Fix docs.
* doc/Makefile.am (check-ldaphome-config): Take into account
gray_env_get_bool (see 7636fa3e).
* doc/pam-modules.texi: Update; final check.
* NEWS: Update.
-rw-r--r-- | NEWS | 17 | ||||
-rw-r--r-- | doc/Makefile.am | 2 | ||||
-rw-r--r-- | doc/pam-modules.texi | 95 |
3 files changed, 78 insertions, 36 deletions
@@ -1,4 +1,4 @@ | |||
1 | pam-modules -- history of user-visible changes. 2014-05-20 | 1 | pam-modules -- history of user-visible changes. 2014-05-21 |
2 | Copyright (C) 2001, 2004-2005, 2007-2012, 2014 Sergey Poznyakoff | 2 | Copyright (C) 2001, 2004-2005, 2007-2012, 2014 Sergey Poznyakoff |
3 | See the end of file for copying conditions. | 3 | See the end of file for copying conditions. |
4 | 4 | ||
@@ -20,6 +20,21 @@ per-user customization of the files copied from the skeleton dir. | |||
20 | The examples directory contains a perl program "usergitconfig", which, | 20 | The examples directory contains a perl program "usergitconfig", which, |
21 | when used as inirc-command, initializes the user's .gitconfig file. | 21 | when used as inirc-command, initializes the user's .gitconfig file. |
22 | 22 | ||
23 | * New auxiliary utilities | ||
24 | |||
25 | ** ldappubkey | ||
26 | |||
27 | The `ldappubkey' utility is a simple Perl program which takes user | ||
28 | login name as its argument and produces on the standard output public | ||
29 | ssh keys for that user, each on a separate line. The program is | ||
30 | designed for use with `openssh' version 6.2p1 or higher. | ||
31 | |||
32 | ** usergitconfig | ||
33 | |||
34 | Customizes user's `.gitconfig' file using attributes from his LDAP | ||
35 | entry. This utility can be used with the initrc-command statement | ||
36 | in pam_ldaphome.conf file. | ||
37 | |||
23 | * Bugfixes | 38 | * Bugfixes |
24 | 39 | ||
25 | 40 | ||
diff --git a/doc/Makefile.am b/doc/Makefile.am index e792390..5daae7a 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am | |||
@@ -103,7 +103,7 @@ check-sql-config: | |||
103 | 103 | ||
104 | check-ldaphome-config: | 104 | check-ldaphome-config: |
105 | @$(CHECK_DOCS) 'pam_ldaphome configuration keywords' \ | 105 | @$(CHECK_DOCS) 'pam_ldaphome configuration keywords' \ |
106 | 's/.*gray_env_get(.[^,]*, *"\(.[^"]*\)".*/\1/p;s/.*get_intval(.[^,]*, *"\(.[^"]*\)".*/\1/p' \ | 106 | 's/.*gray_env_get(.[^,]*, *"\(.[^"]*\)".*/\1/p;s/.*gray_env_get_bool(.[^,]*, *"\(.[^"]*\)".*/\1/p;s/.*get_intval(.[^,]*, *"\(.[^"]*\)".*/\1/p' \ |
107 | 's/@deffn *{pam_ldaphome config} *\([a-zA-Z_][a-zA-Z0-9_-]*\) .*/\1/p' \ | 107 | 's/@deffn *{pam_ldaphome config} *\([a-zA-Z_][a-zA-Z0-9_-]*\) .*/\1/p' \ |
108 | $(top_srcdir)/pam_ldaphome/pam_ldaphome.c -- \ | 108 | $(top_srcdir)/pam_ldaphome/pam_ldaphome.c -- \ |
109 | $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \ | 109 | $(MAKEINFO) $(AM_MAKEINFOFLAGS) $(MAKEINFOFLAGS) -I $(srcdir) -E - \ |
diff --git a/doc/pam-modules.texi b/doc/pam-modules.texi index 8d9a1c8..506ec33 100644 --- a/doc/pam-modules.texi +++ b/doc/pam-modules.texi | |||
@@ -121,6 +121,25 @@ SQL Authentication and Session Management. | |||
121 | * sql session:: Using @acronym{SQL} modules for session management. | 121 | * sql session:: Using @acronym{SQL} modules for session management. |
122 | * sql summary:: Summary of configuration statements. | 122 | * sql summary:: Summary of configuration statements. |
123 | 123 | ||
124 | pam_ldaphome | ||
125 | |||
126 | * ldaphome example:: | ||
127 | * ldappubkey:: | ||
128 | * usergitconfig:: | ||
129 | |||
130 | Example of pam_ldaphome configuration | ||
131 | |||
132 | * 5.x:: Openssh versions prior to 6.2p1. | ||
133 | * 6.2p1:: Openssh versions 6.2p1 and newer. | ||
134 | |||
135 | pam_umotd | ||
136 | |||
137 | * summary of pam_umotd options:: | ||
138 | |||
139 | pam_groupmember | ||
140 | |||
141 | * summary of pam_groupmember options:: | ||
142 | |||
124 | @end detailmenu | 143 | @end detailmenu |
125 | @end menu | 144 | @end menu |
126 | 145 | ||
@@ -1164,20 +1183,20 @@ Actual module configuration is read from the configuration file, which | |||
1164 | has the same syntax as described in @ref{config, SQL configuration | 1183 | has the same syntax as described in @ref{config, SQL configuration |
1165 | file}. The following keywords are defined: | 1184 | file}. The following keywords are defined: |
1166 | 1185 | ||
1167 | @deffn {pam_ldaphome config} allow-home-dir path | 1186 | @deffn {pam_ldaphome config} allow-home-dir @var{path} |
1168 | If present, this option controls where @command{pam_ldaphome} should | 1187 | If present, this option controls where @command{pam_ldaphome} should |
1169 | try to create home directories. Its value is a list of directories | 1188 | try to create home directories. Its value is a list of directories |
1170 | separated by colons. The user's home directory will be created only | 1189 | separated by colons. The user's home directory will be created only |
1171 | if the directory part of its name is listed in @var{path}. | 1190 | if the directory part of its name is listed in @var{path}. |
1172 | @end deffn | 1191 | @end deffn |
1173 | 1192 | ||
1174 | @deffn {pam_ldaphome config} skel dir | 1193 | @deffn {pam_ldaphome config} skel @var{dir} |
1175 | Supplies the name of a @dfn{skeleton directory}. The contents of this | 1194 | Supplies the name of a @dfn{skeleton directory}. The contents of this |
1176 | directory is copied to the newly created user home directory. The | 1195 | directory is copied to the newly created user home directory. The |
1177 | file modes and permissions are preserved. | 1196 | file modes and permissions are preserved. |
1178 | @end deffn | 1197 | @end deffn |
1179 | 1198 | ||
1180 | @deffn {pam_ldaphome config} uri arg | 1199 | @deffn {pam_ldaphome config} uri @var{arg} |
1181 | Sets the URI of the LDAP server to consult for the user profile. | 1200 | Sets the URI of the LDAP server to consult for the user profile. |
1182 | Example: | 1201 | Example: |
1183 | 1202 | ||
@@ -1186,12 +1205,12 @@ uri ldap://127.0.0.1/ | |||
1186 | @end example | 1205 | @end example |
1187 | @end deffn | 1206 | @end deffn |
1188 | 1207 | ||
1189 | @deffn {pam_ldaphome config} ldap-version v | 1208 | @deffn {pam_ldaphome config} ldap-version @var{v} |
1190 | Sets the LDAP version to use. Valid values for @var{v} are @samp{2} | 1209 | Sets the LDAP version to use. Valid values for @var{v} are @samp{2} |
1191 | and @samp{3} (the default). | 1210 | and @samp{3} (the default). |
1192 | @end deffn | 1211 | @end deffn |
1193 | 1212 | ||
1194 | @deffn {pam_ldaphome config} base searchbase | 1213 | @deffn {pam_ldaphome config} base @var{searchbase} |
1195 | Use @var{searchbase} as the starting point for the search instead of | 1214 | Use @var{searchbase} as the starting point for the search instead of |
1196 | the default, e.g.: | 1215 | the default, e.g.: |
1197 | 1216 | ||
@@ -1200,7 +1219,7 @@ base dc=gnu,dc=org,dc=ua | |||
1200 | @end example | 1219 | @end example |
1201 | @end deffn | 1220 | @end deffn |
1202 | 1221 | ||
1203 | @deffn {pam_ldaphome config} binddn dn | 1222 | @deffn {pam_ldaphome config} binddn @var{dn} |
1204 | Use the Distinguished Name @var{dn} to bind to the LDAP directory. | 1223 | Use the Distinguished Name @var{dn} to bind to the LDAP directory. |
1205 | Example: | 1224 | Example: |
1206 | 1225 | ||
@@ -1209,16 +1228,16 @@ binddn cn=Manager,dc=gnu,dc=org,dc=ua | |||
1209 | @end example | 1228 | @end example |
1210 | @end deffn | 1229 | @end deffn |
1211 | 1230 | ||
1212 | @deffn {pam_ldaphome config} bindpw password | 1231 | @deffn {pam_ldaphome config} bindpw @var{password} |
1213 | If @code{binddn} statement is used, this statement supplies the | 1232 | If @code{binddn} statement is used, this statement supplies the |
1214 | password for simple authentication. | 1233 | password for simple authentication. |
1215 | @end deffn | 1234 | @end deffn |
1216 | 1235 | ||
1217 | @deffn {pam_ldaphome config} bindpwfile file | 1236 | @deffn {pam_ldaphome config} bindpwfile @var{file} |
1218 | Read password for simple authentication from @var{file}. | 1237 | Read password for simple authentication from @var{file}. |
1219 | @end deffn | 1238 | @end deffn |
1220 | 1239 | ||
1221 | @deffn {pam_ldaphome config} tls val | 1240 | @deffn {pam_ldaphome config} tls @var{val} |
1222 | Controls whether TLS is desired or required. If @var{val} is | 1241 | Controls whether TLS is desired or required. If @var{val} is |
1223 | @samp{no} (the default), TLS will not be used. If it is @samp{yes}, | 1242 | @samp{no} (the default), TLS will not be used. If it is @samp{yes}, |
1224 | the module will issue the @samp{StartTLS} command, but will continue | 1243 | the module will issue the @samp{StartTLS} command, but will continue |
@@ -1227,7 +1246,7 @@ mandatory, and the module will not establish LDAP connection unless | |||
1227 | @samp{StartTLS} succeeds. | 1246 | @samp{StartTLS} succeeds. |
1228 | @end deffn | 1247 | @end deffn |
1229 | 1248 | ||
1230 | @deffn {pam_ldaphome config} min-uid n | 1249 | @deffn {pam_ldaphome config} min-uid @var{n} |
1231 | Sets the minimal UID. For users with UIDs less than @var{n}, | 1250 | Sets the minimal UID. For users with UIDs less than @var{n}, |
1232 | @command{pam_ldaphome} returns PAM_SUCCESS immediately. This allows | 1251 | @command{pam_ldaphome} returns PAM_SUCCESS immediately. This allows |
1233 | you to have a set of basic users whose credentials are kept in the | 1252 | you to have a set of basic users whose credentials are kept in the |
@@ -1236,45 +1255,45 @@ system database and who will not be disturbed by | |||
1236 | @samp{allow-groups}. | 1255 | @samp{allow-groups}. |
1237 | @end deffn | 1256 | @end deffn |
1238 | 1257 | ||
1239 | @deffn {pam_ldaphome config} min-gid n | 1258 | @deffn {pam_ldaphome config} min-gid @var{n} |
1240 | Sets the minimal GID. For users with GIDs less than @var{n}, | 1259 | Sets the minimal GID. For users with GIDs less than @var{n}, |
1241 | @command{pam_ldaphome} returns PAM_SUCCESS immediately. | 1260 | @command{pam_ldaphome} returns PAM_SUCCESS immediately. |
1242 | @end deffn | 1261 | @end deffn |
1243 | 1262 | ||
1244 | @deffn {pam_ldaphome config} allow-groups group [group...] | 1263 | @deffn {pam_ldaphome config} allow-groups @var{group} [@var{group}...] |
1245 | Only handle members of the listed groups. | 1264 | Only handle members of the listed groups. |
1246 | @end deffn | 1265 | @end deffn |
1247 | 1266 | ||
1248 | @deffn {pam_ldaphome config} filter expr | 1267 | @deffn {pam_ldaphome config} filter @var{expr} |
1249 | Sets the LDAP filter expression to return a user profile. The | 1268 | Sets the LDAP filter expression to return a user profile. The |
1250 | @var{expr} should conform to the string representation for search | 1269 | @var{expr} should conform to the string representation for search |
1251 | filters as defined in RFC 4515. | 1270 | filters as defined in RFC 4515. |
1252 | @end deffn | 1271 | @end deffn |
1253 | 1272 | ||
1254 | @deffn {pam_ldaphome config} import-public-keys bool | 1273 | @deffn {pam_ldaphome config} import-public-keys @var{bool} |
1255 | When set to @samp{no}, disables importing public keys from LDAP. You | 1274 | When set to @samp{no}, disables importing public keys from LDAP. You |
1256 | may wish to use this option if you are using @command{openssh} 6.1 or | 1275 | may wish to use this option if you are using @command{openssh} 6.1 or |
1257 | later with @command{ldappubkey} as @samp{AuthorizedKeysCommand}. | 1276 | later with @command{ldappubkey} as @samp{AuthorizedKeysCommand}. |
1258 | @end deffn | 1277 | @end deffn |
1259 | 1278 | ||
1260 | @deffn {pam_ldaphome config} pubkey-attr text | 1279 | @deffn {pam_ldaphome config} pubkey-attr @var{text} |
1261 | Defines the name of the attribute which holds the user public key. | 1280 | Defines the name of the attribute which holds the user public key. |
1262 | @end deffn | 1281 | @end deffn |
1263 | 1282 | ||
1264 | @deffn {pam_ldaphome config} copy-buf-size n | 1283 | @deffn {pam_ldaphome config} copy-buf-size @var{n} |
1265 | Sets the size of the buffer used to copy files from the skeleton |