diff options
Diffstat (limited to 'man/login.defs.5.xml')
-rw-r--r-- | man/login.defs.5.xml | 569 |
1 files changed, 569 insertions, 0 deletions
diff --git a/man/login.defs.5.xml b/man/login.defs.5.xml new file mode 100644 index 0000000..9e95da2 --- /dev/null +++ b/man/login.defs.5.xml @@ -0,0 +1,569 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.5//EN" + "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ +<!ENTITY CHFN_AUTH SYSTEM "login.defs.d/CHFN_AUTH.xml"> +<!ENTITY CHFN_RESTRICT SYSTEM "login.defs.d/CHFN_RESTRICT.xml"> +<!ENTITY CHSH_AUTH SYSTEM "login.defs.d/CHSH_AUTH.xml"> +<!ENTITY CONSOLE SYSTEM "login.defs.d/CONSOLE.xml"> +<!ENTITY CONSOLE_GROUPS SYSTEM "login.defs.d/CONSOLE_GROUPS.xml"> +<!ENTITY CREATE_HOME SYSTEM "login.defs.d/CREATE_HOME.xml"> +<!ENTITY DEFAULT_HOME SYSTEM "login.defs.d/DEFAULT_HOME.xml"> +<!ENTITY ENCRYPT_METHOD SYSTEM "login.defs.d/ENCRYPT_METHOD.xml"> +<!ENTITY ENV_HZ SYSTEM "login.defs.d/ENV_HZ.xml"> +<!ENTITY ENV_PATH SYSTEM "login.defs.d/ENV_PATH.xml"> +<!ENTITY ENV_SUPATH SYSTEM "login.defs.d/ENV_SUPATH.xml"> +<!ENTITY ENV_TZ SYSTEM "login.defs.d/ENV_TZ.xml"> +<!ENTITY ENVIRON_FILE SYSTEM "login.defs.d/ENVIRON_FILE.xml"> +<!ENTITY ERASECHAR SYSTEM "login.defs.d/ERASECHAR.xml"> +<!ENTITY FAIL_DELAY SYSTEM "login.defs.d/FAIL_DELAY.xml"> +<!ENTITY FAILLOG_ENAB SYSTEM "login.defs.d/FAILLOG_ENAB.xml"> +<!ENTITY FAKE_SHELL SYSTEM "login.defs.d/FAKE_SHELL.xml"> +<!ENTITY FTMP_FILE SYSTEM "login.defs.d/FTMP_FILE.xml"> +<!ENTITY GID_MAX SYSTEM "login.defs.d/GID_MAX.xml"> +<!ENTITY HOME_MODE SYSTEM "login.defs.d/HOME_MODE.xml"> +<!ENTITY HUSHLOGIN_FILE SYSTEM "login.defs.d/HUSHLOGIN_FILE.xml"> +<!ENTITY ISSUE_FILE SYSTEM "login.defs.d/ISSUE_FILE.xml"> +<!ENTITY KILLCHAR SYSTEM "login.defs.d/KILLCHAR.xml"> +<!ENTITY LASTLOG_ENAB SYSTEM "login.defs.d/LASTLOG_ENAB.xml"> +<!ENTITY LASTLOG_UID_MAX SYSTEM "login.defs.d/LASTLOG_UID_MAX.xml"> +<!ENTITY LOG_OK_LOGINS SYSTEM "login.defs.d/LOG_OK_LOGINS.xml"> +<!ENTITY LOG_UNKFAIL_ENAB SYSTEM "login.defs.d/LOG_UNKFAIL_ENAB.xml"> +<!ENTITY LOGIN_RETRIES SYSTEM "login.defs.d/LOGIN_RETRIES.xml"> +<!ENTITY LOGIN_STRING SYSTEM "login.defs.d/LOGIN_STRING.xml"> +<!ENTITY LOGIN_TIMEOUT SYSTEM "login.defs.d/LOGIN_TIMEOUT.xml"> +<!ENTITY MAIL_CHECK_ENAB SYSTEM "login.defs.d/MAIL_CHECK_ENAB.xml"> +<!ENTITY MAIL_DIR SYSTEM "login.defs.d/MAIL_DIR.xml"> +<!ENTITY MAX_MEMBERS_PER_GROUP SYSTEM "login.defs.d/MAX_MEMBERS_PER_GROUP.xml"> +<!ENTITY MD5_CRYPT_ENAB SYSTEM "login.defs.d/MD5_CRYPT_ENAB.xml"> +<!ENTITY MOTD_FILE SYSTEM "login.defs.d/MOTD_FILE.xml"> +<!ENTITY NOLOGINS_FILE SYSTEM "login.defs.d/NOLOGINS_FILE.xml"> +<!ENTITY OBSCURE_CHECKS_ENAB SYSTEM "login.defs.d/OBSCURE_CHECKS_ENAB.xml"> +<!ENTITY PASS_ALWAYS_WARN SYSTEM "login.defs.d/PASS_ALWAYS_WARN.xml"> +<!ENTITY PASS_CHANGE_TRIES SYSTEM "login.defs.d/PASS_CHANGE_TRIES.xml"> +<!ENTITY PASS_MAX_LEN SYSTEM "login.defs.d/PASS_MAX_LEN.xml"> +<!ENTITY PASS_MAX_DAYS SYSTEM "login.defs.d/PASS_MAX_DAYS.xml"> +<!ENTITY PASS_MIN_DAYS SYSTEM "login.defs.d/PASS_MIN_DAYS.xml"> +<!ENTITY PASS_WARN_AGE SYSTEM "login.defs.d/PASS_WARN_AGE.xml"> +<!ENTITY PORTTIME_CHECKS_ENAB SYSTEM "login.defs.d/PORTTIME_CHECKS_ENAB.xml"> +<!ENTITY QUOTAS_ENAB SYSTEM "login.defs.d/QUOTAS_ENAB.xml"> +<!ENTITY SHA_CRYPT_MIN_ROUNDS SYSTEM "login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml"> +<!ENTITY SULOG_FILE SYSTEM "login.defs.d/SULOG_FILE.xml"> +<!ENTITY SU_NAME SYSTEM "login.defs.d/SU_NAME.xml"> +<!ENTITY SU_WHEEL_ONLY SYSTEM "login.defs.d/SU_WHEEL_ONLY.xml"> +<!ENTITY SUB_GID_COUNT SYSTEM "login.defs.d/SUB_GID_COUNT.xml"> +<!ENTITY SUB_UID_COUNT SYSTEM "login.defs.d/SUB_UID_COUNT.xml"> +<!ENTITY SYS_GID_MAX SYSTEM "login.defs.d/SYS_GID_MAX.xml"> +<!ENTITY SYSLOG_SG_ENAB SYSTEM "login.defs.d/SYSLOG_SG_ENAB.xml"> +<!ENTITY SYSLOG_SU_ENAB SYSTEM "login.defs.d/SYSLOG_SU_ENAB.xml"> +<!ENTITY SYS_UID_MAX SYSTEM "login.defs.d/SYS_UID_MAX.xml"> +<!ENTITY TCB_AUTH_GROUP SYSTEM "login.defs.d/TCB_AUTH_GROUP.xml"> +<!ENTITY TCB_SYMLINKS SYSTEM "login.defs.d/TCB_SYMLINKS.xml"> +<!ENTITY TTYGROUP SYSTEM "login.defs.d/TTYGROUP.xml"> +<!ENTITY TTYTYPE_FILE SYSTEM "login.defs.d/TTYTYPE_FILE.xml"> +<!ENTITY UID_MAX SYSTEM "login.defs.d/UID_MAX.xml"> +<!ENTITY ULIMIT SYSTEM "login.defs.d/ULIMIT.xml"> +<!ENTITY UMASK SYSTEM "login.defs.d/UMASK.xml"> +<!ENTITY USERDEL_CMD SYSTEM "login.defs.d/USERDEL_CMD.xml"> +<!ENTITY USERGROUPS_ENAB SYSTEM "login.defs.d/USERGROUPS_ENAB.xml"> +<!ENTITY USE_TCB SYSTEM "login.defs.d/USE_TCB.xml"> +<!-- SHADOW-CONFIG-HERE --> +]> + +<refentry id='login.defs.5'> + <!-- $Id$ --> + <refentryinfo> + <author> + <firstname>Julianne Frances</firstname> + <surname>Haugh</surname> + <contrib>Creation, 1991</contrib> + </author> + <author> + <firstname>Thomas</firstname> + <surname>Kłoczko</surname> + <email>kloczek@pld.org.pl</email> + <contrib>shadow-utils maintainer, 2000 - 2007</contrib> + </author> + <author> + <firstname>Nicolas</firstname> + <surname>François</surname> + <email>nicolas.francois@centraliens.net</email> + <contrib>shadow-utils maintainer, 2007 - now</contrib> + </author> + </refentryinfo> + <refmeta> + <refentrytitle>login.defs</refentrytitle> + <manvolnum>5</manvolnum> + <refmiscinfo class="sectdesc">File Formats and Conversions</refmiscinfo> + <refmiscinfo class="source">shadow-utils</refmiscinfo> + <refmiscinfo class="version">&SHADOW_UTILS_VERSION;</refmiscinfo> + </refmeta> + <refnamediv id='name'> + <refname>login.defs</refname> + <refpurpose>shadow password suite configuration</refpurpose> + </refnamediv> + + <refsect1 id='description'> + <title>DESCRIPTION</title> + <para> + The <filename>/etc/login.defs</filename> file defines the + site-specific configuration for the shadow password suite. This file + is required. Absence of this file will not prevent system operation, + but will probably result in undesirable operation. + </para> + + <para> + This file is a readable text file, each line of the file describing + one configuration parameter. The lines consist of a configuration name + and value, separated by whitespace. Blank lines and comment lines are + ignored. Comments are introduced with a "#" pound sign and the pound + sign must be the first non-white character of the line. + </para> + + <para> + Parameter values may be of four types: strings, booleans, numbers, and + long numbers. A string is comprised of any printable characters. A + boolean should be either the value <replaceable>yes</replaceable> or + <replaceable>no</replaceable>. An undefined boolean + parameter or one with a value other than these will be given a + <replaceable>no</replaceable> + value. Numbers (both regular and long) may be either decimal values, + octal values (precede the value with <replaceable>0</replaceable>) or + hexadecimal values + (precede the value with <replaceable>0x</replaceable>). + The maximum value of the regular and + long numeric parameters is machine-dependent. + </para> + + <para>The following configuration items are provided:</para> + + <variablelist remap='IP'> + &CHFN_AUTH; + &CHFN_RESTRICT; + &CHSH_AUTH; + &CONSOLE; + &CONSOLE_GROUPS; + &CREATE_HOME; + &DEFAULT_HOME; + &ENCRYPT_METHOD; + &ENV_HZ; + &ENV_PATH; + &ENV_SUPATH; + &ENV_TZ; + &ENVIRON_FILE; + &ERASECHAR; + &FAIL_DELAY; + &FAILLOG_ENAB; + &FAKE_SHELL; + &FTMP_FILE; + &GID_MAX; <!-- documents also GID_MIN --> + &HOME_MODE; + &HUSHLOGIN_FILE; + &ISSUE_FILE; + &KILLCHAR; + &LASTLOG_ENAB; + &LASTLOG_UID_MAX; + &LOG_OK_LOGINS; + &LOG_UNKFAIL_ENAB; + &LOGIN_RETRIES; + &LOGIN_STRING; + &LOGIN_TIMEOUT; + &MAIL_CHECK_ENAB; + &MAIL_DIR; + &MAX_MEMBERS_PER_GROUP; + &MD5_CRYPT_ENAB; + &MOTD_FILE; + &NOLOGINS_FILE; + &OBSCURE_CHECKS_ENAB; + &PASS_ALWAYS_WARN; + &PASS_CHANGE_TRIES; + &PASS_MAX_DAYS; + &PASS_MIN_DAYS; + &PASS_WARN_AGE; + <para> + <option>PASS_MAX_DAYS</option>, <option>PASS_MIN_DAYS</option> and + <option>PASS_WARN_AGE</option> are only used at the + time of account creation. Any changes to these settings won't affect + existing accounts. + </para> + &PASS_MAX_LEN; <!-- documents also PASS_MIN_LEN --> + &PORTTIME_CHECKS_ENAB; + "AS_ENAB; + &SHA_CRYPT_MIN_ROUNDS; <!-- documents also SHA_CRYPT_MAX_ROUNDS --> + &SULOG_FILE; + &SU_NAME; + &SU_WHEEL_ONLY; + &SUB_GID_COUNT; <!-- documents also SUB_GID_MIN SUB_GID_MAX --> + &SUB_UID_COUNT; <!-- documents also SUB_UID_MIN SUB_UID_MAX --> + &SYS_GID_MAX; <!-- documents also SYS_GID_MIN --> + &SYS_UID_MAX; <!-- documents also SYS_UID_MIN --> + &SYSLOG_SG_ENAB; + &SYSLOG_SU_ENAB; + &TCB_AUTH_GROUP; + &TCB_SYMLINKS; + &TTYGROUP; + &TTYTYPE_FILE; + &UID_MAX; <!-- documents also UID_MIN --> + &ULIMIT; + &UMASK; + &USERDEL_CMD; + &USERGROUPS_ENAB; + &USE_TCB; + </variablelist> + </refsect1> + + <refsect1 id='cross_references'> + <title>CROSS REFERENCES</title> + <para> + The following cross references show which programs in the shadow + password suite use which parameters. + </para> + <!-- .na --> + <variablelist remap='IP'> + <varlistentry condition="tcb"> + <term>chage</term> + <listitem> + <para>USE_TCB</para> + </listitem> + </varlistentry> + <varlistentry> + <term>chfn</term> + <listitem> + <para> + <phrase condition="no_pam">CHFN_AUTH</phrase> + CHFN_RESTRICT + <phrase condition="no_pam">LOGIN_STRING</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>chgpasswd</term> + <listitem> + <para> + ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB + <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS + SHA_CRYPT_MIN_ROUNDS</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>chpasswd</term> + <listitem> + <para> + <phrase condition="no_pam">ENCRYPT_METHOD + MD5_CRYPT_ENAB </phrase> + <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS + SHA_CRYPT_MIN_ROUNDS</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry condition="no_pam"> + <term>chsh</term> + <listitem> + <para> + CHSH_AUTH LOGIN_STRING + </para> + </listitem> + </varlistentry> + <!-- expiry: no variables (CONSOLE_GROUPS linked, but not used) --> + <!-- faillog: no variables --> + <varlistentry> + <term>gpasswd</term> + <listitem> + <para> + ENCRYPT_METHOD MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB + <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS + SHA_CRYPT_MIN_ROUNDS</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>groupadd</term> + <listitem> + <para> + GID_MAX GID_MIN MAX_MEMBERS_PER_GROUP + SYS_GID_MAX SYS_GID_MIN + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>groupdel</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <varlistentry> + <term>groupmems</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <varlistentry> + <term>groupmod</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <!-- groups: no variables --> + <varlistentry> + <term>grpck</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <varlistentry> + <term>grpconv</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <varlistentry> + <term>grpunconv</term> + <listitem> + <para>MAX_MEMBERS_PER_GROUP</para> + </listitem> + </varlistentry> + <!-- id: no variables --> + <varlistentry> + <term>lastlog</term> + <listitem> + <para>LASTLOG_UID_MAX</para> + </listitem> + </varlistentry> + <varlistentry> + <term>login</term> + <listitem> + <para> + <phrase condition="no_pam">CONSOLE</phrase> + CONSOLE_GROUPS DEFAULT_HOME + <phrase condition="no_pam">ENV_HZ ENV_PATH ENV_SUPATH + ENV_TZ ENVIRON_FILE</phrase> + ERASECHAR FAIL_DELAY + <phrase condition="no_pam">FAILLOG_ENAB</phrase> + FAKE_SHELL + <phrase condition="no_pam">FTMP_FILE</phrase> + HUSHLOGIN_FILE + <phrase condition="no_pam">ISSUE_FILE</phrase> + KILLCHAR + <phrase condition="no_pam">LASTLOG_ENAB LASTLOG_UID_MAX</phrase> + LOGIN_RETRIES + <phrase condition="no_pam">LOGIN_STRING</phrase> + LOGIN_TIMEOUT LOG_OK_LOGINS LOG_UNKFAIL_ENAB + <phrase condition="no_pam">MAIL_CHECK_ENAB MAIL_DIR MAIL_FILE + MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB + QUOTAS_ENAB</phrase> + TTYGROUP TTYPERM TTYTYPE_FILE + <phrase condition="no_pam">ULIMIT UMASK</phrase> + USERGROUPS_ENAB + </para> + </listitem> + </varlistentry> + <!-- logoutd: no variables --> + <varlistentry> + <term>newgrp / sg</term> + <listitem> + <para> + SYSLOG_SG_ENAB + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>newusers</term> + <listitem> + <para> + ENCRYPT_METHOD + GID_MAX GID_MIN + MAX_MEMBERS_PER_GROUP MD5_CRYPT_ENAB + HOME_MODE + PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE + <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS + SHA_CRYPT_MIN_ROUNDS</phrase> + SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN + SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN + SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN + UMASK + </para> + </listitem> + </varlistentry> + <!-- nologin: no variables --> + <varlistentry condition="no_pam"> + <term>passwd</term> + <listitem> + <para> + ENCRYPT_METHOD MD5_CRYPT_ENAB OBSCURE_CHECKS_ENAB + PASS_ALWAYS_WARN PASS_CHANGE_TRIES PASS_MAX_LEN PASS_MIN_LEN + <phrase condition="sha_crypt">SHA_CRYPT_MAX_ROUNDS + SHA_CRYPT_MIN_ROUNDS</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>pwck</term> + <listitem> + <para> + PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE + <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINKS USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>pwconv</term> + <listitem> + <para> + PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE + <phrase condition="tcb">USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry condition="tcb"> + <term>pwunconv</term> + <listitem> + <para> + <phrase condition="tcb">USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>su</term> + <listitem> + <para> + <phrase condition="no_pam">CONSOLE</phrase> + CONSOLE_GROUPS DEFAULT_HOME + <phrase condition="no_pam">ENV_HZ ENVIRON_FILE</phrase> + ENV_PATH ENV_SUPATH + <phrase condition="no_pam">ENV_TZ LOGIN_STRING MAIL_CHECK_ENAB + MAIL_DIR MAIL_FILE QUOTAS_ENAB</phrase> + SULOG_FILE SU_NAME + <phrase condition="no_pam">SU_WHEEL_ONLY</phrase> + SYSLOG_SU_ENAB + <phrase condition="no_pam">USERGROUPS_ENAB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>sulogin</term> + <listitem> + <para> + ENV_HZ + <phrase condition="no_pam">ENV_TZ</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>useradd</term> + <listitem> + <para> + CREATE_HOME + GID_MAX GID_MIN + HOME_MODE + LASTLOG_UID_MAX + MAIL_DIR MAX_MEMBERS_PER_GROUP + PASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE + SUB_GID_COUNT SUB_GID_MAX SUB_GID_MIN + SUB_UID_COUNT SUB_UID_MAX SUB_UID_MIN + SYS_GID_MAX SYS_GID_MIN SYS_UID_MAX SYS_UID_MIN UID_MAX UID_MIN + UMASK + <phrase condition="tcb">TCB_AUTH_GROUP TCB_SYMLINK USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>userdel</term> + <listitem> + <para> + MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP USERDEL_CMD + USERGROUPS_ENAB + <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>usermod</term> + <listitem> + <para> + LASTLOG_UID_MAX + MAIL_DIR MAIL_FILE MAX_MEMBERS_PER_GROUP + <phrase condition="tcb">TCB_SYMLINKS USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + <varlistentry condition="tcb"> + <term>vipw</term> + <listitem> + <para> + <phrase condition="tcb">USE_TCB</phrase> + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 id='bugs' condition="pam"> + <title>BUGS</title> + <para> + Much of the functionality that used to be provided by the shadow + password suite is now handled by PAM. Thus, + <filename>/etc/login.defs</filename> is no longer used by <citerefentry> + <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, or less used by <citerefentry> + <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, and <citerefentry> + <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>. Please refer to the corresponding PAM configuration + files instead. + </para> + </refsect1> + + <refsect1 id='see_also'> + <title>SEE ALSO</title> + <para> + <citerefentry> + <refentrytitle>login</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>passwd</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>su</refentrytitle><manvolnum>1</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>. + </para> + </refsect1> +</refentry> |