diff options
Diffstat (limited to 'man/login.defs.d')
64 files changed, 2825 insertions, 0 deletions
diff --git a/man/login.defs.d/CHFN_AUTH.xml b/man/login.defs.d/CHFN_AUTH.xml new file mode 100644 index 0000000..941e5f9 --- /dev/null +++ b/man/login.defs.d/CHFN_AUTH.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>CHFN_AUTH</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, the <command>chfn</command> + program will require authentication before making any changes, + unless run by the superuser. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/CHFN_RESTRICT.xml b/man/login.defs.d/CHFN_RESTRICT.xml new file mode 100644 index 0000000..ecc21b7 --- /dev/null +++ b/man/login.defs.d/CHFN_RESTRICT.xml @@ -0,0 +1,51 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>CHFN_RESTRICT</option> (string)</term> + <listitem> + <para> + This parameter specifies which values in the <emphasis + remap='I'>gecos</emphasis> field of the + <filename>/etc/passwd</filename> file may be changed by regular + users using the <command>chfn</command> program. It can be any + combination of letters <replaceable>f</replaceable>, + <replaceable>r</replaceable>, <replaceable>w</replaceable>, + <replaceable>h</replaceable>, for Full name, Room number, Work + phone, and Home phone, respectively. For backward compatibility, + <replaceable>yes</replaceable> is equivalent to + <replaceable>rwh</replaceable> and <replaceable>no</replaceable> is + equivalent to <replaceable>frwh</replaceable>. If not specified, + only the superuser can make any changes. The most restrictive + setting is better achieved by not installing <command>chfn</command> + SUID. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/CHSH_AUTH.xml b/man/login.defs.d/CHSH_AUTH.xml new file mode 100644 index 0000000..0d7139f --- /dev/null +++ b/man/login.defs.d/CHSH_AUTH.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>CHSH_AUTH</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, the <command>chsh</command> + program will require authentication before making any changes, + unless run by the superuser. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/CONSOLE.xml b/man/login.defs.d/CONSOLE.xml new file mode 100644 index 0000000..a5f6932 --- /dev/null +++ b/man/login.defs.d/CONSOLE.xml @@ -0,0 +1,46 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>CONSOLE</option> (string)</term> + <listitem> + <para> + If defined, either full pathname of a file containing device names + (one per line) or a ":" delimited list of device names. Root logins will be + allowed only upon these devices. + </para> + <para> + If not defined, root will be allowed on any device. + </para> + <para> + The device should be specified without the /dev/ prefix. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/CONSOLE_GROUPS.xml b/man/login.defs.d/CONSOLE_GROUPS.xml new file mode 100644 index 0000000..f464153 --- /dev/null +++ b/man/login.defs.d/CONSOLE_GROUPS.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>CONSOLE_GROUPS</option> (string)</term> + <listitem> + <para> + List of groups to add to the user's supplementary groups set when + logging in on the console (as determined by the CONSOLE setting). + Default is none. + <para> + </para> + Use with caution - it is possible for users to gain permanent access + to these groups, even when not logged in on the console. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/CREATE_HOME.xml b/man/login.defs.d/CREATE_HOME.xml new file mode 100644 index 0000000..fe40477 --- /dev/null +++ b/man/login.defs.d/CREATE_HOME.xml @@ -0,0 +1,41 @@ +<!-- + Copyright (c) 2009 , Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>CREATE_HOME</option> (boolean)</term> + <listitem> + <para> + Indicate if a home directory should be created by default for new + users. + </para> + <para> + This setting does not apply to system users, and can be overridden on + the command line. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/DEFAULT_HOME.xml b/man/login.defs.d/DEFAULT_HOME.xml new file mode 100644 index 0000000..bb9982b --- /dev/null +++ b/man/login.defs.d/DEFAULT_HOME.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>DEFAULT_HOME</option> (boolean)</term> + <listitem> + <para> + Indicate if login is allowed if we can't cd to the home directory. + Default is no. + </para> + <para> + If set to <replaceable>yes</replaceable>, the user will login in + the root (<filename>/</filename>) directory if it is not possible to + cd to her home directory. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENCRYPT_METHOD.xml b/man/login.defs.d/ENCRYPT_METHOD.xml new file mode 100644 index 0000000..325d025 --- /dev/null +++ b/man/login.defs.d/ENCRYPT_METHOD.xml @@ -0,0 +1,54 @@ +<!-- + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>ENCRYPT_METHOD</option> (string)</term> + <listitem> + <para> + This defines the system default encryption algorithm for encrypting + passwords (if no algorithm are specified on the command line). + </para> + <para> + It can take one of these values: + <replaceable>DES</replaceable> (default), + <replaceable>MD5</replaceable><phrase condition="sha_crypt">, + <replaceable>SHA256</replaceable>, + <replaceable>SHA512</replaceable></phrase>. + </para> + <para> + Note: this parameter overrides the <option>MD5_CRYPT_ENAB</option> + variable. + </para> + <para condition="pam"> + Note: This only affect the generation of group passwords. + The generation of user passwords is done by PAM and subject to the + PAM configuration. It is recommended to set this variable + consistently with the PAM configuration. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENVIRON_FILE.xml b/man/login.defs.d/ENVIRON_FILE.xml new file mode 100644 index 0000000..ee85d8c --- /dev/null +++ b/man/login.defs.d/ENVIRON_FILE.xml @@ -0,0 +1,42 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>ENVIRON_FILE</option> (string)</term> + <listitem> + <para> + If this file exists and is readable, login environment will be + read from it. Every line should be in the form name=value. + </para> + <para> + Lines starting with a # are treated as comment lines and ignored. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENV_HZ.xml b/man/login.defs.d/ENV_HZ.xml new file mode 100644 index 0000000..9bbc255 --- /dev/null +++ b/man/login.defs.d/ENV_HZ.xml @@ -0,0 +1,47 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <!-- XXX: When compiled with PAM support, only sulogin uses ENV_HZ --> + <term><option>ENV_HZ</option> (string)</term> + <listitem> + <para> + If set, it will be used to define the HZ environment variable when + a user login. The value must be preceded by + <replaceable>HZ=</replaceable>. A common value on Linux is + <replaceable>HZ=100</replaceable>. + </para> + <para condition="pam"> + The <envar>HZ</envar> environment variable is only set when the user + (the superuser) logs in with <command>sulogin</command>. + </para> + <!-- TODO: it can in fact be used to set any other variable--> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENV_PATH.xml b/man/login.defs.d/ENV_PATH.xml new file mode 100644 index 0000000..a3852fa --- /dev/null +++ b/man/login.defs.d/ENV_PATH.xml @@ -0,0 +1,43 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>ENV_PATH</option> (string)</term> + <listitem> + <para> + If set, it will be used to define the PATH environment variable when + a regular user login. The value is a colon separated list of paths + (for example <replaceable>/bin:/usr/bin</replaceable>) and can be + preceded by <replaceable>PATH=</replaceable>. The default value is + <replaceable>PATH=/bin:/usr/bin</replaceable>. + </para> + <!-- TODO: it can in fact be used to set any other variable--> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENV_SUPATH.xml b/man/login.defs.d/ENV_SUPATH.xml new file mode 100644 index 0000000..bbd07f8 --- /dev/null +++ b/man/login.defs.d/ENV_SUPATH.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>ENV_SUPATH</option> (string)</term> + <listitem> + <para> + If set, it will be used to define the PATH environment variable when + the superuser login. The value is a colon separated list of paths + (for example + <replaceable>/sbin:/bin:/usr/sbin:/usr/bin</replaceable>) and can be + preceded by <replaceable>PATH=</replaceable>. The default value is + <replaceable>PATH=/sbin:/bin:/usr/sbin:/usr/bin</replaceable>. + </para> + <!-- TODO: it can in fact be used to set any other variable--> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ENV_TZ.xml b/man/login.defs.d/ENV_TZ.xml new file mode 100644 index 0000000..90c8bca --- /dev/null +++ b/man/login.defs.d/ENV_TZ.xml @@ -0,0 +1,48 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>ENV_TZ</option> (string)</term> + <listitem> + <para> + If set, it will be used to define the TZ environment variable when + a user login. The value can be the name of a timezone preceded by + <replaceable>TZ=</replaceable> (for example + <replaceable>TZ=CST6CDT</replaceable>), or the full path to the file + containing the timezone specification (for example + <filename>/etc/tzname</filename>). + </para> + <!-- TODO: it can in fact be used to set any other variable--> + <para> + If a full path is specified but the file does not exist or cannot be + read, the default is to use <replaceable>TZ=CST6CDT</replaceable>. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ERASECHAR.xml b/man/login.defs.d/ERASECHAR.xml new file mode 100644 index 0000000..fad4d72 --- /dev/null +++ b/man/login.defs.d/ERASECHAR.xml @@ -0,0 +1,43 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>ERASECHAR</option> (number)</term> + <listitem> + <para> + Terminal ERASE character (<replaceable>010</replaceable> = + backspace, <replaceable>0177</replaceable> = DEL). + </para> + <para> + The value can be prefixed "0" for an octal value, or "0x" for an + hexadecimal value. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/FAILLOG_ENAB.xml b/man/login.defs.d/FAILLOG_ENAB.xml new file mode 100644 index 0000000..5a52557 --- /dev/null +++ b/man/login.defs.d/FAILLOG_ENAB.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>FAILLOG_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable logging and display of <filename>/var/log/faillog</filename> + login failure info. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/FAIL_DELAY.xml b/man/login.defs.d/FAIL_DELAY.xml new file mode 100644 index 0000000..060ca0a --- /dev/null +++ b/man/login.defs.d/FAIL_DELAY.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>FAIL_DELAY</option> (number)</term> + <listitem> + <para> + Delay in seconds before being allowed another attempt after a login + failure. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/FAKE_SHELL.xml b/man/login.defs.d/FAKE_SHELL.xml new file mode 100644 index 0000000..967acaa --- /dev/null +++ b/man/login.defs.d/FAKE_SHELL.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>FAKE_SHELL</option> (string)</term> + <listitem> + <para> + If set, <command>login</command> will execute this shell instead of + the users' shell specified in <filename>/etc/passwd</filename>. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/FTMP_FILE.xml b/man/login.defs.d/FTMP_FILE.xml new file mode 100644 index 0000000..255569a --- /dev/null +++ b/man/login.defs.d/FTMP_FILE.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>FTMP_FILE</option> (string)</term> + <listitem> + <para> + If defined, login failures will be logged in this file in a utmp format. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/GID_MAX.xml b/man/login.defs.d/GID_MAX.xml new file mode 100644 index 0000000..639eafb --- /dev/null +++ b/man/login.defs.d/GID_MAX.xml @@ -0,0 +1,45 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>GID_MAX</option> (number)</term> + <term><option>GID_MIN</option> (number)</term> + <listitem> + <para> + Range of group IDs used for the creation of regular groups by + <command>useradd</command>, <command>groupadd</command>, or + <command>newusers</command>. + </para> + <para> + The default value for <option>GID_MIN</option> (resp. + <option>GID_MAX</option>) is 1000 (resp. 60000). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/HUSHLOGIN_FILE.xml b/man/login.defs.d/HUSHLOGIN_FILE.xml new file mode 100644 index 0000000..edb0262 --- /dev/null +++ b/man/login.defs.d/HUSHLOGIN_FILE.xml @@ -0,0 +1,42 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>HUSHLOGIN_FILE</option> (string)</term> + <listitem> + <para> + If defined, this file can inhibit all the usual chatter during the + login sequence. If a full pathname is specified, then hushed mode + will be enabled if the user's name or shell are found in the file. + If not a full pathname, then hushed mode will be enabled if the file + exists in the user's home directory. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ISSUE_FILE.xml b/man/login.defs.d/ISSUE_FILE.xml new file mode 100644 index 0000000..12c22a7 --- /dev/null +++ b/man/login.defs.d/ISSUE_FILE.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>ISSUE_FILE</option> (string)</term> + <listitem> + <para> + If defined, this file will be displayed before each login prompt. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/KILLCHAR.xml b/man/login.defs.d/KILLCHAR.xml new file mode 100644 index 0000000..fea9f87 --- /dev/null +++ b/man/login.defs.d/KILLCHAR.xml @@ -0,0 +1,42 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>KILLCHAR</option> (number)</term> + <listitem> + <para> + Terminal KILL character (<replaceable>025</replaceable> = CTRL/U). + </para> + <para> + The value can be prefixed "0" for an octal value, or "0x" for an + hexadecimal value. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LASTLOG_ENAB.xml b/man/login.defs.d/LASTLOG_ENAB.xml new file mode 100644 index 0000000..c264a89 --- /dev/null +++ b/man/login.defs.d/LASTLOG_ENAB.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>LASTLOG_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable logging and display of /var/log/lastlog login time info. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LASTLOG_UID_MAX.xml b/man/login.defs.d/LASTLOG_UID_MAX.xml new file mode 100644 index 0000000..ba3025a --- /dev/null +++ b/man/login.defs.d/LASTLOG_UID_MAX.xml @@ -0,0 +1,46 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + Copyright (c) 2018, Red Hat, inc. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>LASTLOG_UID_MAX</option> (number)</term> + <listitem> + <para> + Highest user ID number for which the lastlog entries should be + updated. As higher user IDs are usually tracked by remote user + identity and authentication services there is no need to create + a huge sparse lastlog file for them. + </para> + <para> + No <option>LASTLOG_UID_MAX</option> option present in the configuration + means that there is no user ID limit for writing lastlog entries. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LOGIN_RETRIES.xml b/man/login.defs.d/LOGIN_RETRIES.xml new file mode 100644 index 0000000..3de450d --- /dev/null +++ b/man/login.defs.d/LOGIN_RETRIES.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>LOGIN_RETRIES</option> (number)</term> + <listitem> + <para> + Maximum number of login retries in case of bad password. + </para> + <para condition="pam"> + This will most likely be overridden by PAM, since the default + pam_unix module has its own built in of 3 retries. However, this is + a safe fallback in case you are using an authentication module that + does not enforce PAM_MAXTRIES. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LOGIN_STRING.xml b/man/login.defs.d/LOGIN_STRING.xml new file mode 100644 index 0000000..3743afe --- /dev/null +++ b/man/login.defs.d/LOGIN_STRING.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>LOGIN_STRING</option> (string)</term> + <listitem> + <para> + The string used for prompting a password. The default is to use + "Password: ", or a translation of that string. If you set this + variable, the prompt will not be translated. + </para> + <para> + If the string contains <replaceable>%s</replaceable>, this will be + replaced by the user's name. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LOGIN_TIMEOUT.xml b/man/login.defs.d/LOGIN_TIMEOUT.xml new file mode 100644 index 0000000..05b7cff --- /dev/null +++ b/man/login.defs.d/LOGIN_TIMEOUT.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>LOGIN_TIMEOUT</option> (number)</term> + <listitem> + <para> + Max time in seconds for login. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LOG_OK_LOGINS.xml b/man/login.defs.d/LOG_OK_LOGINS.xml new file mode 100644 index 0000000..ec11580 --- /dev/null +++ b/man/login.defs.d/LOG_OK_LOGINS.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>LOG_OK_LOGINS</option> (boolean)</term> + <listitem> + <para> + Enable logging of successful logins. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/LOG_UNKFAIL_ENAB.xml b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml new file mode 100644 index 0000000..2bc0ca2 --- /dev/null +++ b/man/login.defs.d/LOG_UNKFAIL_ENAB.xml @@ -0,0 +1,43 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>LOG_UNKFAIL_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable display of unknown usernames when login failures are + recorded. + </para> + <para> + Note: logging unknown usernames may be a security issue if an user + enter her password instead of her login name. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/MAIL_CHECK_ENAB.xml b/man/login.defs.d/MAIL_CHECK_ENAB.xml new file mode 100644 index 0000000..62dece0 --- /dev/null +++ b/man/login.defs.d/MAIL_CHECK_ENAB.xml @@ -0,0 +1,42 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>MAIL_CHECK_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable checking and display of mailbox status upon login. + </para> + <para> + You should disable it if the shell startup files already check for + mail ("mailx -e" or equivalent). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/MAIL_DIR.xml b/man/login.defs.d/MAIL_DIR.xml new file mode 100644 index 0000000..60b82d6 --- /dev/null +++ b/man/login.defs.d/MAIL_DIR.xml @@ -0,0 +1,60 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>MAIL_DIR</option> (string)</term> + <listitem> + <para> + The mail spool directory. This is needed to manipulate the mailbox + when its corresponding user account is modified or deleted. If not + specified, a compile-time default is used. + </para> + </listitem> +</varlistentry><varlistentry> + <term><option>MAIL_FILE</option> (string)</term> + <listitem> + <para> + Defines the location of the users mail spool files relatively to + their home directory. + </para> + </listitem> +</varlistentry> +<!-- FIXME: MAIL_FILE not used in useradd --> +<para> + The <option>MAIL_DIR</option> and <option>MAIL_FILE</option> variables + are used by <command>useradd</command>, <command>usermod</command>, and + <command>userdel</command> to create, move, or delete the user's mail + spool. +</para> +<para condition="no_pam"> + If <option>MAIL_CHECK_ENAB</option> is set to + <replaceable>yes</replaceable>, they are also used to define the + <envar>MAIL</envar> environment variable. +</para> diff --git a/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml new file mode 100644 index 0000000..45975d9 --- /dev/null +++ b/man/login.defs.d/MAX_MEMBERS_PER_GROUP.xml @@ -0,0 +1,57 @@ +<!-- + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>MAX_MEMBERS_PER_GROUP</option> (number)</term> + <listitem> + <para> + Maximum members per group entry. When the maximum is reached, a new + group entry (line) is started in <filename>/etc/group</filename> + (with the same name, same password, and same GID). + </para> + <para> + The default value is 0, meaning that there are no limits in the + number of members in a group. + </para> + <!-- Note: on HP, split groups have the same ID, but different + names. --> + <para> + This feature (split group) permits to limit the length of lines in + the group file. This is useful to make sure that lines for NIS + groups are not larger than 1024 characters. + </para> + <para> + If you need to enforce such limit, you can use 25. + </para> + <para> + Note: split groups may not be supported by all tools (even in the + Shadow toolsuite). You should not use this variable unless you really + need it. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/MD5_CRYPT_ENAB.xml b/man/login.defs.d/MD5_CRYPT_ENAB.xml new file mode 100644 index 0000000..be9426e --- /dev/null +++ b/man/login.defs.d/MD5_CRYPT_ENAB.xml @@ -0,0 +1,60 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>MD5_CRYPT_ENAB</option> (boolean)</term> + <listitem> + <para> + Indicate if passwords must be encrypted using the MD5-based + algorithm. If set to <replaceable>yes</replaceable>, new passwords + will be encrypted using the MD5-based algorithm compatible with the + one used by recent releases of FreeBSD. It supports passwords of + unlimited length and longer salt strings. Set to + <replaceable>no</replaceable> if you need to copy encrypted + passwords to other systems which don't understand the new algorithm. + Default is <replaceable>no</replaceable>. + </para> + <para> + This variable is superseded by the <option>ENCRYPT_METHOD</option> + variable or by any command line option used to configure the + encryption algorithm. + </para> + <para> + This variable is deprecated. You should use + <option>ENCRYPT_METHOD</option>. + </para> + <para condition="pam"> + Note: This only affect the generation of group passwords. + The generation of user passwords is done by PAM and subject to the + PAM configuration. It is recommended to set this variable + consistently with the PAM configuration. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/MOTD_FILE.xml b/man/login.defs.d/MOTD_FILE.xml new file mode 100644 index 0000000..b472e71 --- /dev/null +++ b/man/login.defs.d/MOTD_FILE.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>MOTD_FILE</option> (string)</term> + <listitem> + <para> + If defined, ":" delimited list of "message of the day" files to be + displayed upon login. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/NOLOGINS_FILE.xml b/man/login.defs.d/NOLOGINS_FILE.xml new file mode 100644 index 0000000..fde79f5 --- /dev/null +++ b/man/login.defs.d/NOLOGINS_FILE.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>NOLOGINS_FILE</option> (string)</term> + <listitem> + <para> + If defined, name of file whose presence will inhibit non-root + logins. The contents of this file should be a message indicating + why logins are inhibited. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml new file mode 100644 index 0000000..5eb1d65 --- /dev/null +++ b/man/login.defs.d/OBSCURE_CHECKS_ENAB.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>OBSCURE_CHECKS_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable additional checks upon password changes. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_ALWAYS_WARN.xml b/man/login.defs.d/PASS_ALWAYS_WARN.xml new file mode 100644 index 0000000..8687488 --- /dev/null +++ b/man/login.defs.d/PASS_ALWAYS_WARN.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>PASS_ALWAYS_WARN</option> (boolean)</term> + <listitem> + <para> + Warn about weak passwords (but still allow them) if you are root. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_CHANGE_TRIES.xml b/man/login.defs.d/PASS_CHANGE_TRIES.xml new file mode 100644 index 0000000..f6f6d1d --- /dev/null +++ b/man/login.defs.d/PASS_CHANGE_TRIES.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>PASS_CHANGE_TRIES</option> (number)</term> + <listitem> + <para> + Maximum number of attempts to change password if rejected (too + easy). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_MAX_DAYS.xml b/man/login.defs.d/PASS_MAX_DAYS.xml new file mode 100644 index 0000000..7df51a2 --- /dev/null +++ b/man/login.defs.d/PASS_MAX_DAYS.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>PASS_MAX_DAYS</option> (number)</term> + <listitem> + <para> + The maximum number of days a password may be used. If the password + is older than this, a password change will be forced. If not + specified, -1 will be assumed (which disables the restriction). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_MAX_LEN.xml b/man/login.defs.d/PASS_MAX_LEN.xml new file mode 100644 index 0000000..2b9e024 --- /dev/null +++ b/man/login.defs.d/PASS_MAX_LEN.xml @@ -0,0 +1,43 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>PASS_MAX_LEN</option> (number)</term> + <term><option>PASS_MIN_LEN</option> (number)</term> + <listitem> + <para> + Number of significant characters in the password for crypt(). + <option>PASS_MAX_LEN</option> is 8 by default. Don't change unless + your crypt() is better. This is ignored if + <option>MD5_CRYPT_ENAB</option> set to + <replaceable>yes</replaceable>. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_MIN_DAYS.xml b/man/login.defs.d/PASS_MIN_DAYS.xml new file mode 100644 index 0000000..14f68eb --- /dev/null +++ b/man/login.defs.d/PASS_MIN_DAYS.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>PASS_MIN_DAYS</option> (number)</term> + <listitem> + <para> + The minimum number of days allowed between password changes. Any + password changes attempted sooner than this will be rejected. If not + specified, -1 will be assumed (which disables the restriction). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PASS_WARN_AGE.xml b/man/login.defs.d/PASS_WARN_AGE.xml new file mode 100644 index 0000000..fc03f1d --- /dev/null +++ b/man/login.defs.d/PASS_WARN_AGE.xml @@ -0,0 +1,41 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>PASS_WARN_AGE</option> (number)</term> + <listitem> + <para> + The number of days warning given before a password expires. A zero + means warning is given only upon the day of expiration, a negative + value means no warning is given. If not specified, no warning will + be provided. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml new file mode 100644 index 0000000..0ba7c3a --- /dev/null +++ b/man/login.defs.d/PORTTIME_CHECKS_ENAB.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>PORTTIME_CHECKS_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable checking of time restrictions specified in + <filename>/etc/porttime</filename>. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/QUOTAS_ENAB.xml b/man/login.defs.d/QUOTAS_ENAB.xml new file mode 100644 index 0000000..2a68b21 --- /dev/null +++ b/man/login.defs.d/QUOTAS_ENAB.xml @@ -0,0 +1,40 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2011, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>QUOTAS_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable setting of resource limits from + <filename>/etc/limits</filename> and ulimit, umask, and niceness + from the user's passwd gecos field. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml new file mode 100644 index 0000000..0755e69 --- /dev/null +++ b/man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml @@ -0,0 +1,69 @@ +<!-- + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="sha_crypt"> + <term><option>SHA_CRYPT_MIN_ROUNDS</option> (number)</term> + <term><option>SHA_CRYPT_MAX_ROUNDS</option> (number)</term> + <listitem> + <para> + When <option>ENCRYPT_METHOD</option> is set to + <replaceable>SHA256</replaceable> or + <replaceable>SHA512</replaceable>, this defines the number of SHA + rounds used by the encryption algorithm by default (when the number + of rounds is not specified on the command line). + </para> + <para> + With a lot of rounds, it is more difficult to brute forcing the + password. But note also that more CPU resources will be needed to + authenticate users. + </para> + <para> + If not specified, the libc will choose the default number of rounds + (5000). + </para> + <para> + The values must be inside the 1000-999,999,999 range. + </para> + <para> + If only one of the <option>SHA_CRYPT_MIN_ROUNDS</option> or + <option>SHA_CRYPT_MAX_ROUNDS</option> values is set, then this value + will be used. + </para> + <para> + If <option>SHA_CRYPT_MIN_ROUNDS</option> > + <option>SHA_CRYPT_MAX_ROUNDS</option>, the highest value will be + used. + </para> + <para condition="pam"> + Note: This only affect the generation of group passwords. + The generation of user passwords is done by PAM and subject to the + PAM configuration. It is recommended to set this variable + consistently with the PAM configuration. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SUB_GID_COUNT.xml b/man/login.defs.d/SUB_GID_COUNT.xml new file mode 100644 index 0000000..93fe742 --- /dev/null +++ b/man/login.defs.d/SUB_GID_COUNT.xml @@ -0,0 +1,48 @@ +<!-- + Copyright (c) 2013, Eric W. Biederman + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="subids"> + <term><option>SUB_GID_MIN</option> (number)</term> + <term><option>SUB_GID_MAX</option> (number)</term> + <term><option>SUB_GID_COUNT</option> (number)</term> + <listitem> + <para> + If <filename>/etc/subuid</filename> exists, the commands + <command>useradd</command> and <command>newusers</command> (unless + the user already have subordinate group IDs) allocate + <option>SUB_GID_COUNT</option> unused group IDs from the range + <option>SUB_GID_MIN</option> to <option>SUB_GID_MAX</option> for each + new user. + </para> + <para> + The default values for <option>SUB_GID_MIN</option>, + <option>SUB_GID_MAX</option>, <option>SUB_GID_COUNT</option> + are respectively 100000, 600100000 and 65536. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SUB_UID_COUNT.xml b/man/login.defs.d/SUB_UID_COUNT.xml new file mode 100644 index 0000000..516417b --- /dev/null +++ b/man/login.defs.d/SUB_UID_COUNT.xml @@ -0,0 +1,48 @@ +<!-- + Copyright (c) 2013, Eric W. Biederman + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="subids"> + <term><option>SUB_UID_MIN</option> (number)</term> + <term><option>SUB_UID_MAX</option> (number)</term> + <term><option>SUB_UID_COUNT</option> (number)</term> + <listitem> + <para> + If <filename>/etc/subuid</filename> exists, the commands + <command>useradd</command> and <command>newusers</command> (unless + the user already have subordinate user IDs) allocate + <option>SUB_UID_COUNT</option> unused user IDs from the range + <option>SUB_UID_MIN</option> to <option>SUB_UID_MAX</option> for each + new user. + </para> + <para> + The default values for <option>SUB_UID_MIN</option>, + <option>SUB_UID_MAX</option>, <option>SUB_UID_COUNT</option> + are respectively 100000, 600100000 and 65536. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SULOG_FILE.xml b/man/login.defs.d/SULOG_FILE.xml new file mode 100644 index 0000000..d5d07c8 --- /dev/null +++ b/man/login.defs.d/SULOG_FILE.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SULOG_FILE</option> (string)</term> + <listitem> + <para> + If defined, all su activity is logged to this file. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SU_NAME.xml b/man/login.defs.d/SU_NAME.xml new file mode 100644 index 0000000..0a9dfdb --- /dev/null +++ b/man/login.defs.d/SU_NAME.xml @@ -0,0 +1,41 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SU_NAME</option> (string)</term> + <listitem> + <para> + If defined, the command name to display when running "su -". For + example, if this is defined as "su" then a "ps" will display the + command is "-su". If not defined, then "ps" would display the name + of the shell actually being run, e.g. something like "-sh". + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SU_WHEEL_ONLY.xml b/man/login.defs.d/SU_WHEEL_ONLY.xml new file mode 100644 index 0000000..7b8e0bc --- /dev/null +++ b/man/login.defs.d/SU_WHEEL_ONLY.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<!-- TODO: TBC --> +<varlistentry condition="no_pam"> + <term><option>SU_WHEEL_ONLY</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, the user must be listed as a + member of the first gid 0 group in <filename>/etc/group</filename> + (called <replaceable>root</replaceable> on most Linux systems) to be + able to <command>su</command> to uid 0 accounts. If the group + doesn't exist or is empty, no one will be able to + <command>su</command> to uid 0. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SYSLOG_SG_ENAB.xml b/man/login.defs.d/SYSLOG_SG_ENAB.xml new file mode 100644 index 0000000..0705537 --- /dev/null +++ b/man/login.defs.d/SYSLOG_SG_ENAB.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SYSLOG_SG_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable "syslog" logging of <command>sg</command> activity. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SYSLOG_SU_ENAB.xml b/man/login.defs.d/SYSLOG_SU_ENAB.xml new file mode 100644 index 0000000..af94a23 --- /dev/null +++ b/man/login.defs.d/SYSLOG_SU_ENAB.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SYSLOG_SU_ENAB</option> (boolean)</term> + <listitem> + <para> + Enable "syslog" logging of <command>su</command> activity - in + addition to sulog file logging. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SYS_GID_MAX.xml b/man/login.defs.d/SYS_GID_MAX.xml new file mode 100644 index 0000000..4a9ed28 --- /dev/null +++ b/man/login.defs.d/SYS_GID_MAX.xml @@ -0,0 +1,43 @@ +<!-- + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SYS_GID_MAX</option> (number)</term> + <term><option>SYS_GID_MIN</option> (number)</term> + <listitem> + <para> + Range of group IDs used for the creation of system groups by + <command>useradd</command>, <command>groupadd</command>, or + <command>newusers</command>. + </para> + <para> + The default value for <option>SYS_GID_MIN</option> (resp. + <option>SYS_GID_MAX</option>) is 101 (resp. <option>GID_MIN</option>-1). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/SYS_UID_MAX.xml b/man/login.defs.d/SYS_UID_MAX.xml new file mode 100644 index 0000000..3ca6cee --- /dev/null +++ b/man/login.defs.d/SYS_UID_MAX.xml @@ -0,0 +1,42 @@ +<!-- + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>SYS_UID_MAX</option> (number)</term> + <term><option>SYS_UID_MIN</option> (number)</term> + <listitem> + <para> + Range of user IDs used for the creation of system users by + <command>useradd</command> or <command>newusers</command>. + </para> + <para> + The default value for <option>SYS_UID_MIN</option> (resp. + <option>SYS_UID_MAX</option>) is 101 (resp. <option>UID_MIN</option>-1). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/TCB_AUTH_GROUP.xml b/man/login.defs.d/TCB_AUTH_GROUP.xml new file mode 100644 index 0000000..f9c9f72 --- /dev/null +++ b/man/login.defs.d/TCB_AUTH_GROUP.xml @@ -0,0 +1,37 @@ +<!-- + Copyright (c) 2010, Pawel Hajdan + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="tcb"> + <term><option>TCB_AUTH_GROUP</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, newly created tcb shadow files + will be group owned by the <replaceable>auth</replaceable> group. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/TCB_SYMLINKS.xml b/man/login.defs.d/TCB_SYMLINKS.xml new file mode 100644 index 0000000..76b34fb --- /dev/null +++ b/man/login.defs.d/TCB_SYMLINKS.xml @@ -0,0 +1,53 @@ +<!-- + Copyright (c) 2010, Pawel Hajdan + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="tcb"> + <term><option>TCB_SYMLINKS</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, the location of the user tcb + directory to be created will not be automatically set to /etc/tcb/user, + but will be computed depending on the UID of the user, according to + the following algorithm: + <programlisting> +if ( UID is less than 1000) { + use /etc/tcb/user +} else if ( UID is less than 1000000) { + kilos = UID / 1000 + use /etc/tcb/:kilos/user + make symlink /etc/tcb/user to the above directory +} else { + megas = UID / 1000000 + kilos = ( UID / megas * 1000000 ) / 1000 + use /etc/tcb/:megas/:kilos/user + make symlink /etc/tcb/user to the above directory +} + </programlisting> + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/TTYGROUP.xml b/man/login.defs.d/TTYGROUP.xml new file mode 100644 index 0000000..474f31b --- /dev/null +++ b/man/login.defs.d/TTYGROUP.xml @@ -0,0 +1,56 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>TTYGROUP</option> (string)</term> + <term><option>TTYPERM</option> (string)</term> + <listitem> + <para> + The terminal permissions: the login tty will be owned by the + <option>TTYGROUP</option> group, and the permissions will be set to + <option>TTYPERM</option>. + </para> + <para> + By default, the ownership of the terminal is set to the user's + primary group and the permissions are set to + <replaceable>0600</replaceable>. + </para> + <para> + <option>TTYGROUP</option> can be either the name of a group or a + numeric group identifier. + </para> + <para> + If you have a <command>write</command> program which is "setgid" to + a special group which owns the terminals, define TTYGROUP to the + group number and TTYPERM to 0620. Otherwise leave TTYGROUP + commented out and assign TTYPERM to either 622 or 600. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/TTYTYPE_FILE.xml b/man/login.defs.d/TTYTYPE_FILE.xml new file mode 100644 index 0000000..f3e8509 --- /dev/null +++ b/man/login.defs.d/TTYTYPE_FILE.xml @@ -0,0 +1,39 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>TTYTYPE_FILE</option> (string)</term> + <listitem> + <para> + If defined, file which maps tty line to TERM environment parameter. + Each line of the file is in a format something like "vt100 tty01". + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/UID_MAX.xml b/man/login.defs.d/UID_MAX.xml new file mode 100644 index 0000000..77cf41f --- /dev/null +++ b/man/login.defs.d/UID_MAX.xml @@ -0,0 +1,44 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>UID_MAX</option> (number)</term> + <term><option>UID_MIN</option> (number)</term> + <listitem> + <para> + Range of user IDs used for the creation of regular users by + <command>useradd</command> or <command>newusers</command>. + </para> + <para> + The default value for <option>UID_MIN</option> (resp. + <option>UID_MAX</option>) is 1000 (resp. 60000). + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/ULIMIT.xml b/man/login.defs.d/ULIMIT.xml new file mode 100644 index 0000000..3cf4267 --- /dev/null +++ b/man/login.defs.d/ULIMIT.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="no_pam"> + <term><option>ULIMIT</option> (number)</term> + <listitem> + <para> + Default <command>ulimit</command> value. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/UMASK.xml b/man/login.defs.d/UMASK.xml new file mode 100644 index 0000000..0f061db --- /dev/null +++ b/man/login.defs.d/UMASK.xml @@ -0,0 +1,56 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>UMASK</option> (number)</term> + <listitem> + <para> + The file mode creation mask is initialized to this value. If not + specified, the mask will be initialized to 022. + </para> + <para> + <command>useradd</command> and <command>newusers</command> use this + mask to set the mode of the home directory they create if + <option>HOME_MODE</option> is not set. + </para> + <para condition="no_pam"> + It is also used by <command>login</command> to define users' initial + umask. Note that this mask can be overridden by the user's GECOS + line (if <option>QUOTAS_ENAB</option> is set) or by the + specification of a limit with the <emphasis>K</emphasis> identifier + in <citerefentry><refentrytitle>limits</refentrytitle> + <manvolnum>5</manvolnum></citerefentry>. + </para> + <para condition="pam"> + It is also used by <command>pam_umask</command> as the default umask + value. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/USERDEL_CMD.xml b/man/login.defs.d/USERDEL_CMD.xml new file mode 100644 index 0000000..40800b2 --- /dev/null +++ b/man/login.defs.d/USERDEL_CMD.xml @@ -0,0 +1,72 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 1996 - 2000, Marek Michałkiewicz + Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>USERDEL_CMD</option> (string)</term> + <listitem> + <para> + If defined, this command is run when removing a user. It should + remove any at/cron/print jobs etc. owned by the user to be removed + (passed as the first argument). + </para> + <para> + The return code of the script is not taken into account. + </para> + <para> + Here is an example script, which removes the user's + cron, at and print jobs: + <programlisting> +#! /bin/sh + +# Check for the required argument. +if [ $# != 1 ]; then + echo "Usage: $0 username" + exit 1 +fi + +# Remove cron jobs. +crontab -r -u $1 + +# Remove at jobs. +# Note that it will remove any jobs owned by the same UID, +# even if it was shared by a different username. +AT_SPOOL_DIR=/var/spool/cron/atjobs +find $AT_SPOOL_DIR -name "[^.]*" -type f -user $1 -delete \; + +# Remove print jobs. +lprm $1 + +# All done. +exit 0 + </programlisting> + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/USERGROUPS_ENAB.xml b/man/login.defs.d/USERGROUPS_ENAB.xml new file mode 100644 index 0000000..daa8892 --- /dev/null +++ b/man/login.defs.d/USERGROUPS_ENAB.xml @@ -0,0 +1,46 @@ +<!-- + Copyright (c) 1991 - 1993, Julianne Frances Haugh + Copyright (c) 1991 - 1993, Chip Rosenthal + Copyright (c) 2007 - 2008, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry> + <term><option>USERGROUPS_ENAB</option> (boolean)</term> + <listitem> + <para condition="no_pam"> + Enable setting of the umask group bits to be the same as owner bits + (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is + the same as gid, and username is the same as the primary group name. + </para> + <para> + If set to <replaceable>yes</replaceable>, <command>userdel</command> + will remove the user's group if it contains no more members, and + <command>useradd</command> will create by default a group with the + name of the user. + </para> + </listitem> +</varlistentry> diff --git a/man/login.defs.d/USE_TCB.xml b/man/login.defs.d/USE_TCB.xml new file mode 100644 index 0000000..6fbe4d9 --- /dev/null +++ b/man/login.defs.d/USE_TCB.xml @@ -0,0 +1,38 @@ +<!-- + Copyright (c) 2010, Pawel Hajdan + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. The name of the copyright holders or contributors may not be used to + endorse or promote products derived from this software without + specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +--> +<varlistentry condition="tcb"> + <term><option>USE_TCB</option> (boolean)</term> + <listitem> + <para> + If <replaceable>yes</replaceable>, the <citerefentry> + <refentrytitle>tcb</refentrytitle><manvolnum>5</manvolnum></citerefentry> + password shadowing scheme will be used. + </para> + </listitem> +</varlistentry> |