Adding upstream version 1.5.2.upstream/1.5.2upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

2 files changed, 546 insertions, 0 deletions

diff --git a/modules/pam_stress/pam_stress.8 b/modules/pam_stress/pam_stress.8
new file mode 100644
index 0000000..2fdb939
--- /dev/null
+++ b/modules/pam_stress/pam_stress.8
@@ -0,0 +1,190 @@
+'\" t
+.\"     Title: pam_stress
+.\"    Author: [see the "AUTHORS" section]
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\"      Date: 09/03/2021
+.\"    Manual: Linux-PAM Manual
+.\"    Source: Linux-PAM Manual
+.\"  Language: English
+.\"
+.TH "PAM_STRESS" "8" "09/03/2021" "Linux-PAM Manual" "Linux-PAM Manual"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el       .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+pam_stress \- The stress\-testing PAM module
+.SH "SYNOPSIS"
+.HP \w'\fBpam_stress\&.so\fR\ 'u
+\fBpam_stress\&.so\fR [debug] [no_warn] [use_first_pass] [try_first_pass] [rootok] [expired] [fail_1] [fail_2] [prelim] [required]
+.SH "DESCRIPTION"
+.PP
+The pam_stress PAM module is mainly intended to give the impression of failing as a fully functioning module might\&.
+.SH "OPTIONS"
+.PP
+\fBdebug\fR
+.RS 4
+Put lots of information in syslog\&. *NOTE* this option writes passwords to syslog, so don\*(Aqt use anything sensitive when testing\&.
+.RE
+.PP
+\fBno_warn\fR
+.RS 4
+Do not give warnings about things (otherwise warnings are issued via the conversation function)
+.RE
+.PP
+\fBuse_first_pass\fR
+.RS 4
+Do not prompt for a password, for pam_sm_authentication function just use item PAM_AUTHTOK\&.
+.RE
+.PP
+\fBtry_first_pass\fR
+.RS 4
+Do not prompt for a password unless there has been no previous authentication token (item PAM_AUTHTOK is NULL)
+.RE
+.PP
+\fBrootok\fR
+.RS 4
+This is intended for the pam_sm_chauthtok function and it instructs this function to permit root to change the user\*(Aqs password without entering the old password\&.
+.RE
+.PP
+\fBexpired\fR
+.RS 4
+An argument intended for the account and chauthtok module parts\&. It instructs the module to act as if the user\*(Aqs password has expired
+.RE
+.PP
+\fBfail_1\fR
+.RS 4
+This instructs the module to make its first function fail\&.
+.RE
+.PP
+\fBfail_2\fR
+.RS 4
+This instructs the module to make its second function (if there is one) fail\&.
+.RE
+.PP
+\fBprelim\fR
+.RS 4
+For pam_sm_chauthtok, means fail on PAM_PRELIM_CHECK\&.
+.RE
+.PP
+\fBrequired\fR
+.RS 4
+For pam_sm_chauthtok, means fail if the user hasn\*(Aqt already been authenticated by this module\&. (See stress_new_pwd data string in the NOTES\&.)
+.RE
+.SH "MODULE TYPES PROVIDED"
+.PP
+All module types (\fBauth\fR,
+\fBaccount\fR,
+\fBpassword\fR
+and
+\fBsession\fR) are provided\&.
+.SH "RETURN VALUES"
+.PP
+PAM_BUF_ERR
+.RS 4
+Memory buffer error\&.
+.RE
+.PP
+PAM_PERM_DENIED
+.RS 4
+Permission denied\&.
+.RE
+.PP
+PAM_AUTH_ERR
+.RS 4
+Access to the system was denied\&.
+.RE
+.PP
+PAM_CONV_ERR
+.RS 4
+Conversation failure\&.
+.RE
+.PP
+PAM_SUCCESS
+.RS 4
+The function passes all checks\&.
+.RE
+.PP
+PAM_USER_UNKNOWN
+.RS 4
+The user is not known to the system\&.
+.RE
+.PP
+PAM_CRED_ERR
+.RS 4
+Failure involving user credentials\&.
+.RE
+.PP
+PAM_NEW_AUTHTOK_REQD
+.RS 4
+Authentication token is no longer valid; new one required\&.
+.RE
+.PP
+PAM_SESSION_ERR
+.RS 4
+Session failure\&.
+.RE
+.PP
+PAM_TRY_AGAIN
+.RS 4
+Failed preliminary check by service\&.
+.RE
+.PP
+PAM_AUTHTOK_LOCK_BUSY
+.RS 4
+Authentication token lock busy\&.
+.RE
+.PP
+PAM_AUTHTOK_ERR
+.RS 4
+Authentication token manipulation error\&.
+.RE
+.PP
+PAM_SYSTEM_ERR
+.RS 4
+System error\&.
+.RE
+.SH "NOTES"
+.PP
+This module uses the stress_new_pwd data string which tells pam_sm_chauthtok that pam_sm_acct_mgmt says we need a new password\&. The only possible value for this data string is \*(Aqyes\*(Aq\&.
+.SH "EXAMPLES"
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+#%PAM\-1\&.0
+#
+# Any of the following will suffice
+account  required pam_stress\&.so
+auth     required pam_stress\&.so
+password required pam_stress\&.so
+session  required pam_stress\&.so
+    
+.fi
+.if n \{\
+.RE
+.\}
+.SH "SEE ALSO"
+.PP
+\fBpam.conf\fR(5),
+\fBpam.d\fR(5),
+\fBpam\fR(8)\&.
+.SH "AUTHORS"
+.PP
+The pam_stress PAM module was developed by Andrew Morgan <morgan@linux\&.kernel\&.org>\&. The man page for pam_stress was written by Lucas Ramage <ramage\&.lucas@protonmail\&.com>\&.
diff --git a/modules/pam_stress/pam_stress.8.xml b/modules/pam_stress/pam_stress.8.xml
new file mode 100644
index 0000000..98888b1
--- /dev/null
+++ b/modules/pam_stress/pam_stress.8.xml
@@ -0,0 +1,356 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
+                   "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
+
+<refentry id='pam_stress'>
+
+  <refmeta>
+    <refentrytitle>pam_stress</refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo>
+  </refmeta>
+
+  <refnamediv id='pam_stress-name'>
+    <refname>pam_stress</refname>
+    <refpurpose>The stress-testing PAM module</refpurpose>
+  </refnamediv>
+
+<!-- body begins here -->
+
+  <refsynopsisdiv>
+    <cmdsynopsis id="pam_stress-cmdsynopsis">
+      <command>pam_stress.so</command>
+      <arg choice="opt">
+        debug
+      </arg>
+      <arg choice="opt">
+        no_warn
+      </arg>
+      <arg choice="opt">
+        use_first_pass
+      </arg>
+      <arg choice="opt">
+        try_first_pass
+      </arg>
+      <arg choice="opt">
+        rootok
+      </arg>
+      <arg choice="opt">
+        expired
+      </arg>
+      <arg choice="opt">
+        fail_1
+      </arg>
+      <arg choice="opt">
+        fail_2
+      </arg>
+      <arg choice="opt">
+        prelim
+      </arg>
+      <arg choice="opt">
+        required
+      </arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1 id="pam_stress-description">
+    <title>DESCRIPTION</title>
+    <para>
+      The pam_stress PAM module is mainly intended to give the impression of failing as a fully
+functioning module might.
+    </para>
+  </refsect1>
+
+  <refsect1 id="pam_stress-options">
+    <title>OPTIONS</title>
+    <variablelist>
+
+      <varlistentry>
+        <term>
+          <option>debug</option>
+        </term>
+        <listitem>
+          <para>
+            Put lots of information in syslog.
+            *NOTE* this option writes passwords to syslog, so don't use anything sensitive when testing.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>no_warn</option>
+        </term>
+        <listitem>
+          <para>
+            Do not give warnings about things (otherwise warnings are issued
+            via the conversation function)
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>use_first_pass</option>
+        </term>
+        <listitem>
+          <para>
+            Do not prompt for a password, for pam_sm_authentication
+            function just use item PAM_AUTHTOK.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>try_first_pass</option>
+        </term>
+        <listitem>
+          <para>
+            Do not prompt for a password unless there has been no
+            previous authentication token (item PAM_AUTHTOK is NULL)
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>rootok</option>
+        </term>
+        <listitem>
+          <para>
+            This is intended for the pam_sm_chauthtok function and
+            it instructs this function to permit root to change
+            the user's password without entering the old password.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>expired</option>
+        </term>
+        <listitem>
+          <para>
+            An argument intended for the account and chauthtok module
+            parts. It instructs the module to act as if the user's
+            password has expired
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>fail_1</option>
+        </term>
+        <listitem>
+          <para>
+            This instructs the module to make its first function fail.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>fail_2</option>
+        </term>
+        <listitem>
+          <para>
+            This instructs the module to make its second function (if there
+            is one) fail.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>prelim</option>
+        </term>
+        <listitem>
+          <para>
+            For pam_sm_chauthtok, means fail on PAM_PRELIM_CHECK.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>
+          <option>required</option>
+        </term>
+        <listitem>
+          <para>
+            For pam_sm_chauthtok, means fail if the user hasn't already
+            been authenticated by this module. (See stress_new_pwd data
+            string in the NOTES.)
+          </para>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id="pam_stress-types">
+    <title>MODULE TYPES PROVIDED</title>
+    <para>
+      All module types (<option>auth</option>, <option>account</option>,
+      <option>password</option> and <option>session</option>) are provided.
+    </para>
+  </refsect1>
+
+  <refsect1 id="pam_stress-return_values">
+    <title>RETURN VALUES</title>
+    <variablelist>
+      <varlistentry>
+        <term>PAM_BUF_ERR</term>
+        <listitem>
+           <para>
+             Memory buffer error.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_PERM_DENIED</term>
+        <listitem>
+           <para>
+             Permission denied.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_AUTH_ERR</term>
+        <listitem>
+           <para>
+             Access to the system was denied.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_CONV_ERR</term>
+        <listitem>
+           <para>
+             Conversation failure.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_SUCCESS</term>
+        <listitem>
+           <para>
+             The function passes all checks.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_USER_UNKNOWN</term>
+        <listitem>
+           <para>
+             The user is not known to the system.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_CRED_ERR</term>
+        <listitem>
+           <para>
+             Failure involving user credentials.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_NEW_AUTHTOK_REQD</term>
+        <listitem>
+           <para>
+             Authentication token is no longer valid; new one required.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_SESSION_ERR</term>
+        <listitem>
+           <para>
+             Session failure.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_TRY_AGAIN</term>
+        <listitem>
+           <para>
+             Failed preliminary check by service.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_AUTHTOK_LOCK_BUSY</term>
+        <listitem>
+           <para>
+             Authentication token lock busy.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_AUTHTOK_ERR</term>
+        <listitem>
+           <para>
+             Authentication token manipulation error.
+          </para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term>PAM_SYSTEM_ERR</term>
+        <listitem>
+           <para>
+             System error.
+          </para>
+        </listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1 id='pam_stress-notes'>
+    <title>NOTES</title>
+    <para>
+      This module uses the stress_new_pwd data string which tells
+      pam_sm_chauthtok that pam_sm_acct_mgmt says we need a new password.
+      The only possible value for this data string is 'yes'.
+    </para>
+  </refsect1>
+
+  <refsect1 id='pam_stress-examples'>
+    <title>EXAMPLES</title>
+    <programlisting>
+#%PAM-1.0
+#
+# Any of the following will suffice
+account  required pam_stress.so
+auth     required pam_stress.so
+password required pam_stress.so
+session  required pam_stress.so
+    </programlisting>
+  </refsect1>
+
+  <refsect1 id="pam_stress-see_also">
+    <title>SEE ALSO</title>
+    <para>
+      <citerefentry>
+        <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+        <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+        <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>.
+    </para>
+  </refsect1>
+
+  <refsect1 id="pam_stress-authors">
+    <title>AUTHORS</title>
+    <para>
+      The pam_stress PAM module was developed by
+      Andrew Morgan &lt;morgan@linux.kernel.org&gt;.
+      The man page for pam_stress was written by
+      Lucas Ramage &lt;ramage.lucas@protonmail.com&gt;.
+    </para>
+  </refsect1>
+</refentry>