From 9ada0093e92388590c7368600ca4e9e3e376f0d0 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 16:22:51 +0200 Subject: Adding upstream version 1.5.2. Signed-off-by: Daniel Baumann --- modules/pam_userdb/pam_userdb.8.xml | 294 ++++++++++++++++++++++++++++++++++++ 1 file changed, 294 insertions(+) create mode 100644 modules/pam_userdb/pam_userdb.8.xml (limited to 'modules/pam_userdb/pam_userdb.8.xml') diff --git a/modules/pam_userdb/pam_userdb.8.xml b/modules/pam_userdb/pam_userdb.8.xml new file mode 100644 index 0000000..bce9285 --- /dev/null +++ b/modules/pam_userdb/pam_userdb.8.xml @@ -0,0 +1,294 @@ + + + + + + + pam_userdb + 8 + Linux-PAM Manual + + + + pam_userdb + PAM module to authenticate against a db database + + + + + pam_userdb.so + + db=/path/database + + + debug + + + crypt=[crypt|none] + + + icase + + + dump + + + try_first_pass + + + use_first_pass + + + unknown_ok + + + key_only + + + + + + + DESCRIPTION + + + The pam_userdb module is used to verify a username/password pair + against values stored in a Berkeley DB database. The database is + indexed by the username, and the data fields corresponding to the + username keys are the passwords. + + + + + + OPTIONS + + + + + + + + Indicates whether encrypted or plaintext passwords are stored + in the database. If it is , passwords + should be stored in the database in + + crypt3 + form. If is selected, + passwords should be stored in the database as plaintext. + + + + + + + + + + Use the /path/database database for + performing lookup. There is no default; the module will + return PAM_IGNORE if no + database is provided. Note that the path to the database file + should be specified without the .db suffix. + + + + + + + + + + Print debug information. Note that password hashes, both from db + and computed, will be printed to syslog. + + + + + + + + + + Dump all the entries in the database to the log. + Don't do this by default! + + + + + + + + + + Make the password verification to be case insensitive + (ie when working with registration numbers and such). + Only works with plaintext password storage. + + + + + + + + + + + Use the authentication token previously obtained by + another module that did the conversation with the + application. If this token can not be obtained then + the module will try to converse. This option can + be used for stacking different modules that need to + deal with the authentication tokens. + + + + + + + + + + Use the authentication token previously obtained by + another module that did the conversation with the + application. If this token can not be obtained then + the module will fail. This option can be used for + stacking different modules that need to deal with + the authentication tokens. + + + + + + + + + + Do not return error when checking for a user that is + not in the database. This can be used to stack more + than one pam_userdb module that will check a + username/password pair in more than a database. + + + + + + + + + + The username and password are concatenated together + in the database hash as 'username-password' with a + random value. if the concatenation of the username and + password with a dash in the middle returns any result, + the user is valid. this is useful in cases where + the username may not be unique but the username and + password pair are. + + + + + + + + MODULE TYPES PROVIDED + + The and module + types are provided. + + + + + RETURN VALUES + + + PAM_AUTH_ERR + + Authentication failure. + + + + PAM_AUTHTOK_RECOVERY_ERR + + + Authentication information cannot be recovered. + + + + + PAM_BUF_ERR + + + Memory buffer error. + + + + + PAM_CONV_ERR + + + Conversation failure. + + + + + PAM_SERVICE_ERR + + + Error in service module. + + + + + PAM_SUCCESS + + + Success. + + + + + PAM_USER_UNKNOWN + + + User not known to the underlying authentication module. + + + + + + + + EXAMPLES + +auth sufficient pam_userdb.so icase db=/etc/dbtest + + + + + SEE ALSO + + + crypt3 + , + + pam.conf5 + , + + pam.d5 + , + + pam8 + + + + + + AUTHOR + + pam_userdb was written by Cristian Gafton >gafton@redhat.com<. + + + + -- cgit v1.2.3