[Pkg-shadow-commits] r2867 - in upstream/trunk: . man

Nicolas FRANÇOIS nekral-guest at alioth.debian.org
Sat May 9 13:14:56 UTC 2009 

Author: nekral-guest
Date: 2009-05-09 13:14:56 +0000 (Sat, 09 May 2009)
New Revision: 2867

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/man/chpasswd.8.xml
Log:
	* man/chpasswd.8.xml: Describe how chpasswd in case of error.
	* man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
	* man/chpasswd.8.xml: Differentiate the files and configurations
	needed for PAM and non PAM versions.

Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2009-05-09 13:14:50 UTC (rev 2866)
+++ upstream/trunk/ChangeLog	2009-05-09 13:14:56 UTC (rev 2867)
@@ -1,5 +1,12 @@
 2009-05-07  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* man/chpasswd.8.xml: Describe how chpasswd in case of error.
+	* man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior.
+	* man/chpasswd.8.xml: Differentiate the files and configurations
+	needed for PAM and non PAM versions.
+
+2009-05-07  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* src/login.c: failcount does not need to be signed.
 
 2009-05-07  Nicolas François  <nicolas.francois at centraliens.net>

Modified: upstream/trunk/man/chpasswd.8.xml
===================================================================
--- upstream/trunk/man/chpasswd.8.xml	2009-05-09 13:14:50 UTC (rev 2866)
+++ upstream/trunk/man/chpasswd.8.xml	2009-05-09 13:14:56 UTC (rev 2867)
@@ -67,6 +67,7 @@
       <emphasis remap='I'>user_name</emphasis>:<emphasis
       remap='I'>password</emphasis>
     </para>
+    <refsect2 condition="no_pam">
     <para>
       By default the supplied password must be in clear-text, and is
       encrypted by <command>chpasswd</command>.
@@ -78,6 +79,26 @@
       and can be overwiten with the <option>-e</option>,
       <option>-m</option>, or <option>-c</option> options.
     </para>
+      <para>
+	<command>chpasswd</command> first update the password in memory,
+	and then commit all the changes to disk if no errors occured for
+	any users.
+      </para>
+    </refsect2>
+    <refsect2 condition="pam">
+      <para>
+	The supplied passwords must be in clear-text.
+      </para>
+      <para>
+	PAM is used to update the password in the system database
+	according to the PAM chpasswd configuration.
+      </para>
+      <para>
+	When <command>chpasswd</command> fails to update a password, it
+	continues updating the passwords of the next users, and will
+	return an error code on exit.
+      </para>
+    </refsect2>
     <para>
       This command is intended to be used in a large system environment
       where many accounts are created at a single time.
@@ -92,6 +113,14 @@
     </para>
     <variablelist remap='IP'>
       <varlistentry>
+	<term><option>-h</option>, <option>--help</option></term>
+	<listitem>
+	  <para>Display help message and exit.</para>
+	</listitem>
+      </varlistentry>
+    </variablelist>
+    <variablelist remap='IP' condition="no_pam">
+      <varlistentry>
 	<term><option>-c</option>, <option>--crypt-method</option></term>
 	<listitem>
 	  <para>Use the specified method to encrypt the passwords.</para>
@@ -111,12 +140,6 @@
 	</listitem>
       </varlistentry>
       <varlistentry>
-	<term><option>-h</option>, <option>--help</option></term>
-	<listitem>
-	  <para>Display help message and exit.</para>
-	</listitem>
-      </varlistentry>
-      <varlistentry>
 	<term><option>-m</option>, <option>--md5</option></term>
 	<listitem>
 	  <para>
@@ -159,15 +182,9 @@
       Remember to set permissions or umask to prevent readability of
       unencrypted files by other users.
     </para>
-    <para>
-      PAM is not used to update the passwords.
-      Only <filename>/etc/passwd</filename> and
-      <filename>/etc/shadow</filename> are updated, and the various checks
-      or options provided by PAM modules are not used.
-    </para>
   </refsect1>
 
-  <refsect1 id='configuration'>
+  <refsect1 id='configuration' condition="no_pam">
     <title>CONFIGURATION</title>
     <para>
       The following configuration variables in
@@ -184,24 +201,30 @@
   <refsect1 id='files'>
     <title>FILES</title>
     <variablelist>
-      <varlistentry>
+      <varlistentry condition="no_pam">
 	<term><filename>/etc/passwd</filename></term>
 	<listitem>
 	  <para>User account information.</para>
 	</listitem>
       </varlistentry>
-      <varlistentry>
+      <varlistentry condition="no_pam">
 	<term><filename>/etc/shadow</filename></term>
 	<listitem>
 	  <para>Secure user account information.</para>
 	</listitem>
       </varlistentry>
-      <varlistentry>
+      <varlistentry condition="no_pam">
 	<term><filename>/etc/login.defs</filename></term>
 	<listitem>
 	  <para>Shadow password suite configuration.</para>
 	</listitem>
       </varlistentry>
+      <varlistentry condition="pam">
+	<term><filename>/etc/pam.d/chpasswd</filename></term>
+	<listitem>
+	  <para>PAM configuration for <command>chpasswd</command>.</para>
+	</listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
 
@@ -214,11 +237,11 @@
       <citerefentry>
 	<refentrytitle>newusers</refentrytitle><manvolnum>8</manvolnum>
       </citerefentry>,
+      <citerefentry condition="no_pam">
+	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
+      </citerefentry>,
       <citerefentry>
 	<refentrytitle>useradd</refentrytitle><manvolnum>8</manvolnum>
-      </citerefentry>,
-      <citerefentry>
-	<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
       </citerefentry>.
     </para>
   </refsect1>

More information about the Pkg-shadow-commits mailing list