d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d143a3d971
freebsd-dev/lib/libpam/modules
History
Yaroslav Tykhiy 9cd40e64b4 Now pam_nologin(8) will provide an account management function 
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
2007-06-10 18:57:20 +00:00
..
pam_chroot Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_deny Use appropriate error codes for each facility instead of just PAM_AUTH_ERR. 2005-06-10 06:16:13 +00:00
pam_echo Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_exec childerr needs to be volatile so gcc won't optimize it away. 2006-11-10 23:33:25 +00:00
pam_ftpusers Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_group Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_guest Markup nits. 2004-07-05 06:39:03 +00:00
pam_krb5 Missed one piece of the cluster's quirk. Need to override WARNS because 2005-07-08 14:53:45 +00:00
pam_ksu Join the 21st century: Cryptography is no longer an optional component 2004-08-06 07:27:08 +00:00
pam_lastlog Additional debugging stuff I had in my tree. 2006-08-11 17:03:33 +00:00
pam_login_access Re-add support for NIS netgroups (heavily modified from patch in PR) 2007-05-25 07:50:18 +00:00
pam_nologin Now pam_nologin(8) will provide an account management function 2007-06-10 18:57:20 +00:00
pam_opie Reject user with names that are longer than OPIE is willing to deal with; 2006-09-15 13:42:38 +00:00
pam_opieaccess Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_passwdqc Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_permit style.Makefile(5) police 2003-03-09 20:06:38 +00:00
pam_radius Send not only Access Request, but also Access Challenge with defined 2007-01-20 08:52:04 +00:00
pam_rhosts Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_rootok style.Makefile(5) police 2003-03-09 20:06:38 +00:00
pam_securetty Fix numerous constness and aliasing issues. 2004-02-10 10:13:21 +00:00
pam_self Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_ssh Fix build. 2006-09-30 20:33:42 +00:00
pam_tacplus Mechanically kill hard sentence breaks. 2004-07-02 23:52:20 +00:00
pam_unix In account management, verify whether the account has been locked 2007-03-27 09:59:15 +00:00
Makefile style.Makefile(5) police 2003-03-09 20:06:38 +00:00
Makefile.inc Fix build until I find a way to handle this case properly. 2006-03-19 08:52:49 +00:00
modules.inc Reimplementation of world/kernel build options. For details, see: 2006-03-17 18:54:44 +00:00