Minor mdoc style fixes.

This commit is contained in:
Mike Pritchard 1997-01-09 07:12:09 +00:00
parent 9d16a728b6
commit 32e43d391c
3 changed files with 82 additions and 50 deletions

View File

@ -17,7 +17,7 @@
.\" 5. Modifications may be freely made to this file providing the above
.\" conditions are met.
.\"
.\" $Id: login.conf.5,v 1.2 1997/01/07 14:29:50 davidn Exp $
.\" $Id: login.conf.5,v 1.3 1997/01/08 06:51:32 mpp Exp $
.\"
.Dd November 22, 1996
.Dt LOGIN.CONF 5
@ -233,9 +233,9 @@ To pass these characters literally into the environment variable, escape
the character by preceding it with a backslash '\\'.
.Pp
The
.Ar host.allow
.Em host.allow
and
.Ar host.deny
.Em host.deny
entries are comma separated lists used for checking remote access to the system,
and consist of a list of hostnames and/or IP addresses against which remote
network logins are checked.
@ -253,9 +253,9 @@ If host.deny contains one or more hosts, then a login from any matching hosts
will be disallowed.
.Pp
The
.Ar times.allow
.Em times.allow
and
.Ar times.deny
.Em times.deny
entries consist of a comma-separated list of time periods during which the users
in a class are allowed to be logged in.
These are expressed as one or more day codes followed by a start and end times
@ -265,13 +265,13 @@ the hours of 2 am and 1 p.m..
If both of these time lists are empty, users in the class are allowed access at
any time.
If
.Ar times.allow
.Em times.allow
is specified, then logins are only allowed during the periods given.
If
.Ar times.deny
.Em times.deny
is specified, then logins are denied during the periods given, regardless of whether
one of the periods specified in
.Ar times.allow
.Em times.allow
applies.
.Pp
Note that
@ -281,9 +281,9 @@ Further enforcement over the life of a session requires a separate daemon to
monitor transitions from an allowed period to a non-allowed one.
.Pp
The
.Ar tty.allow
.Em tty.allow
and
.Ar tty.deny
.Em tty.deny
entries contain a comma-separated list of tty devices (without the /dev/ prefix)
that a user in a class may use to access the system, and/or a list of ttygroups
(See
@ -294,11 +294,11 @@ for information on ttygroups).
If neither entry exists, then the choice of login device used by the user is
unrestricted.
If only
.Ar tty.allow
.Em tty.allow
is specified, then the user is restricted only to ttys in the given
group or device list.
If only
.Ar tty.deny
.Em tty.deny
is specified, then the user is prevented from using the specified devices or
devices in the group.
If both lists are given and are non-empty, the user is restricted to those
@ -341,21 +341,24 @@ These fields are used by the time accounting system, which regulates,
controls and records user login access.
.Pp
The
.Ar ttys.accounted
.Em ttys.accounted
and
.Ar ttys.exempt
fields operate in a similar manner to ttys.allow and ttys.deny as explained
.Em ttys.exempt
fields operate in a similar manner to
.Em ttys.allow
and
.Em ttys.deny
as explained
above.
Similarly with the
.Ar host.accounted
.Em host.accounted
and
.Ar host.exempt
.Em host.exempt
lists.
.Sh SEE ALSO
.Xr login 1
.Xr getcap 3 ,
.Xr getttyent 3 ,
.Xr login_cap 3 ,
.Xr login_class 3 ,
.Xr getttyent 3 ,
.Xr ttys 5 ,
.Xr login 1
.Xr ttys 5

View File

@ -17,7 +17,7 @@
.\" 5. Modifications may be freely made to this file providing the above
.\" conditions are met.
.\"
.\" $Id$
.\" $Id: login_ok.3,v 1.1 1997/01/04 16:50:07 davidn Exp $
.\"
.Dd January 2, 1997
.Os FreeBSD
@ -44,11 +44,19 @@ class capability entries in the login database,
.Pp
.Fn auth_ttyok
checks to see if the named tty is available to users of a specific
class, and is either in the "ttys.allow" access list, and not in
the "ttys.deny" access list.
An empty "ttys.allowed" list (or if no such capability exists for
class, and is either in the
.Em ttys.allow
access list, and not in
the
.Em ttys.deny
access list.
An empty
.Em ttys.allow
list (or if no such capability exists for
the give login class) logins via any tty device are allowed unless
the "ttys.deny" list exists and is non-empty, and the device or its
the
.Em ttys.deny
list exists and is non-empty, and the device or its
tty group (see
.Xr ttys 5 )
is not in the list.
@ -57,14 +65,19 @@ name, a device name which includes a wildcard (e.g. ttyD* or cuaD*),
or may name a ttygroup, when group=<name> tags have been assigned in
.Pa /etc/ttys .
Matching of ttys and ttygroups is case sensitive.
Passing a NULL or empty string as the
Passing a
.Dv NULL
or empty string as the
.Ar tty
parameter causes the function to return a non-zero value.
.Pp
.Fn auth_hostok
checks for any host restrictions for remote logins.
The function checks on both a host name and IP address (given in its
text form, typically n.n.n.n) against the "host.allow" and "host.deny"
text form, typically n.n.n.n) against the
.Em host.allow
and
.Em host.deny
login class capabilities.
As with ttys and their groups, wildcards and character classes may be
used in the host allow and deny capability records.
@ -78,32 +91,48 @@ is in its canonical form.
No hostname or address lookups are attempted.
.Pp
It is possible to call this function with either the hostname or
the IP address missing (i.e. NULL) and matching will be performed
the IP address missing (i.e.
.Dv NULL )
and matching will be performed
only on the basis of the parameter given.
Passing NULL or empty strings in both parameters will result in
Passing
.Dv NULL
or empty strings in both parameters will result in
a non-zero return value.
.Pp
The
.Fn auth_timeok
function checks to see that a given time value is within the
"times.allow" login class capability and not within the
"times.deny" access lists.
An empty or non-existent "times.allow" list allows access at any
.Em times.allow
login class capability and not within the
.Em times.deny
access lists.
An empty or non-existent
.Em times.allow
list allows access at any
time, except if a given time is falls within a period in the
"times.deny" list.
The format of time period records contained in both "times.allow"
and "times.deny" capability fields is explained in detail in the
.Em times.deny
list.
The format of time period records contained in both
.Em times.allow
and
.Em times.deny
capability fields is explained in detail in the
.Xr login_times 3
manual page.
.Sh RETURN VALUES
A non-zero return value from any of these functions indicates that
login access is granted.
A zero return value means either that the item being tested is not
in the "allow" access list, or is within the "deny" access list.
in the
.Em allow
access list, or is within the
.Em deny
access list.
.Sh SEE ALSO
.Xr login.conf 5 ,
.Xr getcap 3 ,
.Xr login_cap 3 ,
.Xr login_class 3 ,
.Xr login_times 3 ,
.Xr termcap 5 ,
.Xr getcap 3
.Xr login.conf 5 ,
.Xr termcap 5

View File

@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $Id: pty.3,v 1.2 1996/12/30 21:08:44 mpp Exp $
.\" $Id: pty.3,v 1.3 1997/01/01 03:29:33 alex Exp $
.\" "
.Dd December 29, 1996
.Os
@ -62,7 +62,7 @@ invalidate any current use of the line by calling
.Xr revoke 2 .
.Pp
If the argument
.Ar name
.Fa name
is not
.Dv NULL ,
.Fn openpty
@ -70,9 +70,9 @@ copies the pathname of the slave pty to this area. The caller is
responsible for allocating the required space in this array.
.Pp
If the arguments
.Ar termp
.Fa termp
or
.Ar winp
.Fa winp
are not
.Dv NULL ,
.Fn openpty
@ -81,9 +81,9 @@ these arguments point to, respectively.
.Pp
Upon return, the open file descriptors for the master and slave side
of the pty are returned in the locations pointed to by
.Ar amaster
.Fa amaster
and
.Ar aslave ,
.Fa aslave ,
respectively.
.Pp
.Fn Forkpty
@ -95,11 +95,11 @@ for the master side of the pty, and calls
.Xr login_tty 3
for the slave pty. In the parent process, it closes the descriptor for the
slave side of the pty. The arguments
.Ar amaster ,
.Ar name ,
.Ar termp ,
.Fa amaster ,
.Fa name ,
.Fa termp ,
and
.Ar winp
.Fa winp
have the same meaning as described for
.Fn openpty .
.Sh RETURN VALUES