Minor mdoc style fixes.
This commit is contained in:
parent
9d16a728b6
commit
32e43d391c
@ -17,7 +17,7 @@
|
||||
.\" 5. Modifications may be freely made to this file providing the above
|
||||
.\" conditions are met.
|
||||
.\"
|
||||
.\" $Id: login.conf.5,v 1.2 1997/01/07 14:29:50 davidn Exp $
|
||||
.\" $Id: login.conf.5,v 1.3 1997/01/08 06:51:32 mpp Exp $
|
||||
.\"
|
||||
.Dd November 22, 1996
|
||||
.Dt LOGIN.CONF 5
|
||||
@ -233,9 +233,9 @@ To pass these characters literally into the environment variable, escape
|
||||
the character by preceding it with a backslash '\\'.
|
||||
.Pp
|
||||
The
|
||||
.Ar host.allow
|
||||
.Em host.allow
|
||||
and
|
||||
.Ar host.deny
|
||||
.Em host.deny
|
||||
entries are comma separated lists used for checking remote access to the system,
|
||||
and consist of a list of hostnames and/or IP addresses against which remote
|
||||
network logins are checked.
|
||||
@ -253,9 +253,9 @@ If host.deny contains one or more hosts, then a login from any matching hosts
|
||||
will be disallowed.
|
||||
.Pp
|
||||
The
|
||||
.Ar times.allow
|
||||
.Em times.allow
|
||||
and
|
||||
.Ar times.deny
|
||||
.Em times.deny
|
||||
entries consist of a comma-separated list of time periods during which the users
|
||||
in a class are allowed to be logged in.
|
||||
These are expressed as one or more day codes followed by a start and end times
|
||||
@ -265,13 +265,13 @@ the hours of 2 am and 1 p.m..
|
||||
If both of these time lists are empty, users in the class are allowed access at
|
||||
any time.
|
||||
If
|
||||
.Ar times.allow
|
||||
.Em times.allow
|
||||
is specified, then logins are only allowed during the periods given.
|
||||
If
|
||||
.Ar times.deny
|
||||
.Em times.deny
|
||||
is specified, then logins are denied during the periods given, regardless of whether
|
||||
one of the periods specified in
|
||||
.Ar times.allow
|
||||
.Em times.allow
|
||||
applies.
|
||||
.Pp
|
||||
Note that
|
||||
@ -281,9 +281,9 @@ Further enforcement over the life of a session requires a separate daemon to
|
||||
monitor transitions from an allowed period to a non-allowed one.
|
||||
.Pp
|
||||
The
|
||||
.Ar tty.allow
|
||||
.Em tty.allow
|
||||
and
|
||||
.Ar tty.deny
|
||||
.Em tty.deny
|
||||
entries contain a comma-separated list of tty devices (without the /dev/ prefix)
|
||||
that a user in a class may use to access the system, and/or a list of ttygroups
|
||||
(See
|
||||
@ -294,11 +294,11 @@ for information on ttygroups).
|
||||
If neither entry exists, then the choice of login device used by the user is
|
||||
unrestricted.
|
||||
If only
|
||||
.Ar tty.allow
|
||||
.Em tty.allow
|
||||
is specified, then the user is restricted only to ttys in the given
|
||||
group or device list.
|
||||
If only
|
||||
.Ar tty.deny
|
||||
.Em tty.deny
|
||||
is specified, then the user is prevented from using the specified devices or
|
||||
devices in the group.
|
||||
If both lists are given and are non-empty, the user is restricted to those
|
||||
@ -341,21 +341,24 @@ These fields are used by the time accounting system, which regulates,
|
||||
controls and records user login access.
|
||||
.Pp
|
||||
The
|
||||
.Ar ttys.accounted
|
||||
.Em ttys.accounted
|
||||
and
|
||||
.Ar ttys.exempt
|
||||
fields operate in a similar manner to ttys.allow and ttys.deny as explained
|
||||
.Em ttys.exempt
|
||||
fields operate in a similar manner to
|
||||
.Em ttys.allow
|
||||
and
|
||||
.Em ttys.deny
|
||||
as explained
|
||||
above.
|
||||
Similarly with the
|
||||
.Ar host.accounted
|
||||
.Em host.accounted
|
||||
and
|
||||
.Ar host.exempt
|
||||
.Em host.exempt
|
||||
lists.
|
||||
.Sh SEE ALSO
|
||||
.Xr login 1
|
||||
.Xr getcap 3 ,
|
||||
.Xr getttyent 3 ,
|
||||
.Xr login_cap 3 ,
|
||||
.Xr login_class 3 ,
|
||||
.Xr getttyent 3 ,
|
||||
.Xr ttys 5 ,
|
||||
.Xr login 1
|
||||
|
||||
.Xr ttys 5
|
||||
|
@ -17,7 +17,7 @@
|
||||
.\" 5. Modifications may be freely made to this file providing the above
|
||||
.\" conditions are met.
|
||||
.\"
|
||||
.\" $Id$
|
||||
.\" $Id: login_ok.3,v 1.1 1997/01/04 16:50:07 davidn Exp $
|
||||
.\"
|
||||
.Dd January 2, 1997
|
||||
.Os FreeBSD
|
||||
@ -44,11 +44,19 @@ class capability entries in the login database,
|
||||
.Pp
|
||||
.Fn auth_ttyok
|
||||
checks to see if the named tty is available to users of a specific
|
||||
class, and is either in the "ttys.allow" access list, and not in
|
||||
the "ttys.deny" access list.
|
||||
An empty "ttys.allowed" list (or if no such capability exists for
|
||||
class, and is either in the
|
||||
.Em ttys.allow
|
||||
access list, and not in
|
||||
the
|
||||
.Em ttys.deny
|
||||
access list.
|
||||
An empty
|
||||
.Em ttys.allow
|
||||
list (or if no such capability exists for
|
||||
the give login class) logins via any tty device are allowed unless
|
||||
the "ttys.deny" list exists and is non-empty, and the device or its
|
||||
the
|
||||
.Em ttys.deny
|
||||
list exists and is non-empty, and the device or its
|
||||
tty group (see
|
||||
.Xr ttys 5 )
|
||||
is not in the list.
|
||||
@ -57,14 +65,19 @@ name, a device name which includes a wildcard (e.g. ttyD* or cuaD*),
|
||||
or may name a ttygroup, when group=<name> tags have been assigned in
|
||||
.Pa /etc/ttys .
|
||||
Matching of ttys and ttygroups is case sensitive.
|
||||
Passing a NULL or empty string as the
|
||||
Passing a
|
||||
.Dv NULL
|
||||
or empty string as the
|
||||
.Ar tty
|
||||
parameter causes the function to return a non-zero value.
|
||||
.Pp
|
||||
.Fn auth_hostok
|
||||
checks for any host restrictions for remote logins.
|
||||
The function checks on both a host name and IP address (given in its
|
||||
text form, typically n.n.n.n) against the "host.allow" and "host.deny"
|
||||
text form, typically n.n.n.n) against the
|
||||
.Em host.allow
|
||||
and
|
||||
.Em host.deny
|
||||
login class capabilities.
|
||||
As with ttys and their groups, wildcards and character classes may be
|
||||
used in the host allow and deny capability records.
|
||||
@ -78,32 +91,48 @@ is in its canonical form.
|
||||
No hostname or address lookups are attempted.
|
||||
.Pp
|
||||
It is possible to call this function with either the hostname or
|
||||
the IP address missing (i.e. NULL) and matching will be performed
|
||||
the IP address missing (i.e.
|
||||
.Dv NULL )
|
||||
and matching will be performed
|
||||
only on the basis of the parameter given.
|
||||
Passing NULL or empty strings in both parameters will result in
|
||||
Passing
|
||||
.Dv NULL
|
||||
or empty strings in both parameters will result in
|
||||
a non-zero return value.
|
||||
.Pp
|
||||
The
|
||||
.Fn auth_timeok
|
||||
function checks to see that a given time value is within the
|
||||
"times.allow" login class capability and not within the
|
||||
"times.deny" access lists.
|
||||
An empty or non-existent "times.allow" list allows access at any
|
||||
.Em times.allow
|
||||
login class capability and not within the
|
||||
.Em times.deny
|
||||
access lists.
|
||||
An empty or non-existent
|
||||
.Em times.allow
|
||||
list allows access at any
|
||||
time, except if a given time is falls within a period in the
|
||||
"times.deny" list.
|
||||
The format of time period records contained in both "times.allow"
|
||||
and "times.deny" capability fields is explained in detail in the
|
||||
.Em times.deny
|
||||
list.
|
||||
The format of time period records contained in both
|
||||
.Em times.allow
|
||||
and
|
||||
.Em times.deny
|
||||
capability fields is explained in detail in the
|
||||
.Xr login_times 3
|
||||
manual page.
|
||||
.Sh RETURN VALUES
|
||||
A non-zero return value from any of these functions indicates that
|
||||
login access is granted.
|
||||
A zero return value means either that the item being tested is not
|
||||
in the "allow" access list, or is within the "deny" access list.
|
||||
in the
|
||||
.Em allow
|
||||
access list, or is within the
|
||||
.Em deny
|
||||
access list.
|
||||
.Sh SEE ALSO
|
||||
.Xr login.conf 5 ,
|
||||
.Xr getcap 3 ,
|
||||
.Xr login_cap 3 ,
|
||||
.Xr login_class 3 ,
|
||||
.Xr login_times 3 ,
|
||||
.Xr termcap 5 ,
|
||||
.Xr getcap 3
|
||||
.Xr login.conf 5 ,
|
||||
.Xr termcap 5
|
||||
|
@ -23,7 +23,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $Id: pty.3,v 1.2 1996/12/30 21:08:44 mpp Exp $
|
||||
.\" $Id: pty.3,v 1.3 1997/01/01 03:29:33 alex Exp $
|
||||
.\" "
|
||||
.Dd December 29, 1996
|
||||
.Os
|
||||
@ -62,7 +62,7 @@ invalidate any current use of the line by calling
|
||||
.Xr revoke 2 .
|
||||
.Pp
|
||||
If the argument
|
||||
.Ar name
|
||||
.Fa name
|
||||
is not
|
||||
.Dv NULL ,
|
||||
.Fn openpty
|
||||
@ -70,9 +70,9 @@ copies the pathname of the slave pty to this area. The caller is
|
||||
responsible for allocating the required space in this array.
|
||||
.Pp
|
||||
If the arguments
|
||||
.Ar termp
|
||||
.Fa termp
|
||||
or
|
||||
.Ar winp
|
||||
.Fa winp
|
||||
are not
|
||||
.Dv NULL ,
|
||||
.Fn openpty
|
||||
@ -81,9 +81,9 @@ these arguments point to, respectively.
|
||||
.Pp
|
||||
Upon return, the open file descriptors for the master and slave side
|
||||
of the pty are returned in the locations pointed to by
|
||||
.Ar amaster
|
||||
.Fa amaster
|
||||
and
|
||||
.Ar aslave ,
|
||||
.Fa aslave ,
|
||||
respectively.
|
||||
.Pp
|
||||
.Fn Forkpty
|
||||
@ -95,11 +95,11 @@ for the master side of the pty, and calls
|
||||
.Xr login_tty 3
|
||||
for the slave pty. In the parent process, it closes the descriptor for the
|
||||
slave side of the pty. The arguments
|
||||
.Ar amaster ,
|
||||
.Ar name ,
|
||||
.Ar termp ,
|
||||
.Fa amaster ,
|
||||
.Fa name ,
|
||||
.Fa termp ,
|
||||
and
|
||||
.Ar winp
|
||||
.Fa winp
|
||||
have the same meaning as described for
|
||||
.Fn openpty .
|
||||
.Sh RETURN VALUES
|
||||
|
Loading…
Reference in New Issue
Block a user