security/pam_abl/files/patch-doc-index.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

--- doc/index.html.orig	Wed Oct 12 21:22:27 2005
+++ doc/index.html	Sat Jan 14 22:48:16 2006
@@ -44,7 +44,7 @@
 			<dd>Requires <a href="http://www.sleepycat.com/products/db.shtml">Berkeley DB</a>
 			(tested with 4.3.21 and 4.2.50).<br />
 
-			Requires a configuration file (by convention /etc/security/pam_abl.conf)</dd>
+			Requires a configuration file (by convention %%ETCPREFIX%%/etc/pam_abl.conf)</dd>
 
 			<dt>Network aware:</dt>
 
@@ -171,28 +171,26 @@
 				<p>Typically pam_abl.so is added to the auth stack as a required module just before whatever modules actually peform authentication. Here's a fragment of the PAM config for a production server that is running pam_abl:</p>
 
 				<table class="config">
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_env.so</td></tr>
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_abl.so config=/etc/security/pam_abl.conf</td></tr>
-					<tr><td>auth</td><td>sufficient</td><td>/lib/security/pam_unix.so likeauth nullok</td></tr>
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_deny.so</td></tr>
+					<tr><td>auth</td><td>required</td><td>%%PREFIX%%/lib/pam_abl.so config=%%ETCPREFIX%%/etc/pam_abl.conf</td></tr>
+					<tr><td>auth</td><td>required</td><td>pam_unix.so no_warn try_first_pass nullok</td></tr>
 				</table>
 
-				<p>Although all of accepted arguments can be supplied here they will usually be placed in a separate config file and linked to using the config argument as in the above example. The <a href="pam_abl.html">pam_abl command line tool</a> reads the external config file (/etc/security/pam_abl.conf in this case) to find the databases so in order for it work correctly an external config should be used.</p>
+				<p>Although all of accepted arguments can be supplied here they will usually be placed in a separate config file and linked to using the config argument as in the above example. The <a href="pam_abl.html">pam_abl command line tool</a> reads the external config file (%%ETCPREFIX%%/etc/pam_abl.conf in this case) to find the databases so in order for it work correctly an external config should be used.</p>
 
 			</dd>
 
 			<dt>Config file syntax:</dt>
 
 			<dd>
-				<p>The config file can contain any arguments that would be supplied via PAM config. In the config file arguments are placed on separate lines. Comments may be included after a '#' and line continuation is possible by placing a back slash at the end of the line to be continued. Here is a sample /etc/security/pam_abl.conf:</p>
+				<p>The config file can contain any arguments that would be supplied via PAM config. In the config file arguments are placed on separate lines. Comments may be included after a '#' and line continuation is possible by placing a back slash at the end of the line to be continued. Here is a sample %%ETCPREFIX%%/etc/pam_abl.conf:</p>
 
 				<table class="config">
-					<tr><td># /etc/security/pam_abl.conf</td></tr>
+					<tr><td># %%ETCPREFIX%%/etc/pam_abl.conf</td></tr>
 					<tr><td>debug</td></tr>
-					<tr><td>host_db=/var/lib/abl/hosts.db</td></tr>
+					<tr><td>host_db=%%PAMABLDB%%/hosts.db</td></tr>
 					<tr><td>host_purge=2d</td></tr>
 					<tr><td>host_rule=*:10/1h,30/1d</td></tr>
-					<tr><td>user_db=/var/lib/abl/users.db</td></tr>
+					<tr><td>user_db=%%PAMABLDB%%/users.db</td></tr>
 					<tr><td>user_purge=2d</td></tr>
 					<tr><td>user_rule=!root:10/1h,30/1d</td></tr>
 				</table>
@@ -282,21 +280,19 @@
 				<p>Sample PAM config fragment:</p>
 
 				<table class="config">
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_env.so</td></tr>
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_abl.so config=/etc/security/pam_abl.conf</td></tr>
-					<tr><td>auth</td><td>sufficient</td><td>/lib/security/pam_unix.so likeauth nullok</td></tr>
-					<tr><td>auth</td><td>required</td><td>/lib/security/pam_deny.so</td></tr>
+					<tr><td>auth</td><td>required</td><td>%%PREFIX%%/lib/pam_abl.so %%ETCPREFIX%%/etc/pam_abl.conf</td></tr>
+					<tr><td>auth</td><td>required</td><td>pam_unix.so no_warn try_first_pass nullok</td></tr>
 				</table>
 
-				<p>Sample /etc/security/pam_abl.conf:</p>
+				<p>Sample %%ETCPREFIX%%/etc/pam_abl.conf:</p>
 
 				<table class="config">
-					<tr><td># /etc/security/pam_abl.conf</td></tr>
+					<tr><td># %%ETCPREFIX%%/etc/pam_abl.conf</td></tr>
 					<tr><td>debug</td></tr>
-					<tr><td>host_db=/var/lib/abl/hosts.db</td></tr>
+					<tr><td>host_db=%%PAMABLDB%%/hosts.db</td></tr>
 					<tr><td>host_purge=2d</td></tr>
 					<tr><td>host_rule=*:10/1h,30/1d</td></tr>
-					<tr><td>user_db=/var/lib/abl/users.db</td></tr>
+					<tr><td>user_db=%%PAMABLDB%%/users.db</td></tr>
 					<tr><td>user_purge=2d</td></tr>
 					<tr><td>user_rule=!root:10/1h,30/1d</td></tr>
 				</table>