[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1134-g9b3d5fc

Karolin Seeger kseeger at samba.org
Mon Jun 15 11:25:06 GMT 2009 

The branch, v3-4-test has been updated
       via  9b3d5fc7de1103a634b86ff4d18ceb146ca6b027 (commit)
       via  d547aab1511c72e1cab034e2945f6ad63bda6659 (commit)
       via  5d2dfba6d1699c6e417cc21233a1cc871f3c0ad1 (commit)
       via  24d6f697844bc85a03c047e5470abcfdd53735a2 (commit)
       via  55df96313c5b966f41b0b5c426cf6a420cafa855 (commit)
      from  e24c2401750212d7212952f574ed9765fb1f2e8e (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test


- Log -----------------------------------------------------------------
commit 9b3d5fc7de1103a634b86ff4d18ceb146ca6b027
Author: Andreas Schneider <mail at cynapses.org>
Date:   Mon Jun 15 12:22:58 2009 +0200

    Fix the section of the pam_winbind manpage.
    
    Signed-off-by: Andreas Schneider <mail at cynapses.org>

commit d547aab1511c72e1cab034e2945f6ad63bda6659
Author: Andreas Schneider <mail at cynapses.org>
Date:   Mon Jun 15 12:21:07 2009 +0200

    Move pam_winbind to the right manpage section (8).
    
    Signed-off-by: Andreas Schneider <mail at cynapses.org>
    (cherry picked from commit 59ab1574e41993d24733affbca07d3f7da245fc7)

commit 5d2dfba6d1699c6e417cc21233a1cc871f3c0ad1
Author: Andreas Schneider <mail at cynapses.org>
Date:   Mon Jun 15 12:16:49 2009 +0200

    Dcoument the PAM data exports in the pam_winbind manpage.
    
    Signed-off-by: Andreas Schneider <mail at cynapses.org>
    (cherry picked from commit 1809ff4b2339bd3066532abccea0944da45edf64)

commit 24d6f697844bc85a03c047e5470abcfdd53735a2
Author: Andreas Schneider <mail at cynapses.org>
Date:   Mon Jun 15 12:16:15 2009 +0200

    Document the try_first_pass option in the pam_winbind manpage.
    
    Signed-off-by: Andreas Schneider <mail at cynapses.org>
    (cherry picked from commit 779eea49de3f53040fe792de4b74b73a0c51ecb3)

commit 55df96313c5b966f41b0b5c426cf6a420cafa855
Author: Andreas Schneider <mail at cynapses.org>
Date:   Mon Jun 15 12:15:26 2009 +0200

    Add a synopsis section to the pam_winbind manpage.
    
    Signed-off-by: Andreas Schneider <mail at cynapses.org>
    (cherry picked from commit 24f9f32fedb92f881658db856db15173e57af0bd)

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/Samba3-HOWTO/manpages.xml                 |    2 +-
 .../{pam_winbind.7.xml => pam_winbind.8.xml}       |   90 ++++++++++++++++++--
 2 files changed, 82 insertions(+), 10 deletions(-)
 rename docs-xml/manpages-3/{pam_winbind.7.xml => pam_winbind.8.xml} (70%)


Changeset truncated at 500 lines:

diff --git a/docs-xml/Samba3-HOWTO/manpages.xml b/docs-xml/Samba3-HOWTO/manpages.xml
index 4de54bf..eef4207 100644
--- a/docs-xml/Samba3-HOWTO/manpages.xml
+++ b/docs-xml/Samba3-HOWTO/manpages.xml
@@ -22,7 +22,7 @@
 	<xi:include href="../manpages-3/nmbd.8.xml"/>
 	<xi:include href="../manpages-3/nmblookup.1.xml"/>
 	<xi:include href="../manpages-3/ntlm_auth.1.xml"/>
-	<xi:include href="../manpages-3/pam_winbind.7.xml"/>
+	<xi:include href="../manpages-3/pam_winbind.8.xml"/>
 	<xi:include href="../manpages-3/pdbedit.8.xml"/>
 	<xi:include href="../manpages-3/profiles.1.xml"/>
 	<xi:include href="../manpages-3/rpcclient.1.xml"/>
diff --git a/docs-xml/manpages-3/pam_winbind.7.xml b/docs-xml/manpages-3/pam_winbind.8.xml
similarity index 70%
rename from docs-xml/manpages-3/pam_winbind.7.xml
rename to docs-xml/manpages-3/pam_winbind.8.xml
index ced6174..730ad96 100644
--- a/docs-xml/manpages-3/pam_winbind.7.xml
+++ b/docs-xml/manpages-3/pam_winbind.8.xml
@@ -1,13 +1,13 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
 <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
-<refentry id="pam_winbind.7">
+<refentry id="pam_winbind.8">
 
 <refmeta>
 	<refentrytitle>pam_winbind</refentrytitle>
-	<manvolnum>7</manvolnum>
+	<manvolnum>8</manvolnum>
 	<refmiscinfo class="source">Samba</refmiscinfo>
-	<refmiscinfo class="manual">7</refmiscinfo>
-	<refmiscinfo class="version">3.4</refmiscinfo>
+	<refmiscinfo class="manual">8</refmiscinfo>
+	<refmiscinfo class="version">3.5</refmiscinfo>
 </refmeta>
 
 
@@ -29,6 +29,31 @@
 </refsect1>
 
 <refsect1>
+	<title>SYNOPSIS</title>
+
+	<para>
+		Edit the PAM system config /etc/pam.d/service and modify it as the following example shows:
+		<programlisting>
+			    ...
+			    auth      required        pam_env.so
+			    auth      sufficient      pam_unix2.so
+			+++ auth      required        pam_winbind.so  use_first_pass
+			    account   requisite       pam_unix2.so
+			+++ account   required        pam_winbind.so  use_first_pass
+			+++ password  sufficient      pam_winbind.so
+			    password  requisite       pam_pwcheck.so  cracklib
+			    password  required        pam_unix2.so    use_authtok
+			    session   required        pam_unix2.so
+			+++ session   required        pam_winbind.so
+			    ...
+		</programlisting>
+
+		Make sure that pam_winbind is one of the first modules in the session part. It may retrieve
+		kerberos tickets which are needed by other modules.
+	</para>
+</refsect1>
+
+<refsect1>
 	<title>OPTIONS</title>
 	<para>
 	
@@ -64,11 +89,6 @@
 		</varlistentry>
 
 		<varlistentry>
-		<term>try_first_pass</term>
-		<listitem><para></para></listitem>
-		</varlistentry>
-
-		<varlistentry>
 		<term>use_first_pass</term>
 		<listitem><para>
 		By default, pam_winbind tries to get the authentication token from a previous module. If no token is available
@@ -78,6 +98,14 @@
 		</varlistentry>
 
 		<varlistentry>
+		<term>try_first_pass</term>
+		<listitem><para>
+				Same as the use_first_pass option (previous item), except that if the primary password is not
+				valid, PAM will prompt for a password.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
 		<term>use_authtok</term>
 		<listitem><para>
 		Set the new password to the one provided by the previously stacked password module. If this option is not set 
@@ -157,6 +185,50 @@
 </refsect1>
 
 <refsect1>
+	<title>PAM DATA EXPORTS</title>
+
+	<para>This section describes the data exported in the PAM stack which could be used in other PAM modules.</para>
+
+	<varlistentry>
+		<term>PAM_WINBIND_HOMEDIR</term>
+		<listitem>
+			<para>
+				This is the Windows Home Directory set in the profile tab in the user settings
+				on the Active Directory Server. This could be a local path or a directory on a
+				share mapped to a drive.
+			</para>
+		</listitem>
+	</varlistentry>
+	<varlistentry>
+		<term>PAM_WINBIND_LOGONSCRIPT</term>
+		<listitem>
+			<para>
+				The path to the logon script which should be executed if a user logs in. This is
+				normally a relative path to the script stored on the server.
+			</para>
+		</listitem>
+	</varlistentry>
+	<varlistentry>
+		<term>PAM_WINBIND_LOGONSERVER</term>
+		<listitem>
+			<para>
+				This exports the Active Directory server we are authenticating against. This can be
+				used as a variable later.
+			</para>
+		</listitem>
+	</varlistentry>
+	<varlistentry>
+		<term>PAM_WINBIND_PROFILEPATH</term>
+		<listitem>
+			<para>
+				This is the profile path set in the profile tab in the user settings. Noramlly
+				the home directory is synced with this directory on a share.
+			</para>
+		</listitem>
+	</varlistentry>
+</refsect1>
+
+<refsect1>
 	<title>SEE ALSO</title>
 	<para><citerefentry>
 	<refentrytitle>wbinfo</refentrytitle>


-- 
Samba Shared Repository

More information about the samba-cvs mailing list