* man/newusers.8.xml: PAM enabled version: describe how passwords

are updated and how newusers behave in case of error.
2009-05-11 19:29:38 +00:00 · 2009-05-11 19:29:38 +00:00 · 321e3ed02c
commit 321e3ed02c
parent 63e6dc6b11
2 changed files with 12 additions and 6 deletions
--- a/5
+++ b/5
@ -1,3 +1,8 @@
+2009-05-11  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* man/newusers.8.xml: PAM enabled version: describe how passwords
+	are updated and how newusers behave in case of error.
+
 2009-05-10  Nicolas François  <nicolas.francois@centraliens.net>

 	* NEWS, configure.in: New release will be 4.1.4.
--- a/man/newusers.8.xml
+++ b/man/newusers.8.xml
@ -211,6 +211,13 @@
      databases. If an error occurs (except in the final writes to the
      databases), no changes are committed to the databases.
    </para>
+    <para condition="pam">
+      During this first pass, users are created with a locked password
+      (and passwords are not changed for the users which are not created).
+      A second pass is used to update the passwords using PAM.  Failures
+      to update a password are reported, but will not stop the other
+      password updates.
+    </para>

    <para>
      This command is intended to be used in a large system environment
@ -297,12 +304,6 @@
      The input file must be protected since it contains unencrypted
      passwords.
    </para>
-    <para condition="pam">
-      PAM is not used to update the passwords.
-      Only <filename>/etc/passwd</filename> and
-      <filename>/etc/shadow</filename> are updated, and the various checks
-      or options provided by PAM modules are not used.
-    </para>
  </refsect1>

  <refsect1 id='configuration'>