* man/pwck.8.xml: The shadow file is optional.
* man/pwck.8.xml: Updated description of the checks. Added description of the shadow checks. * man/pwck.8.xml: Updated description of the checks.
This commit is contained in:
parent
885692e3c5
commit
7e96d749e4
@ -1,3 +1,10 @@
|
|||||||
|
2009-06-20 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
|
* man/pwck.8.xml: The shadow file is optional.
|
||||||
|
* man/pwck.8.xml: Updated description of the checks. Added
|
||||||
|
description of the shadow checks.
|
||||||
|
* man/pwck.8.xml: Updated description of the checks.
|
||||||
|
|
||||||
2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
|
2009-06-12 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
* man/po/fr.po: Fixed typo (forunis)
|
* man/po/fr.po: Fixed typo (forunis)
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!--
|
<!--
|
||||||
Copyright (c) 1992 - 1993, Julianne Frances Haugh
|
Copyright (c) 1992 - 1993, Julianne Frances Haugh
|
||||||
Copyright (c) 2007 - 2008, Nicolas François
|
Copyright (c) 2007 - 2009, Nicolas François
|
||||||
All rights reserved.
|
All rights reserved.
|
||||||
|
|
||||||
Redistribution and use in source and binary forms, with or without
|
Redistribution and use in source and binary forms, with or without
|
||||||
@ -69,11 +69,11 @@
|
|||||||
<title>DESCRIPTION</title>
|
<title>DESCRIPTION</title>
|
||||||
<para>
|
<para>
|
||||||
The <command>grpck</command> command verifies the integrity of the
|
The <command>grpck</command> command verifies the integrity of the
|
||||||
system authentication information. All entries in
|
groups information. It checks that all entries in
|
||||||
<filename>/etc/group</filename> <phrase condition="gshadow">and
|
<filename>/etc/group</filename> <phrase condition="gshadow">and
|
||||||
<filename>/etc/gshadow</filename></phrase>
|
<filename>/etc/gshadow</filename></phrase>
|
||||||
are checked to see that the entry has the proper format and valid data
|
have the proper format and contain valid data.
|
||||||
in each field. The user is prompted to delete entries that are
|
The user is prompted to delete entries that are
|
||||||
improperly formatted or which have other uncorrectable errors.
|
improperly formatted or which have other uncorrectable errors.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
@ -84,16 +84,33 @@
|
|||||||
<para>the correct number of fields</para>
|
<para>the correct number of fields</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>a unique group name</para>
|
<para>a unique and valid group name</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>a valid list of members and administrators</para>
|
<para>
|
||||||
|
a valid group identifier
|
||||||
|
<phrase condition="gshadow"> (<filename>/etc/group</filename>
|
||||||
|
only)</phrase>
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
a valid list of members
|
||||||
|
<phrase condition="gshadow"> and administrators</phrase>
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem condition="gshadow">
|
||||||
|
<para>
|
||||||
|
a corresponding entry in the <filename>/etc/gshadow</filename>
|
||||||
|
file (respectively <filename>/etc/group</filename> for the
|
||||||
|
<filename>gshadow</filename> checks)
|
||||||
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The checks for correct number of fields and unique group name are
|
The checks for correct number of fields and unique group name are
|
||||||
fatal. If the entry has the wrong number of fields, the user will be
|
fatal. If an entry has the wrong number of fields, the user will be
|
||||||
prompted to delete the entire line. If the user does not answer
|
prompted to delete the entire line. If the user does not answer
|
||||||
affirmatively, all further checks are bypassed. An entry with a
|
affirmatively, all further checks are bypassed. An entry with a
|
||||||
duplicated group name is prompted for deletion, but the remaining
|
duplicated group name is prompted for deletion, but the remaining
|
||||||
@ -103,10 +120,12 @@
|
|||||||
</para>
|
</para>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The commands which operate on the <filename>/etc/group</filename> file
|
The commands which operate on the <filename>/etc/group</filename>
|
||||||
|
<phrase condition="no_gshadow">file</phrase><phrase
|
||||||
|
condition="gshadow">and <filename>/etc/gshadow</filename> files</phrase>
|
||||||
are not able to alter corrupted or duplicated entries.
|
are not able to alter corrupted or duplicated entries.
|
||||||
<command>grpck</command> should be used in those circumstances to
|
<command>grpck</command> should be used in those circumstances to
|
||||||
remove the offending entry.
|
remove the offending entries.
|
||||||
</para>
|
</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!--
|
<!--
|
||||||
Copyright (c) 1992 , Julianne Frances Haugh
|
Copyright (c) 1992 , Julianne Frances Haugh
|
||||||
Copyright (c) 2007 - 2008, Nicolas François
|
Copyright (c) 2007 - 2009, Nicolas François
|
||||||
All rights reserved.
|
All rights reserved.
|
||||||
|
|
||||||
Redistribution and use in source and binary forms, with or without
|
Redistribution and use in source and binary forms, with or without
|
||||||
@ -70,9 +70,11 @@
|
|||||||
<arg choice='plain'>
|
<arg choice='plain'>
|
||||||
<replaceable>passwd</replaceable>
|
<replaceable>passwd</replaceable>
|
||||||
</arg>
|
</arg>
|
||||||
|
<arg choice='opt'>
|
||||||
<arg choice='plain'>
|
<arg choice='plain'>
|
||||||
<replaceable>shadow</replaceable>
|
<replaceable>shadow</replaceable>
|
||||||
</arg>
|
</arg>
|
||||||
|
</arg>
|
||||||
</arg>
|
</arg>
|
||||||
</cmdsynopsis>
|
</cmdsynopsis>
|
||||||
</refsynopsisdiv>
|
</refsynopsisdiv>
|
||||||
@ -81,10 +83,10 @@
|
|||||||
<title>DESCRIPTION</title>
|
<title>DESCRIPTION</title>
|
||||||
<para>
|
<para>
|
||||||
The <command>pwck</command> command verifies the integrity of the
|
The <command>pwck</command> command verifies the integrity of the
|
||||||
system authentication information. All entries in the
|
users and authentication information. It checks that all entries in
|
||||||
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
|
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
|
||||||
are checked to see that the entry has the proper format and valid data
|
have the proper format and contain valid data.
|
||||||
in each field. The user is prompted to delete entries that are
|
The user is prompted to delete entries that are
|
||||||
improperly formatted or which have other uncorrectable errors.
|
improperly formatted or which have other uncorrectable errors.
|
||||||
</para>
|
</para>
|
||||||
|
|
||||||
@ -94,7 +96,7 @@
|
|||||||
<para>the correct number of fields</para>
|
<para>the correct number of fields</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>a unique user name</para>
|
<para>a unique and valid user name</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
<listitem>
|
<listitem>
|
||||||
<para>a valid user and group identifier</para>
|
<para>a valid user and group identifier</para>
|
||||||
@ -110,6 +112,35 @@
|
|||||||
</listitem>
|
</listitem>
|
||||||
</itemizedlist>
|
</itemizedlist>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
<filename>shadow</filename> checks are enabled when a second file
|
||||||
|
parameter is specified or when <filename>/etc/shadow</filename>
|
||||||
|
exists on the system.
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
These checks are the following:
|
||||||
|
</para>
|
||||||
|
<itemizedlist mark='bullet'>
|
||||||
|
<listitem>
|
||||||
|
<para>
|
||||||
|
every passwd entry has a matching shadow entry, and every shadow
|
||||||
|
entry has a matching passwd entry
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>passwords are specified in the shadowed file</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>shadow entries have the correct number of fields</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>shadow entries are unique in shadow</para>
|
||||||
|
</listitem>
|
||||||
|
<listitem>
|
||||||
|
<para>the last password changes are not in the future</para>
|
||||||
|
</listitem>
|
||||||
|
</itemizedlist>
|
||||||
|
|
||||||
<para>
|
<para>
|
||||||
The checks for correct number of fields and unique user name are
|
The checks for correct number of fields and unique user name are
|
||||||
fatal. If the entry has the wrong number of fields, the user will be
|
fatal. If the entry has the wrong number of fields, the user will be
|
||||||
|
Loading…
Reference in New Issue
Block a user