[Pkg-shadow-commits] r3023 - in upstream/trunk: . man
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Sat Jun 20 13:02:34 UTC 2009
Author: nekral-guest
Date: 2009-06-20 13:02:33 +0000 (Sat, 20 Jun 2009)
New Revision: 3023
Modified:
upstream/trunk/ChangeLog
upstream/trunk/man/grpck.8.xml
upstream/trunk/man/pwck.8.xml
Log:
* man/pwck.8.xml: The shadow file is optional.
* man/pwck.8.xml: Updated description of the checks. Added
description of the shadow checks.
* man/pwck.8.xml: Updated description of the checks.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2009-06-14 12:47:41 UTC (rev 3022)
+++ upstream/trunk/ChangeLog 2009-06-20 13:02:33 UTC (rev 3023)
@@ -1,3 +1,10 @@
+2009-06-20 Nicolas François <nicolas.francois at centraliens.net>
+
+ * man/pwck.8.xml: The shadow file is optional.
+ * man/pwck.8.xml: Updated description of the checks. Added
+ description of the shadow checks.
+ * man/pwck.8.xml: Updated description of the checks.
+
2009-06-12 Nicolas François <nicolas.francois at centraliens.net>
* man/po/fr.po: Fixed typo (forunis)
Modified: upstream/trunk/man/grpck.8.xml
===================================================================
--- upstream/trunk/man/grpck.8.xml 2009-06-14 12:47:41 UTC (rev 3022)
+++ upstream/trunk/man/grpck.8.xml 2009-06-20 13:02:33 UTC (rev 3023)
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1992 - 1993, Julianne Frances Haugh
- Copyright (c) 2007 - 2008, Nicolas François
+ Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -69,11 +69,11 @@
<title>DESCRIPTION</title>
<para>
The <command>grpck</command> command verifies the integrity of the
- system authentication information. All entries in
+ groups information. It checks that all entries in
<filename>/etc/group</filename> <phrase condition="gshadow">and
<filename>/etc/gshadow</filename></phrase>
- are checked to see that the entry has the proper format and valid data
- in each field. The user is prompted to delete entries that are
+ have the proper format and contain valid data.
+ The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
</para>
@@ -84,16 +84,33 @@
<para>the correct number of fields</para>
</listitem>
<listitem>
- <para>a unique group name</para>
+ <para>a unique and valid group name</para>
</listitem>
<listitem>
- <para>a valid list of members and administrators</para>
+ <para>
+ a valid group identifier
+ <phrase condition="gshadow"> (<filename>/etc/group</filename>
+ only)</phrase>
+ </para>
</listitem>
+ <listitem>
+ <para>
+ a valid list of members
+ <phrase condition="gshadow"> and administrators</phrase>
+ </para>
+ </listitem>
+ <listitem condition="gshadow">
+ <para>
+ a corresponding entry in the <filename>/etc/gshadow</filename>
+ file (respectively <filename>/etc/group</filename> for the
+ <filename>gshadow</filename> checks)
+ </para>
+ </listitem>
</itemizedlist>
<para>
The checks for correct number of fields and unique group name are
- fatal. If the entry has the wrong number of fields, the user will be
+ fatal. If an entry has the wrong number of fields, the user will be
prompted to delete the entire line. If the user does not answer
affirmatively, all further checks are bypassed. An entry with a
duplicated group name is prompted for deletion, but the remaining
@@ -103,10 +120,12 @@
</para>
<para>
- The commands which operate on the <filename>/etc/group</filename> file
+ The commands which operate on the <filename>/etc/group</filename>
+ <phrase condition="no_gshadow">file</phrase><phrase
+ condition="gshadow">and <filename>/etc/gshadow</filename> files</phrase>
are not able to alter corrupted or duplicated entries.
<command>grpck</command> should be used in those circumstances to
- remove the offending entry.
+ remove the offending entries.
</para>
</refsect1>
Modified: upstream/trunk/man/pwck.8.xml
===================================================================
--- upstream/trunk/man/pwck.8.xml 2009-06-14 12:47:41 UTC (rev 3022)
+++ upstream/trunk/man/pwck.8.xml 2009-06-20 13:02:33 UTC (rev 3023)
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 1992 , Julianne Frances Haugh
- Copyright (c) 2007 - 2008, Nicolas François
+ Copyright (c) 2007 - 2009, Nicolas François
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -70,9 +70,11 @@
<arg choice='plain'>
<replaceable>passwd</replaceable>
</arg>
+ <arg choice='opt'>
<arg choice='plain'>
<replaceable>shadow</replaceable>
</arg>
+ </arg>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -81,10 +83,10 @@
<title>DESCRIPTION</title>
<para>
The <command>pwck</command> command verifies the integrity of the
- system authentication information. All entries in the
+ users and authentication information. It checks that all entries in
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
- are checked to see that the entry has the proper format and valid data
- in each field. The user is prompted to delete entries that are
+ have the proper format and contain valid data.
+ The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
</para>
@@ -94,7 +96,7 @@
<para>the correct number of fields</para>
</listitem>
<listitem>
- <para>a unique user name</para>
+ <para>a unique and valid user name</para>
</listitem>
<listitem>
<para>a valid user and group identifier</para>
@@ -111,6 +113,35 @@
</itemizedlist>
<para>
+ <filename>shadow</filename> checks are enabled when a second file
+ parameter is specified or when <filename>/etc/shadow</filename>
+ exists on the system.
+ </para>
+ <para>
+ These checks are the following:
+ </para>
+ <itemizedlist mark='bullet'>
+ <listitem>
+ <para>
+ every passwd entry has a matching shadow entry, and every shadow
+ entry has a matching passwd entry
+ </para>
+ </listitem>
+ <listitem>
+ <para>passwords are specified in the shadowed file</para>
+ </listitem>
+ <listitem>
+ <para>shadow entries have the correct number of fields</para>
+ </listitem>
+ <listitem>
+ <para>shadow entries are unique in shadow</para>
+ </listitem>
+ <listitem>
+ <para>the last password changes are not in the future</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>
The checks for correct number of fields and unique user name are
fatal. If the entry has the wrong number of fields, the user will be
prompted to delete the entire line. If the user does not answer
More information about the Pkg-shadow-commits
mailing list