diff options
| author | Dave Olson <olson@cumulusnetworks.com> | 2018-01-23 16:04:03 -0800 |
|---|---|---|
| committer | Dave Olson <olson@cumulusnetworks.com> | 2018-01-23 16:17:18 -0800 |
| commit | a56320d97bcca3b6032b875008396c24f40eb5c4 (patch) | |
| tree | 371321ba54fb0284f91339c12dcd17c521311159 /pam_radius_auth.8 | |
| parent | 8131ff2e52c3e15552c9db8911fe30359dfabe21 (diff) | |
| download | libpam-radius-auth-a56320d97bcca3b6032b875008396c24f40eb5c4.tar.gz libpam-radius-auth-a56320d97bcca3b6032b875008396c24f40eb5c4.zip | |
Improved documentation in man pages.
Ticket: UD-1248
Reviewed By: nobody
Testing Done:
Tried to be clearer about default ports. Added a comment in the
plugin manpage that debug can be set in the config file as well.
There was a complaint that it wasn't clear on how to set the various
options for the pam plugin module, so I tried to make that cleaer
as well.
Also fixed some spelling errors in the man page, and remove the
non-debian config file default.
Diffstat (limited to 'pam_radius_auth.8')
| -rw-r--r-- | pam_radius_auth.8 | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/pam_radius_auth.8 b/pam_radius_auth.8 index e39a190..61fbf8f 100644 --- a/pam_radius_auth.8 +++ b/pam_radius_auth.8 @@ -14,12 +14,22 @@ because the RADIUS protocol does not support it. This PAM module takes a number of standard PAM configuration options, as well as some specific to this plugin. .PP -options can be added by editting the files in +These options can be enabled by editing the generated entries in the .I /etc/pam.d -or by editting the configuration file +directory to add them to the radius plugin. The files can be found by running +the command: +.IP +.B grep radius /etc/pam.d/* +.PP +They can also be set by editing the configuration file .I /usr/share/pam-configs/radius and then running -.BR pam-auth-config . +.B pam-auth-config +to re-generate the files in /etc/pam.d/. +.BR NOTE : +The file +.I /usr/share/pam-configs/radius +is not a configuration file, and may be overwritten on upgrades. .PP All of the following arguments are optional, and can be combined as needed. Note that not all of these options are relevant in for all uses of the module. @@ -38,23 +48,27 @@ i.e. A blank client ID. .TP .I conf=foo set the configuration filename to 'foo'. -Default is /etc/raddb/server (/etc/pam_radius_auth.conf -on Debian systems). +The default is +.IR /etc/pam_radius_auth.conf . .TP .I debug print out extensive debugging information via pam_log. These messages generally end up being handled by -sylog(), and go to /var/log/messages. Depending on +syslog(), and go to /var/log/messages. Depending on your host operating system, the log messages may be elsewhere. .IP +This variable may also be set in the +.I /etc/pam_radius_auth +file. See that file for details. +.IP You should generally use the debug option when first trying configuring this module, as it will help enormously in tracking down problems. .TP .I force_prompt Request a new password and not using the previously entered -password. This usefull for multi-factor authentication +password. This useful for multi-factor authentication when used with a Token. .TP .I localifdown |