summaryrefslogtreecommitdiff
path: root/man/pam_systemd.xml
Commit message (Collapse)AuthorAgeFilesLines
* pam_systemd: process the two new capabilities user records fields in pam_systemdLennart Poettering2023-02-281-0/+16
| | | | | | | | | | | | | | | | | | | And also: by default, for the systemd-user service and for local sessions (i.e. those assigned to a seat): let's imply CAP_WAKE_SYSTEM for them by default. Yes, let's pass one specific capability by default to local unprivileged users. The capability services exactly once purpose: to allow system wake-up from suspend via alarm clocks, hence is relatively limited in focus. By adding this tools such as GNOME's Alarm Clock app can simply allocate a CLOCK_REALTIME_ALARM (or ask systemd --user to do this) timer and it will wake up the system as necessary. Note that systemd --user will not pass the ambient caps on by default, so even with this change, individual services need to use AmbientCapabilities= to pass this on to the individual programs. Fixes: #17564 #21382
* Use https for freedesktop.orgMichael Biebl2022-06-281-2/+2
| | | | grep -l -r http:// | xargs sed -E -i s'#http://(.*).freedesktop.org#https://\1.freedesktop.org#'
* man: use title of docs/ pages when referring to themZbigniew Jędrzejewski-Szmek2021-07-271-1/+1
| | | | | | There is some inconsistency, partially caused by the awkward naming of the docs/ pages. But let's be consistent and use the "official" title. If we ever change plural↔singular, we should use the same form everywhere.
* pam: fix typo try_authtok → use_authtokLennart Poettering2021-05-121-1/+2
| | | | | | | | This was a copy/paste mistae apparently, there's not "try_authtok" and this was supposed to copy what Fedora uses, which uses "use_authtok" correctly. Hence adjust this. Fixes: #19369
* man: set constant tag to NUL or NULLYu Watanabe2020-11-121-1/+1
|
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* tree-wide: fixes for assorted grammar and spelling issuesZbigniew Jędrzejewski-Szmek2020-07-061-1/+1
| | | | Fixes #16363. Also includes some changes where I generalized the pattern.
* man: fix links to various external man pagesZbigniew Jędrzejewski-Szmek2020-06-251-1/+1
| | | | | In cases where we used both die-net and man-pages for the same reference, I switched to use man-pages everywhere.
* man: suffix pam options with "=" where arg is required tooZbigniew Jędrzejewski-Szmek2020-05-071-5/+5
|
* man: bring example PAM snippet of pam_systemd and pam_systemd_home back in syncLennart Poettering2020-05-061-13/+18
| | | | Let's make it the same snippet, just highlight different lines.
* man: document new pam_systemd features in man pageLennart Poettering2020-01-151-8/+36
| | | | | | | | | | | | | | | | | | | This also updates the suggested PAM snippet in a number of way: 1. Be closer to the logic nowadays implemented in Fedora where the auth/account/password stacks are all finished off with pam_{deny|permit}.so 2. Make pam_unix.so just "sufficient" instead of "required" (paving ground for pam_systemd_home.so being hooked in as additional sufficient module. 3. Only do pam_nologin in the "account" stack, since it's about account validity really. 4. Use modern parameters to pam_unix when changing passwords, i.e. sha512 and shadow, and use already set up passwords (preparing ground for pam_systemd_home again)
* man: fix option typo in pam_systemd man pageDominique Martinet2019-11-061-1/+1
| | | | | The session= option does not exist, XDG_SESSION_TYPE overrides the type= option.
* pam_systemd: Forward systemd.runtime_max_sec setting to session scopePhilip Withnall2019-10-281-0/+7
| | | | | | | | | | | Allow earlier PAM modules to set `systemd.runtime_max_sec`. If they do, parse it and set it as the `RuntimeMaxUSec=` property of the session scope, to limit the maximum lifetime of the session. This could be useful for time-limiting login sessions, for example. Signed-off-by: Philip Withnall <withnall@endlessm.com> Fixes: #12035
* man: use same header for all filesZbigniew Jędrzejewski-Szmek2019-03-141-1/+1
| | | | | | | The "include" files had type "book" for some raeason. I don't think this is meaningful. Let's just use the same everywhere. $ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n "http^gms' man/*.xml
* man: standarize on one-line license headerZbigniew Jędrzejewski-Szmek2019-03-141-4/+1
| | | | | | No need to waste space, and uniformity is good. $ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml
* man: use <varname> for pam configuration optionsZbigniew Jędrzejewski-Szmek2019-02-131-8/+8
| | | | | It seems to fit the role better, and also the formatting in systemd.directives is fixes.
* man: update pam_systemd to reflect recent changesLennart Poettering2018-07-251-57/+46
| | | | | | | 1. Document the new desktop= parameter 2. Clarify that we set XDG_SESSION_DESKTOP, XDG_SESSION_CLASS, XDG_SESSION_TYPE if we have the data, and don't just read it.
* man: document that pam_systemd actually sets XDG_SEAT and XDG_VTNRLennart Poettering2018-07-251-3/+3
| | | | | The old wording is not clear regarding whether the env var will be updated or just a fallbacked is used.
* man: drop unused <authorgroup> tags from man sourcesZbigniew Jędrzejewski-Szmek2018-06-141-9/+0
| | | | | | | | | | | | Docbook styles required those to be present, even though the templates that we use did not show those names anywhere. But something changed semi-recently (I would suspect docbook templates, but there was only a minor version bump in recent years, and the changelog does not suggest anything related), and builds now work without those entries. Let's drop this dead weight. Tested with F26-F29, debian unstable. $ perl -i -0pe 's/\s*<authorgroup>.*<.authorgroup>//gms' man/*xml
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* logind: enable limiting of user session scopes using pam context objects (#8397)Jan Synacek2018-04-171-0/+54
|
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* man: add a note about $XDG_SEAT and $XDG_VTNR to pam_systemd(8)Zbigniew Jędrzejewski-Szmek2018-03-241-1/+4
| | | | | | | | | | Issue #6499 requests that a mention that those varibles can be set in the environment is added. But the man page already says that. There isn't much detail, but a man page does not need to and in this case should not include all the details. Instead a note is added that those vars can be derived from $DISPLAY. Closes #6499.
* Add SPDX license identifiers to man pagesZbigniew Jędrzejewski-Szmek2017-11-191-0/+2
|
* man: Document when pam_systemd sets XDG_RUNTIME_DIR (#5570)Adrian Heine né Lang2017-03-141-2/+3
| | | https://github.com/systemd/systemd/blob/f97b34a6/src/login/pam_systemd.c#L439
* man: update pam_systemd and systemd-logind man pages a bitLennart Poettering2017-02-091-23/+16
| | | | | | | This builds on @utezduyar's #4640, but extends on it. Fixes: #4550 Replaces: #4640
* doc: correct punctuation and improve typography in documentationJan Engelhardt2015-11-061-1/+1
|
* man: revert dynamic paths for split-usr setupsTom Gundersen2015-06-181-4/+1
| | | | | | | | | | | | | | | | | | | | | | | This did not really work out as we had hoped. Trying to do this upstream introduced several problems that probably makes it better suited as a downstream patch after all. At any rate, it is not releaseable in the current state, so we at least need to revert this before the release. * by adjusting the path to binaries, but not do the same thing to the search path we end up with inconsistent man-pages. Adjusting the search path too would be quite messy, and it is not at all obvious that this is worth the effort, but at any rate it would have to be done before we could ship this. * this means that distributed man-pages does not make sense as they depend on config options, and for better or worse we are still distributing man pages, so that is something that definitely needs sorting out before we could ship with this patch. * we have long held that split-usr is only minimally supported in order to boot, and something we hope will eventually go away. So before we start adding even more magic/effort in order to make this work nicely, we should probably question if it makes sense at all.
* man: generate configured paths in manpagesFilipe Brandenburger2015-05-281-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In particular, use /lib/systemd instead of /usr/lib/systemd in distributions like Debian which still have not adopted a /usr merge setup. Use XML entities from man/custom-entities.ent to replace configured paths while doing XSLT processing of the original XML files. There was precedent of some files (such as systemd.generator.xml) which were already using this approach. This addresses most of the (manual) fixes from this patch: http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/patches/Fix-paths-in-man-pages.patch?h=experimental-220 The idea of using generic XML entities was presented here: http://lists.freedesktop.org/archives/systemd-devel/2015-May/032240.html This patch solves almost all the issues, with the exception of: - Path to /bin/mount and /bin/umount. - Generic statements about preference of /lib over /etc. These will be handled separately by follow up patches. Tested: - With default configure settings, ran "make install" to two separate directories and compared the output to confirm they matched exactly. - Used a set of configure flags including $CONFFLAGS from Debian: http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/rules Installed the tree and confirmed the paths use /lib/systemd instead of /usr/lib/systemd and that no other unexpected differences exist. - Confirmed that `make distcheck` still passes.
* Reindent man pages to 2chZbigniew Jędrzejewski-Szmek2015-02-031-305/+263
|
* man: document that $XDG_SESSION_DESKTOP only takes a single item, not a ↵Lennart Poettering2014-10-281-2/+7
| | | | list, unlike $XDG_CURRENT_DESKTOP
* man: fix minor typoLennart Poettering2014-10-241-1/+1
|
* man: add a link to the XDG basedir spec from the pam_sytemd man pageLennart Poettering2014-10-241-11/+15
|
* man: avoid gendered singular pronounsLennart Poettering2014-10-241-8/+8
| | | | | | | Using "their" as pronoun in these places is confusing since it is more associated with plural rather than singular, and the sentence already contains a plural. The word "her/his" apparently offends some people, hence let's avoid the problem altogether and just name the noun again.
* man: in pam_systemd, it must be "his" (or "her"), not theirLennart Poettering2014-10-241-2/+2
|
* man: pam_systemd: some typos fixed, some info addedDaniel Mack2014-10-231-11/+13
| | | | Just some minor nits that I stumbled over when reading the man page.
* login: add public sd_session_get_desktop() APIDavid Herrmann2014-09-221-1/+3
| | | | | | The desktop brand is stored as DESKTOP variable for sessions. It can be set arbitrarily by the session owner and identifies the desktop environment that is running on that session.
* man: add a mapping for external manpagesZbigniew Jędrzejewski-Szmek2014-07-071-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | It is annoying when we have dead links on fd.o. Add project='man-pages|die-net|archlinux' to <citerefentry>-ies. In generated html, add external links to http://man7.org/linux/man-pages/man, http://linux.die.net/man/, https://www.archlinux.org/. By default, pages in sections 2 and 4 go to man7, since Michael Kerrisk is the autorative source on kernel related stuff. The rest of links goes to linux.die.net, because they have the manpages. Except for the pacman stuff, since it seems to be only available from archlinux.org. Poor gummiboot gets no link, because gummitboot(8) ain't to be found on the net. According to common wisdom, that would mean that it does not exist. But I have seen Kay using it, so I know it does, and deserves to be found. Can somebody be nice and put it up somewhere?
* man: recommend that XDG_SESSION_DESKTOP and XDG_CURRENT_DESKTOP use the same ↵Lennart Poettering2014-04-231-8/+14
| | | | identifiers
* login: add 'mir' to the list of session typesDavid Herrmann2014-04-091-2/+3
| | | | | | | | | Add Mir to the list of session types. This is implemented for LightDM in lp:~robert-ancell/lightdm/xdg-session-desktop [1]. [1] https://code.launchpad.net/~robert-ancell/lightdm/xdg-session-desktop/+merge/214108 (david: adjusted commit-header and fixed whitespace issues)
* doc: resolve missing/extraneous words or inappropriate formsJan Engelhardt2014-02-171-1/+1
| | | | | | | | Issues fixed: * missing words required by grammar * duplicated or extraneous words * inappropriate forms (e.g. singular/plural), and declinations * orthographic misspellings
* man: introduce new "Desktop" property for sessionsLennart Poettering2014-02-051-0/+60
| | | | | | This is initialized from XDG_SESSION_DESKTOP and is useful for GNOME to recognize its own sessions. It's supposed to be set to a short string identifying the session, such as "kde" or "gnome".
* logind: make session type and class settable via the same waysLennart Poettering2014-02-051-1/+22
| | | | | | If the session type/class is set via environment variables, use that, and otherwise fallback to something that is set via the PAM module command line.
* systemd_pam: treat debug as debug=1 and parse all paramsZbigniew Jędrzejewski-Szmek2013-11-061-3/+4
| | | | | | | | | systemd_pam would ignore all params after the first invalid one. Instead ignore just this one, and parse the rest. There's just one now, but as a matter of principle ;) Also, allow debug as an alias for debug=1, and don't treat invalid debug= options as fatal.
* man: drop references to "cgroup" wher appropriateLennart Poettering2013-09-271-1/+1
| | | | | | | | | | | Since cgroups are mostly now an implementation detail of systemd lets deemphasize it a bit in the man pages. This renames systemd.cgroup(5) to systemd.resource-control(5) and uses the term "resource control" rather than "cgroup" where appropriate. This leaves the word "cgroup" in at a couple of places though, like for example systemd-cgtop and systemd-cgls where cgroup stuff is at the core of what is happening.
* man: wording and grammar updatesJan Engelhardt2013-07-211-6/+6
| | | | | This includes regularly-submitted corrections to comma setting and orthographical mishaps that appeared in man/ in recent commits.
* man: update pam_systemd documentation to current state of the codeLennart Poettering2013-07-191-115/+25
|
* man: improve grammar and word formatting in numerous man pagesJason St. John2013-07-021-17/+17
| | | | | | | | | | Use proper grammar, word usage, adjective hyphenation, commas, capitalization, spelling, etc. To improve readability, some run-on sentences or sentence fragments were revised. [zj: remove the space from 'file name', 'host name', and 'time zone'.]
* man: use <constant> for various constants which look ugly with quotesZbigniew Jędrzejewski-Szmek2013-06-261-1/+1
|
View Lorry Controller Status