[Pkg-shadow-commits] r485 - branches/experimental/debian/patches

Nicolas FRANCOIS nekral-guest at costa.debian.org
Mon Aug 29 16:50:21 UTC 2005 

Author: nekral-guest
Date: 2005-08-29 16:50:21 +0000 (Mon, 29 Aug 2005)
New Revision: 485

Added:
   branches/experimental/debian/patches/437_su_add_GNU_options_7
Log:
This was in 005. It is the documentation of the options introduced by the
other 437_* patches.


Added: branches/experimental/debian/patches/437_su_add_GNU_options_7
===================================================================
--- branches/experimental/debian/patches/437_su_add_GNU_options_7	2005-08-28 08:44:29 UTC (rev 484)
+++ branches/experimental/debian/patches/437_su_add_GNU_options_7	2005-08-29 16:50:21 UTC (rev 485)
@@ -0,0 +1,170 @@
+Note: * Document the changes from the other 437_ patches
+
+Index: shadow-4.0.10/man/su.1.xml
+===================================================================
+--- shadow-4.0.10.orig/man/su.1.xml	2005-06-15 14:39:27.000000000 +0200
++++ shadow-4.0.10/man/su.1.xml	2005-07-04 17:51:43.000000000 +0200
+@@ -15,6 +15,7 @@
+   <refsynopsisdiv id='synopsis'>
+     <cmdsynopsis>
+       <command>su</command>
++      <arg choice='opt'>OPTS </arg>
+       <arg choice='opt'>- </arg>
+       <arg choice='opt'>
+         <arg choice='plain'>
+@@ -36,26 +37,39 @@
+       expect had the user logged in directly.
+     </para>
+     
+-    <para>Additional arguments may be provided after the username, in which
+-      case they are supplied to the user&acute;s login shell. In particular,
+-      an argument of <option>-c</option> will cause the next argument to be
+-      treated as a command by most command interpreters. The command will be
+-      executed by the shell specified in <filename>/etc/passwd</filename>
+-      for the target user.
+-    </para>
+-    
+     <para>The user will be prompted for a password, if appropriate. Invalid
+       passwords will produce an error message. All attempts, both valid and
+       invalid, are logged to detect abuses of the system.
+     </para>
+     
+-    <para>The current environment is passed to the new shell. The value of
+-      <emphasis remap='B'>$PATH</emphasis> is reset to
++    <para>An optional command can be executed. This is done by the shell
++      specified in <filename>/etc/passwd</filename> for the target user
++      unless the <option>-s</option> or <option>-m</option>
++      options are used.  Any arguments supplied after the <emphasis remap='I'>
++      username</emphasis> will be passed to the invoked shell (shell must
++      support the <option>-c</option> command line option in order for a
++      command to be passed to it).
++    </para>
++
++    <para>
++      Unless the <option>-m</option> or <option>-p</option> options are used,
++      the current environment is passed to the new shell with alterations.
++      The value of <emphasis remap='B'>$PATH</emphasis> is reset to
+       <filename>/bin:/usr/bin</filename> for normal users, or
+-      <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the super user. 
++      <filename>/sbin:/bin:/usr/sbin:/usr/bin</filename> for the super user.
+       This may be changed with the <emphasis remap='B'>ENV_PATH</emphasis>
+       and <emphasis remap='B'>ENV_SUPATH</emphasis> definitions in
+       <filename>/etc/login.defs</filename>.
++      <emphasis remap='B'>$IFS</emphasis>, if is set, is reset to contain
++      space, tab, and newline.
++      <emphasis remap='B'>$USER</emphasis> is set to the name of the target
++      user,
++      <emphasis remap='B'>$HOME</emphasis> is set to the home directory of
++      the target user, and
++      <emphasis remap='B'>$SHELL</emphasis> is set to the shell of the target
++      user.
++      When using the <option>-m</option> or <option>-p</option> options,
++      the user's environment is not changed.
+     </para>
+     
+     <para>A subsystem login is indicated by the presence of a "*" as the
+@@ -65,6 +79,70 @@
+     </para>
+   </refsect1>
+   
++  <refsect1 id='options'>
++    <title>OPTIONS</title>
++    <variablelist remap='IP'>
++      <varlistentry>
++        <term>
++          <option>-</option>
++        </term>
++        <listitem>
++          <para>make this a login shell</para>
++        </listitem>
++      </varlistentry>
++      <varlistentry>
++        <term>
++          <option>-c</option>, <option>--command</option>=
++          <replaceable>command</replaceable>
++        </term>
++        <listitem>
++          <para>pass <emphasis remap='I'>command</emphasis> to the invoked
++          shell using its <option>-c</option> option</para>
++        </listitem>
++      </varlistentry>
++      <varlistentry>
++        <term>
++          <option>-m</option>, <option>-p</option>,
++          <option>--preserve-environment</option>
++        </term>
++        <listitem>
++          <para>do not reset environment variables, and keep the same shell
++          </para>
++        </listitem>
++      </varlistentry>
++      <varlistentry>
++        <term>
++          <option>-s</option>, <option>--shell</option>=
++          <replaceable>shell</replaceable>
++        </term>
++        <listitem>
++          <para>use <emphasis remap='I'>shell</emphasis> instead of the
++            default in <filename>/etc/passwd</filename>
++          </para>
++        </listitem>
++      </varlistentry>
++  </refsect1>
++
++  <refsect1 id='notes'>
++    <title>NOTES</title>
++    <para>The <option>-m</option>, <option>-p</option> and <option>-s</option>
++      options are restricted by the target user's shell being listed in
++      <filename>/etc/shells</filename>. If it's not listed, then it's assumed
++      to be a restricted account, a normal su is performed, and those options
++      are ignored silently.
++    </para>
++
++    <para>A subsystem login is indicated by the presence of a "*" as the first
++      character of the login shell. The given home directory will be used as
++      the root of a new filesystem which the user is actually logged into.
++    </para>
++
++    <para>Much of the behavior of this command can be altered via its pam
++      configuration - see <citerefentry><refentrytitle>pam</refentrytitle>
++      <manvolnum>7</manvolnum></citerefentry>.
++    </para>
++  </refsect1>
++
+   <refsect1 id='caveats'>
+     <title>CAVEATS</title>
+     <para>
+@@ -84,6 +162,14 @@
+         <term><filename>/etc/shadow</filename></term>
+         <listitem>secure user account information</listitem>
+       </varlistentry>
++      <varlistentry>
++        <term><filename>/etc/shells</filename></term>
++        <listitem>valid user shells</listitem>
++      </varlistentry>
++      <varlistentry>
++        <term><filename>$HOME/.profile</filename></term>
++        <listitem>initialization script for default shell</listitem>
++      </varlistentry>
+     </variablelist>
+   </refsect1>
+   
+@@ -101,11 +187,17 @@
+       <citerefentry>
+         <refentrytitle>suauth</refentrytitle><manvolnum>5</manvolnum>
+       </citerefentry>
++      <citerefentry>
++        <refentrytitle>shells</refentrytitle><manvolnum>5</manvolnum>
++      </citerefentry>
++      <citerefentry>
++        <refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum>
++      </citerefentry>
+     </para>
+   </refsect1>
+   
+   <refsect1 id='author'>
+     <title>AUTHOR</title>
+-    <para>Julianne Frances Haugh &lt;jockgrrl at ix.netcom.com&gt;</para>
++    <para>Julianne Frances Haugh (jfh at austin.ibm.com)</para>
+   </refsect1>
+ </refentry>


Property changes on: branches/experimental/debian/patches/437_su_add_GNU_options_7
___________________________________________________________________
Name: svn:executable
   + *

More information about the Pkg-shadow-commits mailing list