commit ffc0cca3e0d027dca160162a9711dfba04a8e867 Author: Jaromir Hradilek jhradile@redhat.com Date: Fri Jun 11 12:29:04 2010 +0200
Removed all index terms temporarily.
Since I am going to rewrite the most of the chapter, it would be better to start the indexing from scratch.
en-US/Console_Access.xml | 65 ---------------------------------------------- 1 files changed, 0 insertions(+), 65 deletions(-) --- diff --git a/en-US/Console_Access.xml b/en-US/Console_Access.xml index e713065..ae354e0 100644 --- a/en-US/Console_Access.xml +++ b/en-US/Console_Access.xml @@ -4,16 +4,6 @@ <chapter id="ch-Console_Access"> <title>Console Access</title> - <indexterm - significance="normal"> - <primary>console access</primary> - <secondary>configuring</secondary> - </indexterm> - <indexterm - significance="normal"> - <primary>configuration</primary> - <secondary>console access</secondary> - </indexterm> <para>When normal (non-root) users log into a computer locally, they are given two types of special permissions:</para> <orderedlist continuation="restarts" @@ -34,26 +24,6 @@ <keycap>Del</keycap> </keycombo> </title> - <indexterm - significance="normal"> - <primary> - <keycombo> - <keycap>Ctrl</keycap> - <keycap>Alt</keycap> - <keycap>Del</keycap> - </keycombo> - </primary> - <secondary>shutdown, disabling</secondary> - </indexterm> - <indexterm - significance="normal"> - <primary>shutdown</primary> - <secondary>disabling<keycombo><keycap>Ctrl</keycap> - <keycap>Alt</keycap> - <keycap>Del</keycap> - </keycombo> - </secondary> - </indexterm> <para>By default, <filename>/etc/inittab</filename> specifies that your system is set to shutdown and reboot in response to a <keycombo><keycap>Ctrl</keycap> <keycap>Alt</keycap> <keycap>Del</keycap> @@ -88,11 +58,6 @@ <section id="s1-access-console-program"> <title>Disabling Console Program Access</title> - <indexterm - significance="normal"> - <primary>console access</primary> - <secondary>disabling</secondary> - </indexterm> <para>To disable access by users to console programs, run the following command as root:</para> <screen> <command>rm -f /etc/security/console.apps/*</command> @@ -111,11 +76,6 @@ <section id="s1-access-console-define"> <title>Defining the Console</title> - <indexterm - significance="normal"> - <primary>console access</primary> - <secondary>defining</secondary> - </indexterm> <para>The <filename>pam_console.so</filename> module uses the <filename>/etc/security/console.perms</filename> file to determine the permissions for users at the system console. The syntax of the file is very flexible; you can edit the file so that these instructions no longer apply. However, the default file has a line that looks like this:</para> <screen> <command><console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9].[0-9] :[0-9]</command> @@ -128,11 +88,6 @@ <section id="s1-access-console-files"> <title>Making Files Accessible From the Console</title> - <indexterm - significance="normal"> - <primary>console</primary> - <secondary>making files accessible from</secondary> - </indexterm> <!--TBD6: /etc/security/console.perms.d/* are obsolete directories for Fedora 12--> <para>The default settings for individual device classes and permission definitions are defined in <filename>/etc/security/console.perms.d/50-default.perms</filename>. To edit file and device permissions, it is advisable to create a new default file in <filename>/etc/security/console.perms.d/</filename> containing your preferred settings for a specified set of files or devices. The name of the new default file must begin with a number higher than 50 (for example, <filename>51-default.perms</filename>) in order to override <filename>50-default.perms</filename>.</para> <para>To do this, create a new file named <filename>51-default.perms</filename> in <filename>/etc/security/console.perms.d/</filename>:</para> @@ -161,11 +116,6 @@ <section id="s1-access-console-enable"> <title>Enabling Console Access for Other Applications</title> - <indexterm - significance="normal"> - <primary>console access</primary> - <secondary>enabling</secondary> - </indexterm> <para>To make other applications accessible to console users, a bit more work is required.</para> <para>First of all, console access <emphasis>only</emphasis> works for applications which reside in <filename>/sbin/</filename> or <filename>/usr/sbin/</filename>, so the application that you wish to run must be there. After verifying that, perform the following steps:</para> <orderedlist @@ -195,12 +145,6 @@ </filename> is a copy of <filename>/etc/pam.d/halt</filename> (otherwise, it does precisely what is specified in <filename>/etc/pam.d/<replaceable>foo</replaceable> </filename>) and then runs <filename>/usr/sbin/<replaceable>foo</replaceable> </filename> with root permissions.</para> - <indexterm - significance="normal"> - <primary> - <filename>pam_timestamp</filename> - </primary> - </indexterm> <para>In the PAM configuration file, an application can be configured to use the <firstterm>pam_timestamp</firstterm> module to remember (or cache) a successful authentication attempt. When an application is started and proper authentication is provided (the root password), a timestamp file is created. By default, a successful authentication is cached for five minutes. During this time, any other application that is configured to use <filename>pam_timestamp</filename> and run from the same session is automatically authenticated for the user — the user does not have to enter the root password again.</para> <para>This module is included in the <filename>pam</filename> package. To enable this feature, add the following lines to your PAM configuration file in <filename>etc/pam.d/</filename>:</para> <!-- RHEL5: ddomingo@redhat.com: above replaces below, less awkwardness @@ -230,15 +174,6 @@ <section id="s1-access-floppy"> <title>The <filename>floppy</filename> Group</title> - <indexterm - significance="normal"> - <primary>groups</primary> - <secondary>floppy, use of</secondary> - </indexterm> - <indexterm - significance="normal"> - <primary>floppy group, use of</primary> - </indexterm> <para>If, for whatever reason, console access is not appropriate for you and your non-root users require access to your system's diskette drive, this can be done using the <filename>floppy</filename> group. Add the user(s) to the <filename>floppy</filename> group using the tool of your choice. For example, the <command>gpasswd</command> command can be used to add user <command>fred</command> to the <filename>floppy</filename> group:</para> <screen> <command>gpasswd -a fred floppy</command>
docs-commits@lists.fedoraproject.org