[deployment-guide/comm-rel: 133/727] Updated the /etc/sysconfig/authconfig section.
Jaromir Hradilek
jhradile at fedoraproject.org
Tue Oct 19 12:35:24 UTC 2010
commit 41be0d61aaa184be3ecd72cdde9e17c31b6dce43
Author: Jaromir Hradilek <jhradile at redhat.com>
Date: Fri Jul 23 15:36:28 2010 +0200
Updated the /etc/sysconfig/authconfig section.
en-US/The_sysconfig_Directory.xml | 281 +++++++++++++++++++++++++-----------
1 files changed, 195 insertions(+), 86 deletions(-)
---
diff --git a/en-US/The_sysconfig_Directory.xml b/en-US/The_sysconfig_Directory.xml
index 953a59e..2cbf17b 100644
--- a/en-US/The_sysconfig_Directory.xml
+++ b/en-US/The_sysconfig_Directory.xml
@@ -60,93 +60,202 @@
<secondary><filename>/etc/sysconfig/authconfig</filename></secondary>
</indexterm>
<para>
- The <filename>/etc/sysconfig/authconfig</filename> file sets the authorization to be used on the host. It contains one or more of the following lines:
+ The <filename>/etc/sysconfig/authconfig</filename> file sets the authorization to be used on the host. By default, it contains the following options:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term><option>USEMKHOMEDIR=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) creating a home directory for a user on the first login. For example:
+ </para>
+ <screen>USEMKHOMEDIR=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEPAMACCESS=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the PAM authentication. For example:
+ </para>
+ <screen>USEPAMACCESS=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESSSDAUTH=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the SSSD authentication. For example:
+ </para>
+ <screen>USESSSDAUTH=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESHADOW=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) shadow passwords. For example:
+ </para>
+ <screen>USESHADOW=yes</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEWINBIND=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using Winbind for user account configuration. For example:
+ </para>
+ <screen>USEWINBIND=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEDB=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the FAS authentication. For example:
+ </para>
+ <screen>USEDB=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEFPRINTD=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the fingerprint authentication. For example:
+ </para>
+ <screen>USEFPRINTD=yes</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>FORCESMARTCARD=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) enforcing the smart card authentication. For example:
+ </para>
+ <screen>FORCESMARTCARD=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>PASSWDALGORITHM=<replaceable>value</replaceable></option></term>
+ <listitem>
+ <para>
+ The password algorithm. The <replaceable>value</replaceable> can be <option>bigcrypt</option>, <option>descrypt</option>, <option>md5</option>, <option>sha256</option>, or <option>sha512</option>. For example:
+ </para>
+ <screen>PASSWDALGORITHM=sha512</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USELDAPAUTH=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the LDAP authentication. For example:
+ </para>
+ <screen>USELDAPAUTH=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USELOCAUTHORIZE=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the local authorization for local users. For example:
+ </para>
+ <screen>USELOCAUTHORIZE=yes</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USECRACKLIB=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using the CrackLib. For example:
+ </para>
+ <screen>USECRACKLIB=yes</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEWINBINDAUTH=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the Winbind authentication. For example:
+ </para>
+ <screen>USEWINBINDAUTH=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESMARTCARD=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the smart card authentication. For example:
+ </para>
+ <screen>USESMARTCARD=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USELDAP=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using LDAP for user account configuration. For example:
+ </para>
+ <screen>USELDAP=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USENIS=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using NIS for user account configuration. For example:
+ </para>
+ <screen>USENIS=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEKERBEROS=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the Kerberos authentication. For example:
+ </para>
+ <screen>USEKERBEROS=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESYSNETAUTH=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) authenticating system accounts with network services. For example:
+ </para>
+ <screen>USESYSNETAUTH=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESMBAUTH=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) the SMB aithentication. For example:
+ </para>
+ <screen>USESMBAUTH=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USESSSD=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using SSSD for obtaining user information. For example:
+ </para>
+ <screen>USESSSD=no</screen>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>USEHESIOD=<replaceable>boolean</replaceable></option></term>
+ <listitem>
+ <para>
+ A boolean to enable (<option>yes</option>) or disable (<option>no</option>) using the Hesoid name service. For example:
+ </para>
+ <screen>USEHESIOD=no</screen>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ Refer to <xref linkend="ch-Authentication_Configuration" /> for more information on this topic.
</para>
- <itemizedlist>
- <listitem>
- <para>
- <command>PASSWORDALGORITHM=<replaceable><value></replaceable></command>, where <command><replaceable><value></replaceable></command> is one of the following:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <command>descrypt</command> — DESCRYPT is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>bigcrypt</command> — BIGCRYPT is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>md5</command> — MD5 is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>sha256</command> — SHA256 is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>sha512</command> — SHA512 is used for authentication.
- </para>
- </listitem>
- </itemizedlist>
- </listitem>
- <listitem>
- <para>
- <command>USEKERBEROS=<replaceable><value></replaceable></command>, where <command><replaceable><value></replaceable></command> is one of the following:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <command>yes</command> — Kerberos is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>no</command> — Kerberos is not used for authentication.
- </para>
- </listitem>
- </itemizedlist>
- </listitem>
- <listitem>
- <para>
- <command>USELDAPAUTH=<replaceable><value></replaceable></command>, where <command><replaceable><value></replaceable></command> is one of the following:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <command>yes</command> — LDAP is used for authentication.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>no</command> — LDAP is not used for authentication.
- </para>
- </listitem>
- </itemizedlist>
- </listitem>
- <listitem>
- <para>
- <command>FORCELEGACY=<replaceable><value></replaceable></command>, where <command><replaceable><value></replaceable></command> is one of the following:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <command>yes</command> — The implicit use of SSSD by the <application>Authentication Configuration Tool</application> is disabled.
- </para>
- </listitem>
- <listitem>
- <para>
- <command>no</command> — The implicit use of SSSD by the <application>Authentication Configuration Tool</application> is enabled.
- </para>
- </listitem>
- </itemizedlist>
- </listitem>
- </itemizedlist>
</section>
<section id="s2-sysconfig-autofs">
<title><filename>/etc/sysconfig/autofs</filename></title>
More information about the docs-commits
mailing list