From das@HAL9000.homeunix.com  Wed Feb  5 07:28:52 2003
Return-Path: <das@HAL9000.homeunix.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DF34737B401
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  5 Feb 2003 07:28:52 -0800 (PST)
Received: from HAL9000.homeunix.com (12-233-57-224.client.attbi.com [12.233.57.224])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3DBD843F79
	for <FreeBSD-gnats-submit@freebsd.org>; Wed,  5 Feb 2003 07:28:52 -0800 (PST)
	(envelope-from das@HAL9000.homeunix.com)
Received: from HAL9000.homeunix.com (localhost [127.0.0.1])
	by HAL9000.homeunix.com (8.12.6/8.12.5) with ESMTP id h15FSpo0000929
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 5 Feb 2003 07:28:51 -0800 (PST)
	(envelope-from das@HAL9000.homeunix.com)
Received: (from das@localhost)
	by HAL9000.homeunix.com (8.12.6/8.12.5/Submit) id h15FSpdI000928;
	Wed, 5 Feb 2003 07:28:51 -0800 (PST)
	(envelope-from das)
Message-Id: <200302051528.h15FSpdI000928@HAL9000.homeunix.com>
Date: Wed, 5 Feb 2003 07:28:51 -0800 (PST)
From: David Schultz <dschultz@uclink.Berkeley.EDU>
To: FreeBSD-gnats-submit@freebsd.org
Subject: Update login.conf(5) to match reality
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         47960
>Category:       docs
>Synopsis:       Update login.conf(5) to match reality
>Confidential:   yes
>Severity:       non-critical
>Priority:       low
>Responsible:    das
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Feb 05 07:30:11 PST 2003
>Closed-Date:    Sun Mar 02 21:10:41 PST 2003
>Last-Modified:  Sun Mar 02 21:10:41 PST 2003
>Originator:     David Schultz
>Release:        
>Organization:
>Environment:
>Description:
The login.conf(5) manpage contains outdated information about what
capabilities are actually supported.  The included patch removes the
now-unsupported minpasswordlen and minpasswordcase options, and
provides a reference to the PAM module that has replaced them.  The
patch also adds a note that many of the accounting facilities mentioned
are not implemented in FreeBSD, though at least one of them is supported
by third-party software in ports.  In the long run, some of the options
should eventually be removed from the manpage altogether.

>How-To-Repeat:
>Fix:

Index: login.conf.5
===================================================================
RCS file: /home/ncvs/src/lib/libutil/login.conf.5,v
retrieving revision 1.44
diff -u -r1.44 login.conf.5
--- login.conf.5	2002/11/22 22:22:10	1.44
+++ login.conf.5	2003/02/05 15:22:47
@@ -205,7 +205,7 @@
 .It "welcome	file	/etc/motd	File containing welcome message.
 .El
 .Sh AUTHENTICATION
-.Bl -column minpasswordlen indent indent
+.Bl -column passwd_prompt indent indent
 .It Sy "Name	Type	Notes	Description
 .\" .It "approve	program 	Program to approve login.
 .It "copyright	file		File containing additional copyright information
@@ -215,11 +215,6 @@
 in the class may not access.
 .It "login_prompt	string		The login prompt given by
 .Xr login 1
-.It "minpasswordlen	number	6	The minimum length a local password
-may be.
-.It "mixpasswordcase	bool	true	Whether
-.Xr passwd 1
-will warn the user if an all lower case password is entered.
 .It "passwd_format	string	md5	The encryption format that new or
 changed passwords will use.
 Valid values include "des", "md5" and "blf".
@@ -324,6 +319,17 @@
 devices in the group.
 If both lists are given and are non-empty, the user is restricted to those
 devices allowed by ttys.allow that are not available by ttys.deny.
+.Pp
+The
+.Em minpasswordlen
+and
+.Em minpasswordcase
+facilities for enforcing restrictions on password quality, which used
+to be supported by
+.Nm ,
+have been superseded by the
+.Xr pam_passwdqc 8
+PAM module.
 .Sh ACCOUNTING LIMITS
 .Bl -column host.accounted indent indent
 .It Sy "Name	Type	Notes	Description
@@ -361,7 +367,15 @@
 .El
 .Pp
 These fields are used by the time accounting system, which regulates,
-controls and records user login access.
+controls and records user login access.  Of these options, only
+.Em warnexpire
+and
+.Em warnpassword
+are implemented in the base system.  The
+.Em idletime
+capability is supported by
+.Xr blimitd 8
+in the ports collection.
 .Pp
 The
 .Em ttys.accounted
@@ -385,5 +399,8 @@
 .Xr getttyent 3 ,
 .Xr login_cap 3 ,
 .Xr login_class 3 ,
+.Xr pam 3 ,
 .Xr passwd 5 ,
-.Xr ttys 5
+.Xr ttys 5 ,
+.Xr blimitd ,
+.Xr pam_passwdqc 8
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-doc->das 
Responsible-Changed-By: das 
Responsible-Changed-When: Mon Feb 24 01:23:40 PST 2003 
Responsible-Changed-Why:  
Over to me.  I can deal with my own PRs now. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=47960 
State-Changed-From-To: open->closed 
State-Changed-By: das 
State-Changed-When: Sun Mar 2 21:10:14 PST 2003 
State-Changed-Why:  
A variant of this patch has been committed.  Thanks, self! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=47960 
>Unformatted:
