From vangyzen@stat.duke.edu  Thu Oct  9 06:58:29 2003
Return-Path: <vangyzen@stat.duke.edu>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AF3D116A4B3
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  9 Oct 2003 06:58:29 -0700 (PDT)
Received: from which.isds.duke.edu (which.isds.duke.edu [152.3.22.3])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7F1C443FD7
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  9 Oct 2003 06:58:26 -0700 (PDT)
	(envelope-from vangyzen@stat.duke.edu)
Received: from stat.duke.edu (sinatra.isds.duke.edu [152.3.22.120])
	by which.isds.duke.edu (Postfix) with ESMTP id C4CB2C3857
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  9 Oct 2003 09:58:25 -0400 (EDT)
Received: (from vangyzen@localhost)
	by stat.duke.edu (8.12.9p1/8.12.9/Submit) id h99DwP3H029668;
	Thu, 9 Oct 2003 09:58:25 -0400 (EDT)
	(envelope-from vangyzen)
Message-Id: <200310091358.h99DwP3H029668@stat.duke.edu>
Date: Thu, 9 Oct 2003 09:58:25 -0400 (EDT)
From: Eric van Gyzen <vangyzen@stat.duke.edu>
Reply-To: Eric van Gyzen <vangyzen@stat.duke.edu>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: pam_self(8) man page is wrong
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         57799
>Category:       docs
>Synopsis:       pam_self(8) man page is wrong
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    kensmith
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Oct 09 07:00:36 PDT 2003
>Closed-Date:    Fri Oct 17 10:05:16 PDT 2003
>Last-Modified:  Fri Oct 17 10:05:16 PDT 2003
>Originator:     Eric van Gyzen
>Release:        FreeBSD 5.1-RELEASE i386
>Organization:
>Environment:
FreeBSD 5.1-RELEASE

>Description:
The pam_self(8) man page says
    If the current real user ID is non-zero, authentication will fail,
    unless the allow_root option was specified.
but the code -- and my intuition -- says
    if (uid == 0 && !openpam_get_option(pamh, OPT_ALLOW_ROOT))
        return (PAM_AUTH_ERR);

>How-To-Repeat:
N/A

>Fix:
If I correctly understand the intended usage of the pam_self(8) module,
the man page should be corrected to say
    If the current real user ID is zero, authentication will fail,
                                   ^^^^
    unless the allow_root option was specified.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-doc->kensmith 
Responsible-Changed-By: kensmith 
Responsible-Changed-When: Mon Oct 13 18:57:23 PDT 2003 
Responsible-Changed-Why:  

I'll try this one. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=57799 
State-Changed-From-To: open->closed 
State-Changed-By: kensmith 
State-Changed-When: Fri Oct 17 10:04:14 PDT 2003 
State-Changed-Why:  

The manual page has been updated in -current. 
Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=57799 
>Unformatted:
