From bd0204ecb1fb80cdf36af0f57b72e84445c1a088 Mon Sep 17 00:00:00 2001 From: Sol Jerome Date: Tue, 29 Dec 2009 04:19:02 +0000 Subject: doc: Rearrange plugin document structure Signed-off-by: Sol Jerome git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5636 ce84e21b-d406-0410-9b95-82705330c041 --- doc/plugins/generators/account.txt | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 doc/plugins/generators/account.txt (limited to 'doc/plugins/generators/account.txt') diff --git a/doc/plugins/generators/account.txt b/doc/plugins/generators/account.txt new file mode 100644 index 000000000..e07cef8b6 --- /dev/null +++ b/doc/plugins/generators/account.txt @@ -0,0 +1,24 @@ +.. -*- mode: rst -*- + +======= +Account +======= + +The account plugin manages authentication data, including + +* /etc/passwd +* /etc/group +* /etc/security/limits.conf +* /etc/sudoers +* /root/.ssh/authorized_keys + +User access data is stored in three files in the Account directory: + +* superusers (a list of users who always have root privs) +* rootlist (a list of user:host pairs for scoped root privs) +* useraccess (a list of user:host pairs for login access) + +SSH keys are stored in files named $username.key; these are installed into root's authorized keys for users in the superusers list as well as for the pertitent users in the rootlike file (for the current system). + +Authentication data is read in from (static|dyn).(passwd|group) The static ones are for system local ones, while the dyn. versions are for external synchronization (from ldap/nis/etc) +There is also a static.limits.conf that provides the limits.conf header and any static entries. -- cgit v1.2.3-1-g7c22