diff --git a/modules/pam_pwhistory/Makefile.am b/modules/pam_pwhistory/Makefile.am
index 8a4dbcb2..c29a8e11 100644
--- a/modules/pam_pwhistory/Makefile.am
+++ b/modules/pam_pwhistory/Makefile.am
@@ -9,9 +9,10 @@ MAINTAINERCLEANFILES = $(MANS) README
EXTRA_DIST = $(XMLS)
if HAVE_DOC
-dist_man_MANS = pam_pwhistory.8 pwhistory_helper.8
+dist_man_MANS = pam_pwhistory.8 pwhistory_helper.8 pwhistory.conf.5
endif
-XMLS = README.xml pam_pwhistory.8.xml pwhistory_helper.8.xml
+XMLS = README.xml pam_pwhistory.8.xml pwhistory_helper.8.xml \
+ pwhistory.conf.5.xml
dist_check_SCRIPTS = tst-pam_pwhistory
TESTS = $(dist_check_SCRIPTS)
diff --git a/modules/pam_pwhistory/pam_pwhistory.8.xml b/modules/pam_pwhistory/pam_pwhistory.8.xml
index d88115c2..2a8fa7f6 100644
--- a/modules/pam_pwhistory/pam_pwhistory.8.xml
+++ b/modules/pam_pwhistory/pam_pwhistory.8.xml
@@ -36,6 +36,12 @@
authtok_type=STRING
+
+ file=/path/filename
+
+
+ conf=/path/to/config-file
+
@@ -104,7 +110,7 @@
The last N passwords for each
- user are saved in /etc/security/opasswd.
+ user are saved.
The default is 10. Value of
0 makes the module to keep the existing
contents of the opasswd file unchanged.
@@ -137,7 +143,39 @@
+
+
+
+
+
+
+ Store password history in file /path/filename
+ rather than the default location. The default location is
+ /etc/security/opasswd.
+
+
+
+
+
+
+
+
+
+
+ Use another configuration file instead of the default
+ /etc/security/pwhistory.conf.
+
+
+
+
+
+ The options for configuring the module behavior are described in the
+ pwhistory.conf
+ 5 manual page. The options
+ specified on the module command line override the values from the
+ configuration file.
+
@@ -213,7 +251,7 @@ password required pam_unix.so use_authtok
/etc/security/opasswd
- File with password history
+ Default file with password history
@@ -222,6 +260,9 @@ password required pam_unix.so use_authtok
SEE ALSO
+
+ pwhistory.conf5
+ ,
pam.conf5,
diff --git a/modules/pam_pwhistory/pwhistory.conf.5.xml b/modules/pam_pwhistory/pwhistory.conf.5.xml
new file mode 100644
index 00000000..bac5ffed
--- /dev/null
+++ b/modules/pam_pwhistory/pwhistory.conf.5.xml
@@ -0,0 +1,155 @@
+
+
+
+
+
+
+ pwhistory.conf
+ 5
+ Linux-PAM Manual
+
+
+
+ pwhistory.conf
+ pam_pwhistory configuration file
+
+
+
+
+ DESCRIPTION
+
+ pwhistory.conf provides a way to configure the
+ default settings for saving the last passwords for each user.
+ This file is read by the pam_pwhistory module and is the
+ preferred method over configuring pam_pwhistory directly.
+
+
+ The file has a very simple name = value format with possible comments
+ starting with # character. The whitespace at the beginning of line, end
+ of line, and around the = sign is ignored.
+
+
+
+
+
+ OPTIONS
+
+
+
+
+
+
+
+ Turns on debugging via
+
+ syslog3
+ .
+
+
+
+
+
+
+
+
+
+ If this option is set, the check is enforced for root, too.
+
+
+
+
+
+
+
+
+
+ The last N passwords for each
+ user are saved.
+ The default is 10. Value of
+ 0 makes the module to keep the existing
+ contents of the opasswd file unchanged.
+
+
+
+
+
+
+
+
+
+ Prompt user at most N times
+ before returning with error. The default is 1.
+
+
+
+
+
+
+
+
+
+ Store password history in file
+ /path/filename rather than the default
+ location. The default location is
+ /etc/security/opasswd.
+
+
+
+
+
+
+
+ EXAMPLES
+
+ /etc/security/pwhistory.conf file example:
+
+
+debug
+remember=5
+file=/tmp/opasswd
+
+
+
+
+ FILES
+
+
+ /etc/security/pwhistory.conf
+
+ the config file for custom options
+
+
+
+
+
+
+ SEE ALSO
+
+
+ pwhistory8
+ ,
+
+ pam_pwhistory8
+ ,
+
+ pam.conf5
+ ,
+
+ pam.d5
+ ,
+
+ pam8
+
+
+
+
+
+ AUTHOR
+
+ pam_pwhistory was written by Thorsten Kukuk. The support for
+ pwhistory.conf was written by Iker Pedrosa.
+
+
+
+