RSS feed

nss-pam-ldapd commit: r1368 - nss-pam-ldapd/man

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1368 - nss-pam-ldapd/man

Author: arthur
Date: Sat Jan 29 21:19:54 2011
New Revision: 1368

document a proper replacement for pam_check_host_attr (thanks Luca Capello) and 
add a section on quoting


Modified: nss-pam-ldapd/man/nslcd.conf.5.xml
--- nss-pam-ldapd/man/nslcd.conf.5.xml  Sat Jan 29 21:15:56 2011        (r1367)
+++ nss-pam-ldapd/man/nslcd.conf.5.xml  Sat Jan 29 21:19:54 2011        (r1368)
@@ -693,13 +693,13 @@
        For example, to check that the user has a proper 
-       value if the attribute is present (this emulates the
+       value if the attribute is present (this almost emulates the
        <option>pam_check_service_attr</option> option in PADL's pam_ldap):
        The <option>pam_check_host_attr</option> option can be emulated with:
        The default behaviour is not to do this extra search and always
@@ -776,10 +776,7 @@
   <title>Attribute mapping expressions</title>
    For some attributes a mapping expression may be used to construct the
-   resulting value. This is currently only possible for attributes that do
-   not need to be used in search filters.
-  </para>
-  <para>
+   resulting value.
    The expressions are a subset of the double quoted string expressions in the
    Bourne (POSIX) shell.
    Instead of variable substitution, attribute lookups are done on the current
@@ -809,6 +806,11 @@
+   Quote (<literal>"</literal>), dollar (<literal>$</literal>) or
+   backslash (<literal>\</literal>) characters should be escaped with a
+   backslash (<literal>\</literal>).
+  </para>
+  <para>
    The <command>nslcd</command> daemon checks the expressions to figure
    out which attributes to fetch from <acronym>LDAP</acronym>.
    Some examples to demonstrate how these expressions may be used in
To unsubscribe send an email to or see