summaryrefslogtreecommitdiffstats
path: root/doc/plugins/generators/account.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/plugins/generators/account.txt')
-rw-r--r--doc/plugins/generators/account.txt24
1 files changed, 24 insertions, 0 deletions
diff --git a/doc/plugins/generators/account.txt b/doc/plugins/generators/account.txt
new file mode 100644
index 000000000..e07cef8b6
--- /dev/null
+++ b/doc/plugins/generators/account.txt
@@ -0,0 +1,24 @@
+.. -*- mode: rst -*-
+
+=======
+Account
+=======
+
+The account plugin manages authentication data, including
+
+* /etc/passwd
+* /etc/group
+* /etc/security/limits.conf
+* /etc/sudoers
+* /root/.ssh/authorized_keys
+
+User access data is stored in three files in the Account directory:
+
+* superusers (a list of users who always have root privs)
+* rootlist (a list of user:host pairs for scoped root privs)
+* useraccess (a list of user:host pairs for login access)
+
+SSH keys are stored in files named $username.key; these are installed into root's authorized keys for users in the superusers list as well as for the pertitent users in the rootlike file (for the current system).
+
+Authentication data is read in from (static|dyn).(passwd|group) The static ones are for system local ones, while the dyn. versions are for external synchronization (from ldap/nis/etc)
+There is also a static.limits.conf that provides the limits.conf header and any static entries.