From d9f3c878994fd284b18b83a04a12fc575dd11032 Mon Sep 17 00:00:00 2001
From: Badlop <badlop@process-one.net>
Date: Thu, 24 Jul 2008 18:21:40 +0000
Subject: [PATCH] * doc/guide.tex: Include example PAM configuration file
 ejabberd.pam (thanks to Evgeniy Khramtsov)(EJAB-704) * doc/guide.html:
 Likewise

SVN Revision: 1489
---
 ChangeLog      |  4 ++++
 doc/guide.html |  8 ++++++--
 doc/guide.tex  | 10 ++++++++--
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ad02d16ee..4a6bf0371 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,9 @@
 2008-07-24  Badlop  <badlop@process-one.net>
 
+	* doc/guide.tex: Include example PAM configuration file
+	ejabberd.pam (thanks to Evgeniy Khramtsov)(EJAB-704)
+	* doc/guide.html: Likewise
+
 	* src/mod_proxy65/mod_proxy65_lib.erl: Send protocol compliant
 	SOCKS5 reply; this breaks support of uncompliant Psi<0.10 (thanks
 	to Felix Geyer)(EJAB-632)
diff --git a/doc/guide.html b/doc/guide.html
index 3dc534742..735efca64 100644
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -959,8 +959,12 @@ version, you can <TT>kill(1)</TT> <TT>epam</TT> process periodically to reduce i
 consumption: <TT>ejabberd</TT> will restart this process immediately.
 </LI><LI CLASS="li-itemize"><TT>epam</TT> program tries to turn off delays on authentication failures.
 However, some PAM modules ignore this behavior and rely on their own configuration options.
-The example configuration file <TT>ejabberd.pam</TT> shows how to turn off delays in
-<TT>pam_unix.so</TT> module. It is not a ready to use configuration file: you must use it
+You can create a configuration file <TT>ejabberd.pam</TT>.
+This example shows how to turn off delays in <TT>pam_unix.so</TT> module:
+<PRE CLASS="verbatim">#%PAM-1.0
+auth        sufficient  pam_unix.so likeauth nullok nodelay
+account     sufficient  pam_unix.so
+</PRE>That is not a ready to use configuration file: you must use it
 as a hint when building your own PAM configuration instead. Note that if you want to disable
 delays on authentication failures in the PAM configuration file, you have to restrict access
 to this file, so a malicious user can&#X2019;t use your configuration to perform brute-force
diff --git a/doc/guide.tex b/doc/guide.tex
index 2432e7aff..e1b00877a 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -1140,8 +1140,14 @@ version, you can \term{kill(1)} \term{epam} process periodically to reduce its m
 consumption: \ejabberd{} will restart this process immediately.
 \item \term{epam} program tries to turn off delays on authentication failures.
 However, some PAM modules ignore this behavior and rely on their own configuration options.
-The example configuration file \term{ejabberd.pam} shows how to turn off delays in
-\term{pam\_unix.so} module. It is not a ready to use configuration file: you must use it
+You can create a configuration file \term{ejabberd.pam}.
+This example shows how to turn off delays in \term{pam\_unix.so} module:
+\begin{verbatim}
+#%PAM-1.0
+auth        sufficient  pam_unix.so likeauth nullok nodelay
+account     sufficient  pam_unix.so
+\end{verbatim}
+That is not a ready to use configuration file: you must use it
 as a hint when building your own PAM configuration instead. Note that if you want to disable
 delays on authentication failures in the PAM configuration file, you have to restrict access
 to this file, so a malicious user can't use your configuration to perform brute-force