1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
=== modified file 'Makefile'
--- Makefile 2008-04-20 07:33:57 +0000
+++ Makefile 2008-04-20 08:42:49 +0000
@@ -105,7 +105,7 @@
@sed -e 's?@NESSUSD_CONFDIR@?${NESSUSD_CONFDIR}?g;s?@NESSUSD_DATADIR@?${NESSUSD_DATADIR}?g;s?@NESSUSD_PLUGINS@?${NESSUSD_PLUGINS}?g;' $(MAN_NESSUS_1).in >$(MAN_NESSUS_1)
$(MAN_NESSUSD_8) : $(MAN_NESSUSD_8).in
- @sed -e 's?@NESSUSD_CONFDIR@?${NESSUSD_CONFDIR}?g;s?@NESSUSD_DATADIR@?${NESSUSD_DATADIR}?g;s?@NESSUSD_PLUGINS@?${NESSUSD_PLUGINS}?g;' $(MAN_NESSUSD_8).in >$(MAN_NESSUSD_8)
+ @sed -e 's?@NESSUSD_CONFDIR@?${NESSUSD_CONFDIR}?g;s?@NESSUSD_DATADIR@?${NESSUSD_DATADIR}?g;s?@NESSUSD_PLUGINS@?${NESSUSD_PLUGINS}?g;s?@NESSUSD_STATEDIR@?${NESSUSD_STATEDIR}?g;' $(MAN_NESSUSD_8).in >$(MAN_NESSUSD_8)
clean:
=== modified file 'doc/nessusd.8.in'
--- doc/nessusd.8.in 2008-04-20 07:33:57 +0000
+++ doc/nessusd.8.in 2008-04-20 07:34:14 +0000
@@ -170,7 +170,7 @@
.SH USERS MANAGEMENT
The utility nessus-adduser(8) creates new nessusd users. Each nessusd user
-is attributed a "home", in @NESSUS_STATEDIR@/users/<username>. This home contains the following directories :
+is attributed a "home", in @NESSUSD_STATEDIR@/users/<username>. This home contains the following directories :
.IP auth/
This directory contains the authentification information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text.
@@ -193,7 +193,7 @@
When a user attempts to log in, nessusd first checks that the directory
-@NESSUS_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
+@NESSUSD_STATEDIR@/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then nessusd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
To remove a given user, use the command nessus-rmuser(8).
|