man: explain why pam_systemd_home wants to be in all four stacks

author Lennart Poettering <lennart@poettering.net>

Mon, 11 Jul 2022 13:12:24 +0000 (15:12 +0200)

committer Luca Boccassi <luca.boccassi@gmail.com>

Mon, 11 Jul 2022 20:03:58 +0000 (21:03 +0100)
author Lennart Poettering <lennart@poettering.net>
Mon, 11 Jul 2022 13:12:24 +0000 (15:12 +0200)
committer Luca Boccassi <luca.boccassi@gmail.com>
Mon, 11 Jul 2022 20:03:58 +0000 (21:03 +0100)
diff --git a/man/pam_systemd_home.xml b/man/pam_systemd_home.xml

index 906d1c151695b84ac6f8f8d036bbb036a00668ee..93153b57aa0627b86892ad02cc80a724eaec1dfa 100644 (file)
--- a/man/pam_systemd_home.xml
+++ b/man/pam_systemd_home.xml
@@ -93,8 +93,13 @@
    <refsect1>
      <title>Module Types Provided</title>
  
-    <para>The module provides all four management operations: <option>auth</option>, <option>account</option>,
-    <option>session</option>, <option>password</option>.</para>
+    <para>The module implements all four PAM operations: <option>auth</option> (reason: when per-user
+    disk encryption is used, the disk encryption key is derived from the authentication credential supplied
+    at login time), <option>account</option> (reason: <filename>systemd-homed.service</filename> account
+    validity may be configured in more detail than in the traditional Linux user database, and thus needs to
+    be verified separately), <option>session</option> (user sessions must be tracked, in order to implement
+    automatic release when the last session of a managed user is gone), <option>password</option> (user
+    passwords may be changed through PAM).</para>
    </refsect1>
  
    <refsect1>
author	Lennart Poettering <lennart@poettering.net>
	Mon, 11 Jul 2022 13:12:24 +0000 (15:12 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 11 Jul 2022 20:03:58 +0000 (21:03 +0100)