when diffing the latest small change i noticed that
secstored's manual page needed more work to
format properly and keep to man page conventions

Reference: /n/sources/patch/applied/secstoreman
Date: Thu Jan  6 14:05:00 CET 2005

--- /sys/man/8/secstore	Thu Jan  6 14:05:00 2005
+++ /sys/man/8/secstore	Thu Jan  6 14:05:00 2005
@@ -4,30 +4,57 @@
 .SH SYNOPSIS
 .br
 .B auth/secstored
-[-R]
-[-S servername]
-[-s tcp!*!5356]
-[-x mountpoint]
-.br
-.B auth/secuser
-[-v]
-username
-.br
+.RB [ -R ]
+[
+.BI -S " servername"
+] [
+.BI -s " address"
+] [
+.BI -x " network"
+] [
+.B -v
+]
 .PP
+.B auth/secuser
+[
+.B -v
+]
+.I username
 .SH DESCRIPTION
-.PP
 .I Secstored
 serves requests from
 .IR secstore (1).
+By default it listens on port
+.BR tcp!*!5356 ;
+the
+.B -s
+option specifies an alternative
+.IR address .
+In the connection protocol,
+.I secstored
+describes itself as service
+.BR secstore ,
+but the
+.B -S
+option can specify a different
+.IR servername .
 The
 .B -R
 option supplements the password check with a
 call to a RADIUS server, for checking hardware
 tokens or other validation.
 The
-.BR -x mountpoint
-option specifies an alternative to the default network
+.B -x
+option specifies an alternative
+.I network
+to the default
 .BR /net .
+By default,
+.I secstored
+puts itself into the background;
+the
+.B -v
+option enables a verbose debugging mode that suppresses that.
 .PP
 .I Secuser
 is an administrative command that runs on the
@@ -36,11 +63,17 @@
 to change status on existing accounts.
 It prompts for account information such as
 password and expiration date, writing to
-.BR /adm/secstore/who/$uid .
-The
+.BI /adm/secstore/who/ user
+for a given secstore
+.IR user .
+The directory
 .B /adm/secstore
-directory should be created mode 770 for the userid
-or groupid of the secstored process.
+should be created mode 770 with owner or group allowing access to the user
+that runs
+.IR secstored .
+The
+.B -v
+option makes the command chattier.
 .PP
 By default,
 .I secstored
@@ -50,17 +83,24 @@
 to create an account
 .BR FICTITIOUS .
 .SH FILES
-.B /adm/secstore/who/$uid
-secstore account name, expiration date, verifier
-.br
-.B /adm/secstore/store/$uid/
-users' files
-.br
+.TF /adm/secstore/store/user/
+.TP
+.BI /adm/secstore/who/ user
+.I secstore
+account name, expiration date, verifier
+.TP
+.BI /adm/secstore/store/ user /
+.I user 's
+file storage
+.TP
 .B /lib/ndb/auth
 for mapping local userid to RADIUS userid
-.br
+.TP
 .B /sys/log/secstore
-log file (secstored logs to /dev/cons if it does not exist)
+log file (if it does not exist,
+.I secstored
+logs to
+.BR /dev/cons )
 .SH SOURCE
 .B /sys/src/cmd/auth/secstore
 .SH SEE ALSO