FreeBSD-src - Raptor Engineering's fork of pfsense FreeBSD src with pfSense changes

	Commit message (Collapse)	Author	Age	Files	Lines
*	Forgot to commit this change along with r219563: pam_group(8) now issues	des	2011-03-15	1	-1/+1
\| \| \| \| \| \| \|	a warning if neither luser nor ruser is specified. The correct option for su(1) is ruser. MFC after: 1 month
*	Don't do session management in su.	des	2003-07-09	1	-1/+1
\| \| \| \| \|	PR: misc/53293 Submitted by: ru
*	Add a system policy, and have the login and su policies include it rather	des	2003-06-14	1	-9/+4
\| \| \| \| \| \|	than duplicate it. This requires OpenPAM Dianthus, which was committed two weeks ago; installing these files on a system running a world older than June 1st, 2003 will cause login(1) and su(1) to fail.
*	The PAM module pam_krb5 does not have "session" capabilities.	markm	2003-04-30	1	-1/+0
\| \| \| \|	Don't give examples of such use, this is bogus.
*	Initiate KerberosIV de-orbit burn. Disconnect the /etc configs.	markm	2003-03-08	1	-3/+0
\|
*	Add the allow_local option to all pam_opieaccess entries.	des	2003-02-16	1	-1/+1
\|
*	Major cleanup & homogenization.	des	2003-02-10	1	-40/+13
\|
*	Use pam_group(8) instead of pam_wheel(8).	des	2003-02-06	1	-1/+1
\|
*	Exempt the "wheel group requirement" by default when su'ing to root if	rwatson	2002-10-18	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	the wheel group has no explicit members listed in /etc/group. This adds the "exempt_if_empty" flag to pam_wheel in the default configuration; in some environments, it may be appropriate to remove this flag, however, this default is the same as pre-pam_wheel. Reviewed by: markm Sponsored by: DARPA, Network Associates Laboratories
*	Don't list pam_unix in the session chain, since it does not provide any	des	2002-04-18	1	-1/+0
\| \| \| \| \| \|	session management services. Sponsored by: DARPA, NAI Labs
*	Use pam_self(8) to allow users to su(1) to themselves without authentication.	des	2002-01-30	1	-0/+1
\| \| \| \|	Sponsored by: DARPA, NAI Labs
*	Enable OPIE by default, using the no_fake_prompts option to hide it from	des	2002-01-21	1	-11/+23
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	users who don't wish to use it. If the admin is worried about leaking information about which users exist and which have OPIE enabled, the no_fake_prompts option can simply be removed. Also insert the appropriate pam_opieaccess lines after pam_opie to break the chain in case the user is logging in from an untrusted host, or has a .opiealways file. The entire opieaccess / opiealways concept is slightly unpammish, but admins familiar with OPIE will expect it to work. Reviewed by: ache, markm Sponsored by: DARPA, NAI Labs
*	Really back out ache's commits. These files are now precisely as they were	des	2002-01-19	1	-1/+1
\| \| \| \|	twentyfour hours ago, except for RCS ids.
*	Back out recent changes	ache	2002-01-19	1	-1/+1
\|
*	Turn on pam_opie by default. It should not affect non-OPIE users.	ache	2002-01-19	1	-1/+1
\|
*	Awright, egg on my face. I should have taken more time with this. The	des	2001-12-05	1	-28/+28
\| \| \| \| \| \| \|	conversion script generated the wrong format, so the configuration files didn't actually work. Good thing I hadn't thrown the switch yet... Sponsored by: DARPA, NAI Labs (but the f***ups are all mine)
*	pam.d-style configuration, auto-generated from pam.conf.	des	2001-12-05	1	-0/+41
	Sponsored by: DARPA, NAI Labs