| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Set retval in the empty password case to avoid a path through the
code that fails to set retval before falling through to the final
return().
Reported by: emaste
Reported by: Coverity
CID: 1018711
|
| |
|
|
|
|
|
|
|
|
| |
Hoist the getpwnam() call outside the first if/else block in
pam_sm_chauthtok(). Set user = getlogin() inside the true
branch so that it is initialized for the following PAM_LOG()
call. This is how it is done in pam_sm_authenticate().
Reported by: Coverity
CID: 272498
|
| | |
|
| |
|
|
|
|
|
|
| |
uninitialized.
Found by: clang 3.2
Reviewed by: des
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
| |
the LDADD/DPADD to lose the -lpam, and causing openpam_dynamic() to fail
due to "openpam_get_options" being undefined.
This would cause obscure console log messages like:
openpam_dynamic(): No error: 0
openpam_load_module(): no pam_unix.so found
and other helpful messages which are no help in diagnosing the problem.
Fortunately this change was not mfc'ed to 9.x, it isn't broken there.
|
| |
|
|
| |
The former allows common settings from ../Makefile.inc to be used.
|
| |
|
|
|
|
|
|
| |
This variable was added in r82352 back in 2001, but even then it didn't
have any use. Because it's not marked static, the C compiler won't
complain about it.
Discussed with: des
|
| | |
|
| |
|
|
|
|
|
| |
<sys/time.h>.
Submitted by: Garrett Cooper <yanegomi@gmail.com>
MFC after: 3 days
|
| |
|
|
|
|
| |
PR: bin/93473
Submitted by: Björn König <bkoenig@cs.tu-berlin.de>
MFC after: 1 week
|
| |
|
|
|
|
|
| |
password database.
PR: bin/126650, misc/140514
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
test MK_INSTALLLIB, users can set WITHOUT_INSTALLLIB. The old
NO_INSTALLLIB is still supported as several makefiles set it.
- While here, fix an install when instructed not to install libs
(usr.bin/lex/lib/Makefile).
PR: bin/114200
Submitted by: Henrik Brix Andersen
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
with `pw lock', so that it's impossible to log into a locked account
using an alternative authentication mechanism, such as an ssh key.
This change affects only accounts locked with pw(8), i.e., having a
`*LOCKED*' prefix in their password hash field, so people still can
use a different pattern to disable password authentication only.
Mention all account management criteria in the manpage.
Approved by: maintainer (timeout)
PR: bin/71147
MFC after: 1 month
|
| |
|
|
|
|
| |
PR: docs/93491
Submitted by: Lior Kadosh
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
| |
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
| |
|
|
|
|
|
| |
PR: 65557, 72949
Submitted by: Stephen P. Cravey <clists@gotbrains.org>
Approved by: re (scottl)
MFC after: 2 weeks
|
| |
|
|
| |
Reviewed by: des
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
If turned on no NIS support and related programs will be built.
Lost parts rediscovered by: Danny Braniss <danny at cs.huji.ac.il>
PR: bin/68303
No objections: des, gshapiro, nectar
Reviewed by: ru
Approved by: rwatson (mentor)
MFC after: 2 weeks
|
| | |
|
| | |
|
| |
|
|
| |
more work than the others). This should make most modules build with -O2.
|
| |
|
|
|
|
|
|
| |
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.
Reviewed by: des
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: bin/51508
Submitted by: Peter Grimshaw <peter@tesseract.demon.co.uk>
|
| |
|
|
| |
PR: bin/51508
|
| |
|
|
|
|
| |
password must necessarily have an empty pwd->pw_passwd. Also add a check
that prevents users from setting a blank password unless the nullok option
was specified. Root is still allowed to give anyone a blank password.
|
| |
|
|
|
|
| |
(I've tried to keep to the spirit of the original formatting)
Reviewed by: des
|
| | |
|
| |
|
|
| |
Reviewed by: des
|
| |
|
|
| |
Sponsored by: DARPA, NAI Labs
|
| |
|
|
| |
Sponsored by: DARPA, NAI Labs
|
| |
|
|
| |
statement) that caused pam_sm_chauthtok() to always fail silently.
|
| | |
|
| | |
|
| |
|
|
| |
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
| |
Rework pam_sm_chauthtok() so it (mostly?) works.
The standard pw stuff still needs to move into a library somewhere.
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- add __unused where appropriate
- PAM_RETURN -> return since OpenPAM already logs the return value.
- make PAM_LOG use openpam_log()
- make PAM_VERBOSE_ERROR use openpam_get_option() and check flags
for PAM_SILENT
- remove dummy functions since OpenPAM handles missing service
functions
- fix various warnings
Sponsored by: DARPA, NAI Labs
|
| |
|
|
| |
Approved by: des
|
| |
|
|
|
|
|
|
| |
I've looked for this example for a long time, to demonstrate
some people why it's a really BAD idea to use ${.OBJDIR}
instead of ".". I hope these people are reading this. :-)
Approved by: des
|
| | |
|
| |
|
|
| |
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
| |
login_getcapstr(3). Also fix a longer-standing bug (login_close(3)
frees the string returned by login_getcapstr(3)) by reorganizing the
code a little, and use login_getpwclass(3) instead of login_getclass(3)
if we already have a struct pwd.
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
| |
PAMifying passwd(1).
Sponsored by: DARPA, NAI Labs.
|
| |
|
|
| |
Sponsored by: DARPA, NAI Labs
|
