summaryrefslogtreecommitdiffstats
path: root/usr.bin/login
Commit message (Collapse)AuthorAgeFilesLines
* Add missing library dependencies.ru2006-04-131-1/+1
|
* Don't call audit_logout() if pwd is NULL, as audit_logout() attempts tocognet2006-03-281-1/+4
| | | | | | | | | | dereference it. This will happen if we ^D at the Login: prompt without having provided a valid login before. Set pwd to NULL on bad login attempts to prevent audit_logout() from being called for a user which didn't actually log on. Reported by: Jerome Magnin jethro at docisland dot org
* Reimplementation of world/kernel build options. For details, see:ru2006-03-171-1/+3
| | | | | | | | http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html The src.conf(5) manpage is to follow in a few days. Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
* Managing login.access is no longer a responsibility of login(1).yar2006-03-061-10/+6
| | | | | | Therefore give a xref, not details. MFC after: 3 days
* Remove the last reference to LOGIN_ACCESS from login(1).yar2006-03-061-2/+3
| | | | MFC after: 3 days
* login.access.5 and login_access.c are no longer usedyar2006-03-062-296/+0
| | | | | | | | | | | | | | | in usr.bin/login because the login.access feature has moved to PAM completely. Their counterparts in lib/libpam/modules/pam_login_access have been found to be in sync with, and even in better shape than, login.access.5 and login_access.c here. Therefore cvs rm login.access.5 and login_access.c from usr.bin/login so that nobody will waste their time on fixing or developing the files here. MFC after: 3 days
* login(1) no longer handles /etc/login.access by itself,yar2006-03-061-1/+0
| | | | | | it's PAM's job. MFC after: 3 days
* Since the whole login.access feature has moved to PAM,yar2006-03-061-1/+1
| | | | | | | login.access.5 will be installed from the respective PAM module's src directory. MFC after: 3 days
* Make login audit-enabled, submitting audit records for the login and logoutwsalamon2006-02-045-3/+238
| | | | | | | | | events. The specifics of submitting the records is contained within login_audit.c. Document the auditing behavior in the man page. Obtained from: TrustedBSD Project, Apple Computer, Inc. Approved by: rwatson (mentor)
* o Teach login(1) to respect "hushlogin" and "nocheckmail" attributesmaxim2005-06-011-2/+7
| | | | | | | | defined in user's $HOME/.login_conf. PR: bin/75001 Submitted by: Rostislav Krasny MFC after: 2 weeks
* Introduce the PRECIOUSPROG knob in bsd.prog.mk, similarru2004-11-031-1/+1
| | | | | | | | to PRECIOUSLIB from bsd.lib.mk. The side effect of this is making installing the world under jail(8) possible by using another knob, NOFSCHG. Reviewed by: oliver
* Bump document datebrueffer2004-10-161-1/+1
| | | | Reminded by: simon in ru-mode
* We use /etc/pam.d/login nowadaysbrueffer2004-10-151-6/+3
|
* Deal with double whitespace.ru2004-07-031-1/+1
|
* Mechanically kill hard sentence breaks.ru2004-07-021-3/+6
|
* Deal with unsafe tab characters.ru2004-07-021-1/+3
|
* Fixed style bugs in previous commit (.ifndef instead of .if defined(),bde2004-02-291-3/+2
| | | | | | and tab lossage). Garbage-collected NEED_LIBNAMES.
* I am a moron.des2004-02-271-1/+1
|
* Re-add the setuid bit, conditional on NO_SETUID_LOGIN being undefined.des2004-02-271-0/+5
|
* Cut through the bikeshed and remove login(1)'s setuid bit. It has nodes2004-02-271-3/+0
| | | | | business trying to impersonate su(1), and it does not need to be setuid to function properly when invoked by getty(8) or telnetd(8).
* GC (now unused here) -lcrypt.ru2004-02-021-2/+2
|
* Fix ~/.hushlogin handling.fjoe2004-01-261-3/+4
| | | | | PR: 61354 Submitted by: Eugeny Grosbein <eugen (at) kuzbass.ru>
* Remove utmp references, no longer done by login(1) in 5.x.dannyboy2003-07-081-15/+3
| | | | | PR: 54201 Submitted by: mdg <mdg@secureworks.net>
* When the tty chown() fails, report a chown() failure rather than arwatson2003-04-261-1/+1
| | | | chmod() failure.
* The documented login.conf variable for setting the login prompt isdes2003-04-251-1/+1
| | | | | | | | "login_prompt". This makes more sense than "prompt" which is what login actually used, so change the code to match the documentation. PR: docs/51396 MFC in: 3 days
* Back out previous commit, I wasn't thinking clearly.des2003-02-151-2/+1
|
* Set PAM_RHOST to "localhost" if no remote host was specified. This allowsdes2003-02-151-1/+2
| | | | pam_opieaccess() to work as expected for local logins.
* Use waitpid() instead of wait() since we know the pid of the process wedes2003-02-081-1/+2
| | | | are waiting for, and we don't want to reap the wrong process.
* Change the process title as soon as possible to mask information passed ondes2002-12-041-0/+3
| | | | | | | | the command line by getty(8). This is not a perfect fix, but drastically reduces the window of exposure. Approved by: re (rwatson) MFC after: 1 week
* Do not reuse flag name in its definition. Remove inadequate sentence.charnier2002-10-162-14/+6
|
* Be consistent about functions being static.phk2002-10-151-4/+4
| | | | Spotted by: FlexeLint
* When login tries to do the chmod/chflags on a read only file system,imp2002-08-191-3/+12
| | | | | | | | | | | | | | | | | | | it complains that it can't do it because the filesystem is readonly. Assume that when the user has a readonly /dev that they don't care if login can't change the permissions/flags. While this does break a few things like msgs, we'll assume that the user setting up the read only system knows what they are doing. All this change does is to stop the complaint when the file system is read only. It also adds comments as to why EROFS and EOPNOTSUPP are ignored. This allows one to have a read-only / w/o a /dev MFS and have a relatively warning-free existence. /etc/rc still complains when it can't chown/chflags/chmod things, but that's easy to ignore/tweak. Reviewed by: roberto, phk Sponsored by: Timing Solutions
* Don't reuse a const char * when we really want a char *.dwmalone2002-07-281-5/+7
|
* Simplify TERM handling since now libutil not overwrites existen TERM for "term"ache2002-06-281-3/+1
|
* Overwrite "term" from login.conf(5) for any known TERMache2002-06-281-2/+9
|
* Drive-by whitespace cleanup.des2002-05-281-13/+13
|
* Don't use PAM_SILENT unless hushlogin is set (perforce change 10123)des2002-04-221-0/+2
| | | | Sponsored by: DARPA, NAI Labs
* Fixed some style bugs ("From:" in vendor id line, disordered MAN line, andbde2002-04-211-5/+2
| | | | | | blank lines). Not unapproved of by: markm
* Use `The .Nm utility'charnier2002-04-201-4/+6
|
* Remove unused #define.des2002-04-161-5/+0
|
* Align for const poisoning in -lutil.ru2002-04-081-6/+7
|
* remove __Pimp2002-03-223-9/+9
|
* Simple fix so the 'LOGIN FAILURE' message send to syslog will includegad2002-03-121-1/+0
| | | | | | | the correct userid, instead of random garbage. This bug does not exist in -stable. Reviewed by: freebsd-audit
* Switch to OpenPAM. Bump library version. Modules are now versioned, sodes2002-03-051-3/+3
| | | | | | | | | applications linked with Linux-PAM will still work. Remove pam_get_pass(); OpenPAM has pam_get_authtok(). Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}(). Remove pam_set_item(3) man page as OpenPAM has its own. Sponsored by: DARPA, NAI Labs
* Remove NO_WERRORs and WARNS=n's. To be revisited after GCC3.markm2002-02-081-2/+0
|
* Still with asbestos longjohns on, completely PAMify login(1) and removedes2002-01-304-552/+392
| | | | | | code made redundant by various PAM modules (primarily pam_unix(8)). Sponsored by: DARPA, NAI Labs
* Back out rev 1.78, which is incorrect now that the PAM modules have beendes2002-01-291-3/+2
| | | | fixed to accept a NULL PAM_RHOST.
* When running on a local terminal, set PAM_RHOST to the local hostname.des2002-01-211-2/+10
| | | | Sponsored by: DARPA, NAI Labs
* Back out PAM_CRED_ERR additionache2002-01-191-1/+0
|
* Add PAM_CRED_ERR as valid failure caseache2002-01-191-0/+1
|
OpenPOWER on IntegriCloud