summaryrefslogtreecommitdiffstats
path: root/usr.bin/login
Commit message (Collapse)AuthorAgeFilesLines
* Use waitpid() instead of wait() since we know the pid of the process wedes2003-02-081-1/+2
| | | | are waiting for, and we don't want to reap the wrong process.
* Change the process title as soon as possible to mask information passed ondes2002-12-041-0/+3
| | | | | | | | the command line by getty(8). This is not a perfect fix, but drastically reduces the window of exposure. Approved by: re (rwatson) MFC after: 1 week
* Do not reuse flag name in its definition. Remove inadequate sentence.charnier2002-10-162-14/+6
|
* Be consistent about functions being static.phk2002-10-151-4/+4
| | | | Spotted by: FlexeLint
* When login tries to do the chmod/chflags on a read only file system,imp2002-08-191-3/+12
| | | | | | | | | | | | | | | | | | | it complains that it can't do it because the filesystem is readonly. Assume that when the user has a readonly /dev that they don't care if login can't change the permissions/flags. While this does break a few things like msgs, we'll assume that the user setting up the read only system knows what they are doing. All this change does is to stop the complaint when the file system is read only. It also adds comments as to why EROFS and EOPNOTSUPP are ignored. This allows one to have a read-only / w/o a /dev MFS and have a relatively warning-free existence. /etc/rc still complains when it can't chown/chflags/chmod things, but that's easy to ignore/tweak. Reviewed by: roberto, phk Sponsored by: Timing Solutions
* Don't reuse a const char * when we really want a char *.dwmalone2002-07-281-5/+7
|
* Simplify TERM handling since now libutil not overwrites existen TERM for "term"ache2002-06-281-3/+1
|
* Overwrite "term" from login.conf(5) for any known TERMache2002-06-281-2/+9
|
* Drive-by whitespace cleanup.des2002-05-281-13/+13
|
* Don't use PAM_SILENT unless hushlogin is set (perforce change 10123)des2002-04-221-0/+2
| | | | Sponsored by: DARPA, NAI Labs
* Fixed some style bugs ("From:" in vendor id line, disordered MAN line, andbde2002-04-211-5/+2
| | | | | | blank lines). Not unapproved of by: markm
* Use `The .Nm utility'charnier2002-04-201-4/+6
|
* Remove unused #define.des2002-04-161-5/+0
|
* Align for const poisoning in -lutil.ru2002-04-081-6/+7
|
* remove __Pimp2002-03-223-9/+9
|
* Simple fix so the 'LOGIN FAILURE' message send to syslog will includegad2002-03-121-1/+0
| | | | | | | the correct userid, instead of random garbage. This bug does not exist in -stable. Reviewed by: freebsd-audit
* Switch to OpenPAM. Bump library version. Modules are now versioned, sodes2002-03-051-3/+3
| | | | | | | | | applications linked with Linux-PAM will still work. Remove pam_get_pass(); OpenPAM has pam_get_authtok(). Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}(). Remove pam_set_item(3) man page as OpenPAM has its own. Sponsored by: DARPA, NAI Labs
* Remove NO_WERRORs and WARNS=n's. To be revisited after GCC3.markm2002-02-081-2/+0
|
* Still with asbestos longjohns on, completely PAMify login(1) and removedes2002-01-304-552/+392
| | | | | | code made redundant by various PAM modules (primarily pam_unix(8)). Sponsored by: DARPA, NAI Labs
* Back out rev 1.78, which is incorrect now that the PAM modules have beendes2002-01-291-3/+2
| | | | fixed to accept a NULL PAM_RHOST.
* When running on a local terminal, set PAM_RHOST to the local hostname.des2002-01-211-2/+10
| | | | Sponsored by: DARPA, NAI Labs
* Back out PAM_CRED_ERR additionache2002-01-191-1/+0
|
* Add PAM_CRED_ERR as valid failure caseache2002-01-191-0/+1
|
* Style improvements recommended by Bruce as a follow up to somedwmalone2001-12-103-11/+12
| | | | | | | | of the recent WARNS commits. The idea is: 1) FreeBSD id tags should follow vendor tags. 2) Vendor tags should not be compiled (though copyrights probably should). 3) There should be no blank line between including cdefs and __FBSDIF.
* Use __FBSDID(). Also do a bit of cosmetic #if and header-ordermarkm2001-12-023-13/+13
| | | | cleaning-up.
* Sort includes.markm2001-12-022-7/+7
|
* Style fixups.markm2001-12-013-37/+38
| | | | | | | Sort function declarations, includes. Make consistent WRT use of _P() macro (ugh!) Inspired by: bde
* Work around world breakage in previous commit. The bug is inbde2001-12-011-2/+2
| | | | | | | | | <security/pam_misc.h>. It declares a function parameter named 'send', so nothing that includes both <unistd.h> (which declares send(2)) and <security/pam_misc.h> be compiled with WARNS=2 unless NO_WERRROR is set. Fixed order of WARNS.
* WARNS=2 fixes.markm2001-12-015-63/+107
| | | | Reviewed by: bde (a while back)
* o Add support for a 'nocheckmail' capability, which (if true) preventsrwatson2001-11-161-9/+12
| | | | | | | | | the 'You have mail.' check. This is useful for sites that rely on remote mail access, rather than a local mail spool. Due to the behavior of login_getcapbool(), the negated form is required so as to have appropriate results. o This behavior may have to be independently added to sshd due to redundant implementation.
* o Restore previous inconsistent style to login_fbtab.c, following itsrwatson2001-10-281-22/+22
| | | | | | | modification to add glob support. The submitted patch used a degraded form of KNF. Reviewed by: bde
* o Modify format of /etc/fbtab to accept glob matching patterns forrwatson2001-10-251-35/+23
| | | | | | | | | | | | | | target devices, not just individual devices and directories. This permits activities such as: ttyv0 0600 /dev/dsp* Whereas previously that was not supported. This change is backwards-compatible, except where device names included globbing characters, which is not the case for any devices listed in MAKEDEV. Submitted by: Maxime Henrion <mux@qualys.com> MFC after: 3 weeks
* o Modify NFS rights comment to note that the early credential changesrwatson2001-09-151-1/+7
| | | | | | to test for a home directory don't set up the additional groups, and as such may limit users conservatively. This does not affect the eventual credentials selected.
* Set BINOWN=root explicitly for setuid root binaries.ru2001-09-131-0/+1
| | | | | | This is not "useless", as one may have non-default setting for BINOWN in make.conf, and we still want these to be installed setuid root in this case.
* mdoc(7) police: tighten label width.ru2001-09-041-1/+1
|
* Like su(1), make PAM use mandatory. Remove parts of the authenticationmarkm2001-08-305-82/+7
| | | | logic that are handled by PAM. Fix documentation to reflect this.
* Fix some bogus strncpy(3) to strlcpy(3) changes I made in the previousmike2001-08-131-6/+6
| | | | | | | revision. <utmp.h> structures don't leave room for a NUL character. Also fix "UNKNOWN" which should have just been UNKNOWN. Pointed out by: bde
* o Replace occurrences of strncpy(3) with strlcpy(3); most ofmike2001-08-121-23/+47
| | | | | | | | | | | | | the uses of it were wrong anyway. o Always check for NULL returns on strdup(3). o Fix a possible buffer overflow in strcpy(3). o Fix a format string vulnerability. o t->ty_type in stypeof() could be NULL and eventually cause a segmentation fault in setenv(3), so check for that. Eyeballed by: kris Reviewed by: murray MFC after: 3 days
* Fix the environment handling:markm2001-07-281-12/+11
| | | | | | | | However, there's still a bug in login.c because you copy the environment *before* the call to pam_open_session, which won't set the necessary variables set by /usr/ports/security/pam_ssh. Submitted by: Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de>
* Remove whitespace at EOL.dd2001-07-152-4/+4
|
* mdoc(7) police: removed HISTORY info from the .Os call.ru2001-07-102-2/+2
|
* Fix the type of the NULL arg to execl()brian2001-07-091-1/+1
| | | | Idea from: Theo de Raadt <deraadt@openbsd.org>
* Remove an accidentaly added extra blank line.eric2001-05-221-1/+0
| | | | Approved by: murray
* Disable SIGHUP while getting the login name.guido2001-05-211-0/+2
| | | | Reviewed by: security-officer
* Missed a few things.obrien2001-05-181-3/+4
|
* In a word -- style(9).obrien2001-05-181-43/+51
|
* Add the "prompt" and "passwd_prompt" fields to /etc/login.conf,obrien2001-05-181-3/+8
| | | | | | which makes lgoin more like getty in its ability to be configured. Submitted by: tlambert (code only)
* Check for the expiration of an account and its password in the propereric2001-05-171-12/+13
| | | | | | | | | order. Reviewed by: -audit (silence) Approved by: murray Obtained from: OpenBSD MFC after: 5 days
* Clean out some cruft that has been put in a better (central) place.markm2001-05-011-5/+0
|
* Enable (optional) static linking.markm2001-04-281-0/+5
|
OpenPOWER on IntegriCloud