| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
| |
PR: bin/4801
Submitted by: mishania@demos.su (Mikhail A. Sokolov)
|
|
|
|
| |
Also quieten -Wall a bit.
|
|
|
|
| |
Submitted by: Vincent Poy <vince@venus.gaianet.net>
|
|
|
|
| |
elf, libskey.so will not expose it's implementation on it's caller.
|
|
|
|
|
| |
update man page. Add usage().
Obtained from: OpenBSD
|
|
|
|
| |
(It has been ``SKEY.ACCESS''.)
|
| |
|
|
|
|
| |
auth_rmfiles() was being called in error without LOGIN_CAP_AUTH defined.
|
| |
|
|
|
|
| |
Fix incorrect bracket nesting. Closes PR#3144.
|
|
|
|
| |
posix standard on the topic.
|
| |
|
|
|
|
| |
the root password is empty.
|
|
|
|
|
| |
Rearrange validation logic so that it works correctly when
compiled with kerberos support. Closes PR#3056.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cleanup of #ifdef's for LOGIN_CAP.
Fixed bug in empty shell (closes PR#2550).
Refused root logins now displays standard "Login incorrect" and
exhibits identical backoff behaviour to a failed login.
Cleaned up logging of refused logins.
Use #defines for login retries and backoff. Also implemented
definable variables if LOGIN_CAP is defined, with
"login-retries" and "login-backoff" as capabilities
in the default class (closes PR#2805).
TERM from previous environment is no longer truncated.
|
| |
|
|
|
|
| |
variable name (with different functionality)
|
|
|
|
| |
introduced by LOGIN_CAP
|
| |
|
| |
|
|
|
|
| |
THAT has been in here!).
|
|
|
|
|
| |
was caused by introduction of login classes. Closes PR bin/2550.
Added references to login.conf to manpage, crossreference to login.conf(5).
|
|
|
|
|
|
|
|
| |
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
|
|
|
|
|
|
|
|
|
|
| |
Note that LOGIN_CAP_AUTH code (login authentication) is not (yet) enabled
and requires /usr/libexec/login_<style> authentication program support to
be added at a later date. The Makefile contains a macro LC_AUTH to turn
it on and prevent unnecessarily linking against skey/krb libs and the
addition of klogin.c module.
All other aspects of login_cap support are fully functional.
|
| |
|
| |
|
|
|
|
| |
Submitted by: David E. O'Brien
|
|
|
|
| |
to keep valid information in utmp and lastlog
|
| |
|
| |
|
| |
|
|
|
|
| |
which is no longer bogusly installed in /usr/include.
|
| |
|
|
|
|
|
|
| |
Reviewed by: David Greenman
Submitted by: Wietse Venema
Obtained from:
|
|
|
|
|
|
| |
defined.
Submitted by: Mark Murray <mark@grondar.za>
|
|
|
|
| |
Submitted by: Paul Traina <pst@Shockwave.com>
|
|
|
|
|
|
| |
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
|
|
|
|
| |
doesn't complain.
|
|
|
|
|
|
|
|
|
|
| |
1) Don't spit out an error message if Kerberos is installed but not yet
set up.
2) Don't attempt to verify the ticket you got back, as workstations
are not intended to have srvtab files of their own.
Both behaviors can be re-enabled with KLOGIN_PARANOID.
|
|
|
|
| |
(Umm..i hope nobody "make world" this time:)
|
|
|
|
|
|
| |
Now password changed for right user and
no longer possible to skip password change.
I hope it will be ok....
|
| |
|
| |
|
|
|
|
| |
(Guys, please don't DAMAGE commits that have just gone in.)
|
| |
|
|
|
|
|
|
|
|
| |
- Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile,
and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions,
and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY
DEFINE ONE OF THESE.
- Make Makefiles kerberos-aware.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Accounts that have "pw_change" set, are supposed to change their passwords
by the date specified in "pw_change". If they have not changed their passwords
by that date, currently they get "LOCKED OUT" of the system. This is not the
correct behavior, the user should be prompt (forced?) to change their password
at this time. If the behavior of "pw_change" was meant to be a LOCKOUT,
then you should use "pw_expire".
Solution:
Instead of locking out the user, prompt them to change their password.
Reviewed by: jkh
Submitted by: rls
|
|
|
|
|
| |
Reviewed by:
Submitted by: guido
|
|
|
|
|
| |
Reviewed by:
Submitted by: guido
|