| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
code made redundant by various PAM modules (primarily pam_unix(8)).
Sponsored by: DARPA, NAI Labs
|
|
|
|
| |
fixed to accept a NULL PAM_RHOST.
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
of the recent WARNS commits. The idea is:
1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.
|
|
|
|
| |
cleaning-up.
|
| |
|
|
|
|
|
|
|
| |
Sort function declarations, includes. Make consistent WRT use of _P()
macro (ugh!)
Inspired by: bde
|
|
|
|
|
|
|
|
|
| |
<security/pam_misc.h>. It declares a function parameter named 'send',
so nothing that includes both <unistd.h> (which declares send(2)) and
<security/pam_misc.h> be compiled with WARNS=2 unless NO_WERRROR is
set.
Fixed order of WARNS.
|
|
|
|
| |
Reviewed by: bde (a while back)
|
|
|
|
|
|
|
|
|
| |
the 'You have mail.' check. This is useful for sites that rely on
remote mail access, rather than a local mail spool. Due to the
behavior of login_getcapbool(), the negated form is required so as
to have appropriate results.
o This behavior may have to be independently added to sshd due to
redundant implementation.
|
|
|
|
|
|
|
| |
modification to add glob support. The submitted patch used a degraded
form of KNF.
Reviewed by: bde
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
target devices, not just individual devices and directories. This
permits activities such as:
ttyv0 0600 /dev/dsp*
Whereas previously that was not supported. This change is
backwards-compatible, except where device names included globbing
characters, which is not the case for any devices listed in MAKEDEV.
Submitted by: Maxime Henrion <mux@qualys.com>
MFC after: 3 weeks
|
|
|
|
|
|
| |
to test for a home directory don't set up the additional groups, and
as such may limit users conservatively. This does not affect the
eventual credentials selected.
|
|
|
|
|
|
| |
This is not "useless", as one may have non-default
setting for BINOWN in make.conf, and we still want
these to be installed setuid root in this case.
|
| |
|
|
|
|
| |
logic that are handled by PAM. Fix documentation to reflect this.
|
|
|
|
|
|
|
| |
revision. <utmp.h> structures don't leave room for a NUL character.
Also fix "UNKNOWN" which should have just been UNKNOWN.
Pointed out by: bde
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the uses of it were wrong anyway.
o Always check for NULL returns on strdup(3).
o Fix a possible buffer overflow in strcpy(3).
o Fix a format string vulnerability.
o t->ty_type in stypeof() could be NULL and eventually cause
a segmentation fault in setenv(3), so check for that.
Eyeballed by: kris
Reviewed by: murray
MFC after: 3 days
|
|
|
|
|
|
|
|
| |
However, there's still a bug in login.c
because you copy the environment *before* the call to pam_open_session,
which won't set the necessary variables set by /usr/ports/security/pam_ssh.
Submitted by: Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de>
|
| |
|
| |
|
|
|
|
| |
Idea from: Theo de Raadt <deraadt@openbsd.org>
|
|
|
|
| |
Approved by: murray
|
|
|
|
| |
Reviewed by: security-officer
|
| |
|
| |
|
|
|
|
|
|
| |
which makes lgoin more like getty in its ability to be configured.
Submitted by: tlambert (code only)
|
|
|
|
|
|
|
|
|
| |
order.
Reviewed by: -audit (silence)
Approved by: murray
Obtained from: OpenBSD
MFC after: 5 days
|
| |
|
| |
|
|
|
|
|
|
|
| |
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c
Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
|
| |
|
|
|
|
|
|
|
|
| |
modules (via pam_putenv). The following variables will never be set in
this fashion:
SHELL, HOME, LOGNAME, MAIL, CDPATH, IFS, PATH
any variable starting with `LD_'
|
|
|
|
| |
Reviewed by: markm, months ago
|
|
|
|
| |
Use _PATH_* where where possible.
|
|
|
|
| |
warning).
|
|
|
|
| |
Requested by: bde
|
|
|
|
|
| |
PR: 17875
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
|
|
|
|
|
| |
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
|
|
|
|
| |
Approved by: jkh
|
| |
|
|
|
|
| |
Approved by: jkh
|
|
|
|
|
|
|
|
| |
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.
If anything, a ``HISTORY'' section should show which version this
appeared in.
|
|
|
|
|
|
|
|
| |
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design). libcrypt has
been adjusted to not need the runtime -lmd. It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
|
|
|
|
|
| |
smart because it will definitely get it wrong. This popped up during
cross-linking.
|
|
|
|
|
|
|
|
| |
commit and those which cause ugly nroff output have been fixed, since
the purpose of the style guideline which they contravene is to reduce
the sizes of deltas.
Reported by: bde
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Consistently misspell built-in as builtin.
* Add a builtin(1) manpage and create builtin(1) MLINKS for all shell
builtin commands for which no standalone utility exists. These MLINKS
replace those that were created for csh(1).
* Add appropriate xrefs for builtin(1) to the csh(1) and sh(1) manpages,
as well as to the manpages of standalone utilities which are supported
as shell builtin commands in at least one of the shells. In such
manpages, explain that similar functionality may be provided as a
shell builtin command.
* Improve sh(1)'s description of the cd builtin command. Csh(1) already
describes it adequately. Replace the cd(1) manpage with a builtin(1)
MLINKS link.
* Clean up some mdoc problems: use Xr instead of literal "foo(n)"; use
Ic instead of Xr for shell builtin commands.
* Undo English contractions.
Reviewed by: mpp, rgrimes
|