summaryrefslogtreecommitdiffstats
path: root/usr.bin/su
Commit message (Collapse)AuthorAgeFilesLines
* Deal with double whitespace.ru2004-07-031-1/+1
|
* Mechanically kill hard sentence breaks.ru2004-07-021-1/+2
|
* Oops. My last commit included a bug that would make "su -m" alwaysmarkm2004-06-151-2/+0
| | | | use /bin/sh. Fix this.
* Paranoia, WARNS fixes and lint.markm2004-06-131-19/+19
|
* Bumped the document date.ru2004-05-191-2/+2
| | | | Fixed the grammar nit.
* Add FBSDID. Do not dot terminate errx(3) string.charnier2004-04-041-5/+6
|
* Fixed style of assignments.ru2004-02-021-2/+2
|
* When root tries to su to a non-existent user, pam_authenticate() willdes2004-01-061-4/+4
| | | | | | | | | normally succeed (because root can su to anyone), but pam_acct_mgmt() will most likely fail, causing su to log a confusing "pam_acct_mgmt: error in service module" message. To avoid this, call getpwnam() before pam_acct_mgmt(). Sponsored by: registrar.no
* Be sure to restore foreground group to parent su before parent sudavidxu2003-11-041-1/+2
| | | | | exits, otherwise shell will be confused and does not set foreground group correctly for next su command. This sounds like a bug in sh.
* It seems when su executes in a shell scripts, there is a timing race,davidxu2003-11-031-0/+2
| | | | | | | | sometimes, su will receive a SIGTTOU when parent su tries to set child su's process group as foreground group, and su will be stopped unexpectly, ignoring SIGTTOU fixes the problem. Noticed by: fjoe
* Fix broken su -m behaviour :cognet2003-10-191-4/+2
| | | | | | | chshell must return 0 if the shell is not a standard shell, or else it is possible to use an account without a valid shell. Reviewed by: des
* - Clarification to how command line arguments are processed.kensmith2003-09-281-0/+5
| | | | | | PR: docs/55613 Submitted by: gshapiro@freebsd.org Approved by: blackend (mentor)
* typocharnier2003-06-081-1/+1
|
* PAM-related improvements:des2003-04-081-37/+59
| | | | | | | | - if operating "as them" (su -l), use pam_{open,close}_session() - allow PAM to override $HOME (pam_chroot needs this) - chdir early, because later on we may be chrooted and chdir will fail Also use pid_t instead of int where applicable.
* Put child process in a different process group, ensure that the broadcastdavidxu2003-03-271-6/+22
| | | | | | | | signal never affects su directly, some shells changes its pgrp at running or suspended time, so a broadcast SIGTSTP from child will mess up su's job control. Discussed with: bde
* Fix style bugs in the previous commit (which weren't in bde's patch)des2003-03-111-2/+0
|
* Reset SIGTSTP handler to default both for parent and child process.davidxu2003-03-111-3/+4
| | | | Submitted by: bde
* Fix long standing job control bug. SIGTSTP shouldn't be ignored.davidxu2003-03-111-1/+0
| | | | | | Special instructions tested: suspend stop $$
* Pass the correct, verified username to PAM instead of getlogin().des2003-02-061-1/+1
|
* mdoc(7) police: markup polishing.ru2002-11-261-1/+1
| | | | Approved by: re
* Add a new '-s' option to su(1): if the flag is present, attempt torwatson2002-10-232-5/+23
| | | | | | | | | | also set the user's MAC label as part of the user credential setup by setting setusercontext(3)'s SETMAC flag. By default, change only traditional process properties. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* When a user gets refused because the password is wrong, use themarkm2002-10-181-0/+4
| | | | | | | older "BAD SU" syslog message that folks prefer. There is quite a bit more tweaking that can be done with other similar messages. Asked for by: tjr
* Style: use sa_handler instead of __sigaction_u.__sa_handler.tjr2002-10-171-1/+1
|
* Remove an unused variable.phk2002-10-141-2/+0
|
* Fix typing error in prev. commitache2002-08-121-1/+1
|
* Fix style bug in prev. commitache2002-08-121-2/+1
|
* Fix su job control (recently introduced for PAM cleanup purposes) to notache2002-08-121-3/+6
| | | | | | | kill login shell on either "suspend/fg" or "stop $$/fg" for tcsh. Since this bug occurse on -stable too, it is not kernel threads bug. Submitted by: David Xu <bsddiy@yahoo.com>
* Back out workaround of fixing "suspend/fg" by price of breaking "stop $$/fg".ache2002-08-071-1/+3
| | | | | This is real kernel bug (threads) and don't attempt to mask it by workarounds to increase chances to fix it in the kernel.
* Remove tcsetpgrp() stuff across suspend/continue because it cause upper levelache2002-07-091-3/+1
| | | | | tcsh killed on resume (fg). It is because tcsh is interactive itself and do its own things with terminal group.
* This is Alexander Kabaev's patch to solve the signal problem with sudillon2002-06-261-0/+11
| | | | | | | (see 'zsh exits upon ^C' thread). This may be temporary be he's been running it for a year without incident so we should be golden with it. Approved by: des
* Backout 1.51 on DES's request.dillon2002-06-261-2/+0
| | | | Approved by: des
* Make our child the leader of its own process group to avoid receivingdes2002-05-291-0/+2
| | | | signals in its stead. This fixes the dread "zsh exits upon ^C" bug.
* Drive-by whitespace cleanup & add NAI copyrightdes2002-05-281-2/+9
|
* Use `The .Nm utility'charnier2002-04-201-2/+3
|
* Fix a few typos.keramida2002-03-301-2/+2
| | | | | | | | | as a user ID -> has a user ID command constitutes of -> command consists of PR: misc/36523 Submitted by: Chris Pepper <pepper@mail.rockefeller.edu> MFC after: 3 days
* Belatedly OpenPAMify. I forgot this patch in last night's megacommit.des2002-03-061-2/+2
| | | | Sponsored by: DARPA, NAI Labs
* Don't set PAM_RHOST, this is a local login.des2002-01-241-5/+1
| | | | Sponsored by: DARPA, NAI Labs
* Remove to-be-default WARNS?=2markm2001-12-121-2/+0
|
* Set BINOWN=root explicitly for setuid root binaries.ru2001-09-131-0/+1
| | | | | | This is not "useless", as one may have non-default setting for BINOWN in make.conf, and we still want these to be installed setuid root in this case.
* Reinstate complete (and now correctly functioning) WARNS=2.markm2001-09-122-9/+11
|
* Back out (with prejudice) the last WARNS=2 fix. I cannot understandmarkm2001-09-072-11/+9
| | | | its failure mode, and will revisit it later.
* WARNS=2 fixes.markm2001-09-042-9/+11
| | | | | | | | The remaining problem of converting highly incompatible pointer types is done by "laundering" the value through a union. This solves the problem (in my own mind) of how a "const char *" _ever_ actually gets a value in a WARNS=2 world.
* Very minor stylistic nit.markm2001-08-201-2/+1
| | | | Discussed with: ru
* Substitute ARGSTR in-place.ru2001-08-151-4/+3
| | | | Forgot trailing newline in usage().
* Fixed the usage() string.ru2001-08-151-1/+3
| | | | | | | | This also reverts change in rev. 1.36 to the documented style of writing usage(). PR: bin/29730 Submitted by: Joseph Mallett <jmallett@xMach.org>
* Set the RUSER for PAM so that (eg) kerberos can set up tickets properly.markm2001-08-111-0/+2
|
* WARNS=2 type cleanup.markm2001-08-112-5/+9
| | | | | | | WARNS=2 cannot be enable because of an unresolvable conflict in arg 2 of execv(). Document this in the Makefile. Reviewed by: bde (su.c only)
* mdoc(7) police: join split punctuation to macro calls.ru2001-08-101-2/+1
|
* Remove whitespace at EOL.dd2001-07-151-5/+5
|
* Deconvolute the authentication mess, and hand total responsiblitymarkm2001-05-263-358/+226
| | | | | | | | | | for authentication to PAM. This meens that WHEELSU-type logic can now be effected in the pam.conf "su" configuration stack. While here, clean up the mess that the code had assumed over years of hacking by folks using different styles. ANSIfy. There is more policy in here that can be handed over to PAM. This will be revisited.
OpenPOWER on IntegriCloud