From 95de53b08b41f33e7df17ed2325aac4eb08ff17a Mon Sep 17 00:00:00 2001 From: dds Date: Tue, 11 May 2004 11:05:26 +0000 Subject: Bring the description for login_getclassbyname in sync with the function's arguments. The function has as a second argument a struct passwd * pointer, not a directory name. MFC after: 2 weeks --- lib/libutil/login_cap.3 | 29 ++++++++++++++++++++++++----- lib/libutil/login_cap.c | 7 ++++--- 2 files changed, 28 insertions(+), 8 deletions(-) (limited to 'lib/libutil') diff --git a/lib/libutil/login_cap.3 b/lib/libutil/login_cap.3 index ccbb93f..b3a2d66 100644 --- a/lib/libutil/login_cap.3 +++ b/lib/libutil/login_cap.3 @@ -175,13 +175,15 @@ function to the authorisation style, according to the requirements of the program handling a login itself. .Pp As noted above, the -.Fn get*class +.Fn login_get*class functions return a login_cap_t object which is used to access the matching or default record in the capabilities database. The -.Fn getclassbyname +.Fn login_getclassbyname function accepts two arguments: the first one is the record identifier of the -record to be retrieved, the second is an optional directory name. +record to be retrieved, the second is an optional pointer to a +.Li passwd +structure. If the first .Ar name argument is NULL, an empty string, or a class that does not exist @@ -189,9 +191,17 @@ in the supplemental or system login class database, then the system .Em default record is returned instead. If the second -.Ar dir +.Ar pwd parameter is NULL, then only the system login class database is -used, but when not NULL, the named directory is searched for +used. +However, +if the +.Ar pwd +parameter and the value of +.Ar pwd->pw_dir +are both not NULL, then the directory contained in +.Ar pwd->pw_dir +is searched for a login database file called ".login_conf", and capability records contained within it may override the system defaults. This scheme allows users to override some login settings from @@ -215,6 +225,15 @@ The user's .Pa .login_conf merely provides a convenient way for a user to set up their preferred login environment before the shell is invoked on login. +Note that access to the +.Pa /etc/login.conf +and +.Pa .login_conf +files will only be performed subject to the security checks documented in +.Xr _secure_path 3 +for the uids 0 and +.Ar pwd->pw_uid +respectively. .Pp If the specified record is NULL, empty or does not exist, and the system has no "default" record available to fall back to, there is a diff --git a/lib/libutil/login_cap.c b/lib/libutil/login_cap.c index ad1dacb..50ebf26 100644 --- a/lib/libutil/login_cap.c +++ b/lib/libutil/login_cap.c @@ -172,9 +172,10 @@ login_close(login_cap_t * lc) * login_getclassbyname() get the login class by its name. * If the name given is NULL or empty, the default class * LOGIN_DEFCLASS (ie. "default") is fetched. If the - * 'dir' argument contains a non-NULL non-empty string, - * then the file _FILE_LOGIN_CONF is picked up from that - * directory instead of the system login database. + * 'pwd' argument is non-NULL and contains an non-NULL + * dir entry, then the file _FILE_LOGIN_CONF is picked + * up from that directory and used before the system + * login database. * Return a filled-out login_cap_t structure, including * class name, and the capability record buffer. */ -- cgit v1.1