opnsense-src

mirror of https://github.com/opnsense/src.git synced 2026-03-09 09:41:05 -04:00

Author	SHA1	Message	Date
Yaroslav Tykhiy	be89d8067c	Document the quirks of ~/.login_conf and LOGIN_MECLASS.	2007-06-14 09:33:37 +00:00
Yaroslav Tykhiy	2e376efd52	Improve mdoc(7) markup.	2007-06-14 07:31:59 +00:00
Yaroslav Tykhiy	a742982378	Update some comments, mostly regarding LOGIN_MECLASS and ~/.login_conf.	2007-06-14 06:42:49 +00:00
Dag-Erling Smørgrav	4b5b992bba	Nit: avoid shadowing truncate(2) with a local variable.	2007-05-23 12:09:33 +00:00
Dag-Erling Smørgrav	400f772943	Fix stupid braino in previous commit.	2007-05-23 10:06:03 +00:00
Dag-Erling Smørgrav	d75d56060e	If (flags & O_TRUNC), don't truncate the file until we've successfully locked it. MFC after: 3 weeks	2007-05-23 08:12:34 +00:00
Daniel Eischen	419ecd5dee	Bump library versions in preparation for 7.0. Ok'd by: kan	2007-05-21 02:49:08 +00:00
Dag-Erling Smørgrav	b31d5b56ec	strlcpy() may be faster than snprintf(), but it is less portable, and this is not performance critical code anyway. Also, avoid using strlen() to obtain information which we already have. MFC after: 3 weeks	2007-05-11 11:10:05 +00:00
Dag-Erling Smørgrav	4d09ed1e67	Fix typo. Submitted by: Bård Skaflestad <bardsk@math.ntnu.no>	2007-05-10 18:15:30 +00:00
Dag-Erling Smørgrav	8f9085389f	Well gag me with a spoon... I'm so used to working at high WARNS levels that I make stupid fundamental mistakes like this when I don't.	2007-05-10 15:01:42 +00:00
Dag-Erling Smørgrav	b252bedcc9	Remove superfluous unexpanded RCS tag.	2007-05-10 14:56:07 +00:00
Dag-Erling Smørgrav	3884dc6768	Use flopen(3). MFC after: 3 weeks	2007-05-10 14:54:53 +00:00
Dag-Erling Smørgrav	3dea593400	DTRT when O_NONBLOCK is specified. MFC after: 3 weeks	2007-05-10 14:52:57 +00:00
Dag-Erling Smørgrav	9667055264	I'm tired of seeing this done incorrectly and non-portably, so add a flopen(3) function which reliably opens and locks a file. MFC after: 3 weeks	2007-05-10 14:43:31 +00:00
Yaroslav Tykhiy	f855462a24	Fix one kind of style(9) bug and a typo in a comment. Tested with: md5(1)	2007-05-01 18:50:33 +00:00
Warner Losh	ee7093a640	Remove California Regent's clause 3, per letter	2007-01-09 01:02:06 +00:00
Tom Rhodes	d3dc0c9de4	Fix a typo: "the give login class" to "the given login class." PR: 75577 Submitted by: Nobuyuki Koganemaru	2006-11-05 19:00:08 +00:00
Ruslan Ermilov	f0d43ae993	Fix markup in previous revision.	2006-10-10 08:15:08 +00:00
Tom Rhodes	5e058b334c	Add information on how to escape a literal colon in a value or name. PR: 101262	2006-10-09 22:35:02 +00:00
Ruslan Ermilov	ad136d1e29	Revise markup in recently added manpages.	2006-09-30 10:34:13 +00:00
Ruslan Ermilov	a73a3ab56b	Markup fixes.	2006-09-17 21:27:35 +00:00
Thomas Quinot	3a1d9c271b	Minor comment fix.	2006-09-08 08:14:32 +00:00
Thomas Quinot	71219ddbd1	(pw_copy): Handle the case of a malformed line in master.passwd (copy it silently, do not dereference NULL pointer). PR: bin/102848 Reviewed by: security-officer (cperciva) MFC after: 1 week	2006-09-04 15:09:21 +00:00
Yaroslav Tykhiy	6599d1e129	Recognize the existence of `auth' and` auth-type' capabilities but tell they do nothing in the base system. This is a late responce to http://docs.freebsd.org/cgi/mid.cgi?ED759F1DC5ADD74592DD063B1EDEDAF803ACD2B5 . Obtained from: OpenBSD (wording; with minor corrections)	2006-08-23 09:54:46 +00:00
Yaroslav Tykhiy	74d580d770	style.Makefile(5) is good for our eyes.	2006-07-27 12:36:46 +00:00
Warner Losh	d5fbc8f429	Note the convention that humanize_number follows. Add 'engineering' numbers to table.	2006-07-15 20:53:36 +00:00
Maxim Konovalov	a07b02ef92	o Add missed comma, xref kld(4).	2006-07-12 14:33:52 +00:00
Brian Somers	25b5a928f7	Remove some unused variables	2006-06-23 01:42:03 +00:00
Maxim Konovalov	613c94ac78	o Typo: ownship -> ownership. Obtained from: DragonFlyBSD	2006-06-17 07:25:58 +00:00
Shunsuke Akiyama	b3c87f5c78	Specify default path for SHLIBDIR before bsd.own.mk does. This fix shared library installed correct place.	2006-06-11 09:14:06 +00:00
Xin LI	db31b8ae3c	Don't build IPv6 support if we have choosen not to have it.	2006-06-09 18:11:29 +00:00
Xin LI	aa5c5263bc	- Add include for libutil.h and string.h for prototype. - Cast the rvalue to be compared with the result of strlen() to size_t.	2006-05-25 04:01:04 +00:00
Hajimu UMEMOTO	794063c03f	Bump library majro version for gethostbyaddr(3).	2006-05-21 15:15:21 +00:00
Christian Brueffer	b208d15b48	Document how the backoff delay is calculated. Submitted by: markus MFC after: 3 days	2006-04-19 17:46:27 +00:00
John-Mark Gurney	4d5e876be3	use pwrite to always write at the begining of the file.. If multiple calls to pidfile_write happen, the pidfile will have nul characters prepended due to the cached file descriptor offset... Reviewed by: scottl MFC after: 3 days	2006-04-11 23:10:02 +00:00
Giorgos Keramidas	ef608a6008	Use `intmax_t' instead of plain` int' for pid_t casts. Useful tips from: ru, bde Approved by: pjd MFC after: 3 days	2006-03-04 15:20:28 +00:00
Dag-Erling Smørgrav	501092bbc8	Add utility functions for checking if a given kernel module is loaded, and loading it.	2006-02-18 11:25:28 +00:00
Pawel Jakub Dawidek	560c4fc142	- Add a note that passing NULL to pidfile_write(), pidfile_remove() and pidfile_close() functions is safe. This possibility is used in example code. - Cast pid_t to int. Requested by: yar	2006-01-28 14:13:15 +00:00
Olivier Houchard	db256336b8	Teach openpty() how to deal with pts.	2006-01-26 01:33:26 +00:00
Robert Watson	d2042d2052	Restore use of strncpy(), as there is later unconditional termination of the string, and reliance on the returned pointer. Found by: bde (tm)	2006-01-16 11:54:07 +00:00
Robert Watson	ba183db70c	Replace strncpy() with strlcpy() when parsing login time limit strings from /etc/login.conf, or an unterminated string buffer could result. Probably, login_times.c should reject excessively long time strings as unparseable, rather than truncating, which might render an invalid string valid. Found with: Coverity Prevent (tm) Reviewed by: csjp MFC after: 3 days	2006-01-16 00:52:20 +00:00
Robert Watson	8e3ae6fe69	Fix typo in comment. MFC after: 3 days	2006-01-16 00:28:11 +00:00
Christian S.J. Peron	111a16a8ee	Document the LOGIN_SETMAC setusercontext(3) flag. While we are here, drop in an external reference to mac_set_proc(3).	2005-12-30 06:16:20 +00:00
John Baldwin	a54bb702d7	Restore the previous state after a FILL operation in properties_read() rather than forcing the state to LOOK. If we are in the middle of parsing a line when we have to do a FILL we would have lost any token we were in the middle of parsing and would have treated the next character as being at the start of a new line instead. PR: kern/89181 Submitted by: Antony Mawer gnats at mawer dot org MFC after: 1 week	2005-11-28 16:30:16 +00:00
Ruslan Ermilov	877205d1d4	Fix prototype.	2005-11-24 11:29:11 +00:00
Ruslan Ermilov	6b84cd5819	Fix markup, grammar and spelling.	2005-11-18 14:21:28 +00:00
Brooks Davis	72bd741cfc	When removing the local domain, only do so when the result will be a host name. This is matches the documented behaviro. The previous behavior would remove the domain name even if the result retained a dot. This fixes rsh connections from a.example.com to example.com. Reviewed by: ceri (at least the concept)	2005-10-05 04:42:20 +00:00
Pawel Jakub Dawidek	8b28aef238	Pidfiles should be created with permission preventing users from opening them for reading. When user can open file for reading, he can also flock(2) it, which can lead to confusions. Pointed out by: green	2005-09-16 11:24:28 +00:00
Pawel Jakub Dawidek	412fa8f114	Add a family of functions for reliable pidfiles handling. Idea from: jmg Discussed on: arch@	2005-08-24 17:21:38 +00:00
Ken Smith	a84020c2b9	Bump the shared library version number of all libraries that have not been bumped since RELENG_5. Reviewed by: ru Approved by: re (not needed for commit check but in principle...)	2005-07-22 17:19:05 +00:00
Hajimu UMEMOTO	4f10131848	NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special for it, now.	2005-05-13 16:31:11 +00:00
Tom Rhodes	043d661d53	Properly spell default in a comment.	2005-04-22 23:11:57 +00:00
Xin LI	13c273c81a	Remove duplicated "bytes". Submitted by: Wojciech A. Koszek [dunstan freebsd czest pl] PR: 79747	2005-04-10 12:15:25 +00:00
Tom Rhodes	9c512d4ae0	Fix grammatical issue. Submitted by: ceri	2005-02-27 22:24:24 +00:00
Tom Rhodes	16814e4c71	Use ~/.login_conf when discussing a user's local file. Suggested by: ru	2005-02-26 23:41:04 +00:00
Tom Rhodes	59fa1b558e	Reword previous commit to be a bit more correct and provide more information. Inspiried by: ru	2005-02-25 00:32:41 +00:00
Tom Rhodes	ef8bcbfb41	Make it more obvious that cap_mkdb(1) is required to rebuild the database. PR: 76981 Submitted by: Lowell Gilbert <freebsd-bugs-local@be-well.ilk.org>	2005-02-23 22:11:59 +00:00
Ruslan Ermilov	0227791b40	Expand *n't contractions.	2005-02-13 22:25:33 +00:00
Ruslan Ermilov	720e293ae7	Reflect the reality; only crypt(3) uses /etc/auth.conf for the time being.	2005-01-21 12:07:46 +00:00
Ruslan Ermilov	24a0682c64	Sort sections.	2005-01-20 09:17:07 +00:00
Ruslan Ermilov	2d82ac3110	Scheduled mdoc(7) sweep.	2005-01-11 20:50:51 +00:00
Tom Rhodes	8f79184fe2	Various markup and spelling fixes. PR: 75574 Submitted by: Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp> (original version)	2004-12-29 02:18:24 +00:00
Ruslan Ermilov	9a5393ac68	Grammar in a comment.	2004-12-18 12:31:12 +00:00
Pawel Jakub Dawidek	69560edc13	Backout manual page updates. Requested by: ru	2004-09-26 12:08:31 +00:00
Pawel Jakub Dawidek	bd52c9ac59	Take the lastest fixes from NetBSD. Obtained from: NetBSD	2004-09-25 14:11:34 +00:00
Pawel Jakub Dawidek	8914c29937	There is no such manual page in FreeBSD.	2004-09-16 18:32:58 +00:00
David E. O'Brien	b35b4dcba7	Document when this function came into FreeBSD.	2004-08-21 03:31:17 +00:00
Peter Pentchev	b047cf9879	Spell FTP correctly - in this case, it is used as the name of the protocol, not the program. Also, bump the document date. Reminded by: our resident mdoc guard (ru)	2004-08-06 12:56:39 +00:00
Peter Pentchev	1575f75dc9	Add Giorgos's description of the ftp-chroot login.conf option. Reported by: Bill Moran <wmoran@potentialtech.com> Submitted by: keramida MFC after: 2 weeks	2004-08-06 10:43:24 +00:00
Ruslan Ermilov	fd13236829	Markup fixes.	2004-07-07 20:25:54 +00:00
Ruslan Ermilov	30950a21e1	Eliminate double whitespace.	2004-07-03 22:30:10 +00:00
Ruslan Ermilov	1a0a934547	Mechanically kill hard sentence breaks.	2004-07-02 23:52:20 +00:00
Pawel Jakub Dawidek	e27d191348	Humanize_number(3) is a part of libutil.	2004-05-25 20:11:50 +00:00
Tom Rhodes	d268591bf7	You want to include libutil.h, not util.h. Some minor sentence tweaking.	2004-05-25 18:53:54 +00:00
Pawel Jakub Dawidek	23d1a17825	Add humanize_number(3) to libutil for formating numbers into a human readable form. Obtained from: NetBSD	2004-05-24 22:19:27 +00:00
Stefan Farfeleder	ec18ee18ad	Don't depend on NULL's expansion being a pointer, cast it before it is passed to variadic functions. Approved by: das (mentor)	2004-05-18 15:53:58 +00:00
Diomidis Spinellis	26eff9e85b	Fix and clarify unparsable sentence. MFC after: 2 weeks	2004-05-11 11:10:09 +00:00
Diomidis Spinellis	94cf9da03c	Bring the description for login_getclassbyname in sync with the function's arguments. The function has as a second argument a struct passwd * pointer, not a directory name. MFC after: 2 weeks	2004-05-11 11:05:26 +00:00
Tim Kientzle	09951e89e9	Back out the "clean_environment()" function from libutil. Further contemplation has convinced me that this was not going to really solve the problem of environment-poisoning without raising serious administrative headaches. There must be a better way...	2004-02-29 22:13:28 +00:00
Tim Kientzle	a0a7e17219	Add the clean_environment call to libutil.h also. MFC after: 2 weeks	2004-02-26 22:44:11 +00:00
Tim Kientzle	f9efe8694a	Add a clean_environment call to libutil. This function removes all environment variables except the ones listed on a "whitelist." The function accepts two whitelist arguments. If the first is NULL, a built-in default list will be used. This allows callers to get a variety of behaviors: * Default screening: provide NULL for both lists * Custom screening: provide a custom list for the first argument * Modified default screening: provide NULL for first arg, list of additional variables to preserve in the second arg Idea from: Jacques Vidrine MFC after: 2 weeks	2004-02-26 22:41:47 +00:00
Robert Watson	c5df72d83f	Bump the major version on libtuil. libutil now relies on the mac_* symbols exported by newer versions of libc, and so we want applications depending on the newer library code to be required to link against the newer libc. Discussed with: scottl, kris, imp	2003-11-12 21:56:07 +00:00
Tim J. Robbins	d210c39f49	Remove __NETBSD_SYSCALLS.	2003-10-29 10:55:56 +00:00
Peter Wemm	05bcd1d098	(mostly) Clean up some const warnings here. The code takes some liberties because it is the originator of various const strings and knows that they came from malloc.	2003-10-26 03:51:47 +00:00
Mark Murray	547fa0d9b7	ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify.	2003-10-18 10:04:16 +00:00
Mark Murray	804b0f979a	Remove a GCC specifig CFLAG. We should be using WARNS=? for this. WARNS=? is not added here at this point, because I've not tested it on enough platforms, and I don't want to break builds.	2003-10-18 09:58:39 +00:00
Ruslan Ermilov	743d5d518c	mdoc(7): Properly mark C headers.	2003-09-10 19:24:35 +00:00
David E. O'Brien	4f4a104ee8	style.Makefile(5)	2003-08-18 15:25:39 +00:00
Gordon Tetlow	41d8423f71	Stage 3 of dynamic root support. Make all the libraries needed to run binaries in /bin and /sbin installed in /lib. Only the versioned files reside in /lib, the .so symlink continues to live /usr/lib so the toolchain doesn't need to be modified.	2003-08-17 08:28:46 +00:00
Mark Murray	0ebec5d3c8	Tidy up. Sort headers.	2003-06-14 18:42:37 +00:00
Murray Stokely	eb8b21f78b	Backout last commit. It is redundant in -CURRENT. Pointed out by: David Schultz	2003-05-05 06:25:03 +00:00
Murray Stokely	d8082d11aa	Note that the idletime setting is not enforced. PR: docs/40952 MFC After: 3 days	2003-05-04 21:35:41 +00:00
Murray Stokely	df788a526f	Document the login-backoff and login-retries capabilities. PR: docs/51397 MFC After: 3 days	2003-05-04 06:43:24 +00:00
Tom Rhodes	6c4e78ae1a	Add vmemoryuse to the list. PR: 50796 Submitted by: Dmitry Sivachenko <mitya@cavia.pp.ru>	2003-04-26 15:15:05 +00:00
Dag-Erling Smørgrav	b7d6bb0833	Brucify.	2003-04-10 10:26:18 +00:00
Dag-Erling Smørgrav	e7d9d9217c	Correctly detect the case where a password entry was changed while we were preparing to edit it. PR: bin/50563	2003-04-09 18:20:51 +00:00
Dag-Erling Smørgrav	e947f78c16	Apply the correct fix for bin/50679: don't mess around with process groups or the tty, just block selected signals in the parent like system(3) does. Many thanks to bde for his assistance in finding the correct solution. PR: bin/50679	2003-04-09 16:39:47 +00:00
Dag-Erling Smørgrav	c794881f8c	Band-aid for the "^C kills the editor" problem. I haven't yet found the proper way to fix this. The way this works is to prepend "exec " to the editor command to eliminate the "shell in the middle" which prevents us from properly reawakening the editor after a SIGTSTP. PR: bin/50679	2003-04-08 18:04:30 +00:00
Philippe Charnier	0552350ecc	The .Fn function	2003-03-24 16:02:05 +00:00
David Schultz	5d907c3dd2	Make pw_edit() use /bin/sh to interpret the EDITOR environment variable. PR: 48748 Reviewed by: mike (mentor)	2003-03-17 02:12:55 +00:00
David Schultz	9c04284549	Re-document unimplemented capabilities that were removed in the last revision of this file, but note that they are not supported in the base system. Requested by: ache Reviewed by: ache, mike (mentor)	2003-03-05 00:21:35 +00:00
David Schultz	9f7b7e45d1	- Document the fact that we now use pam_passwdqc(8) to check password quality, not login.conf(5). - Move warnexpire and warnpasswd from the ``Accounting Limits'' section to ``Authentication'', and nix everything else in the former section. The accounting knobs are not available in the base system, and the subset of them available in ports should be documented in the ports' manpages. PR: 47960 Reviewed by: mike (mentor), doc	2003-03-03 05:09:24 +00:00
Ruslan Ermilov	522ccf3f35	mdoc(7) police: markup laundry.	2003-02-23 01:47:49 +00:00
Andrey A. Chernov	5fe03aba37	Now return NULLified struct in case of empty config file (previous variant return NULL pointer for both empty file case and error case, so caller can't sense error properly). It not affect existen programs because property_find() now returns NULL for both NULL pointer and NULLified struct.	2003-01-27 03:39:33 +00:00
Andrey A. Chernov	33a155e400	Handle read errors	2003-01-27 03:14:04 +00:00
Andrey A. Chernov	779092a489	Add (unsigned char) cast to ctype macros Handle NULL return from malloc and strdup	2003-01-19 03:05:01 +00:00
Jens Schweikhardt	d64ada501a	Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/ Add FreeBSD Id tag where missing.	2002-12-30 21:18:15 +00:00
Jens Schweikhardt	57bd0fc6e8	english(4) police.	2002-12-27 12:15:40 +00:00
Chris Costello	2db19028d3	Document the `label' capability. Approved by: re Sponsored by: DARPA, Network Associates Labs Obtained from: TrustedBSD Project	2002-11-22 22:22:10 +00:00
Peter Wemm	f316609eb4	Oops. Some ut_time stuff slipped through the cracks. These turned out to be non-fatal due to stack alignment roundups.	2002-11-17 23:46:45 +00:00
Robert Watson	433c28e012	Add LOGIN_SETMAC to the list of flags that can't be set without class information, since we rely on the pwd entry to know what MAC labels to set as part of the login process. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories	2002-11-12 22:30:01 +00:00
Sheldon Hearn	a4df5101a3	Use "deprecated" instead of "depreciated" where appropriate.	2002-10-30 07:49:11 +00:00
Dag-Erling Smørgrav	6dcfea0f37	Don't forget to '\n'-terminate new entries. This unbreaks chpass -a. Submitted by: joerg	2002-10-29 13:58:42 +00:00
Robert Watson	84333872d8	If LOGIN_SETMAC is set and MAC is enabled in the kernel, then see if the user has a 'label' entry in their login class. If so, attempt to set that label on the process as part of the credential setup. If we're unable to parse the label, or unable to set the label, fail. In the future, we may also want to warn if a label is set but the kernel doesn't support MAC. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories	2002-10-23 03:17:22 +00:00
Peter Wemm	224af215a6	Zap now-unused SHLIB_MINOR	2002-09-28 00:25:32 +00:00
Philippe Charnier	7fed38d0a0	Replace various spelling with FALLTHROUGH which is lint()able	2002-08-25 13:10:45 +00:00
Robert Watson	27a68d26ae	Add LOGIN_SETMAC, which will indicate to the user context management code that it should also set the user's default MAC label, if available and permitted. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs	2002-08-16 02:14:21 +00:00
Robert Watson	909410cf5b	Whitespace cleanup--it's not style(9), but it is consistent. Prep for MAC-related commits to the login infrastructure. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs	2002-08-11 01:48:43 +00:00
Ruslan Ermilov	cc6638bd55	mdoc(7) police: spelling.	2002-08-09 12:08:47 +00:00
Andrey A. Chernov	cc1b8dcb1c	Add additional field 'overwrite' to login_vars. It mainly needed to handle "term" according to manpage, i.e. not overwrite it, if already present in environment.	2002-06-28 14:45:30 +00:00
Maxim Sobolev	07a1fb30e3	Backout previous delta (addition of -I${.CURDIR}/../../sys). Submitted by: bde	2002-06-26 13:25:23 +00:00
Maxim Sobolev	af244dd67c	Add -I${.CURDIR}/../../sys into CFLAGS, which should fix the world broken by RLIMIT_VMEM addition.	2002-06-26 10:33:10 +00:00
Matthew Dillon	b5c7be5728	Add documentation for vmemoryuse	2002-06-26 03:58:31 +00:00
Matthew Dillon	67577126f9	Make libutil aware of vmemoryuse in its login.conf cap processing (aka sshd, /usr/bin/login, etc)	2002-06-26 03:54:18 +00:00
Nick Hibma	074dccd545	Be more clear in error messages. Distinguish between a held lock and a failed lock op. If rpc.lockd is not running on a diskless client this makes clearer what the problem is.	2002-06-23 19:23:46 +00:00
Hajimu UMEMOTO	82684fa6da	Return HOSTNAME_INVALIDADDR when reverse lookup is fail. Submitted by: Sergey Zorin <sergey@cc.tpu.edu.ru>	2002-06-07 17:25:19 +00:00
Garrett Wollman	5685a7738f	Add used include of <string.h>.	2002-05-30 19:38:07 +00:00
Dag-Erling Smørgrav	95ed2ab27f	If no old_pw was passed to pw_copy, compare just the name. Sponsored by: DARPA, NAI Labs	2002-05-08 14:52:32 +00:00
Dag-Erling Smørgrav	e2ef54de51	Add passwd manipulation code based on parts of vipw and chpass. Sponsored by: DARPA, NAI Labs	2002-05-08 00:50:07 +00:00
Dag-Erling Smørgrav	c720dea0f2	login(3) doesn't care about the controlling terminal any more.	2002-04-20 12:24:20 +00:00
Dag-Erling Smørgrav	324e8fd88f	Fix for the sshd(8) utmp problem. Previously, login(3) would ignore the tty named by its argument and use ttyslot(3) instead to determine what slot to use. The problem is that sshd(8) calls pam_open_session(3) before forking the child (as it should), at which point it does not have a controlling terminal. Also, ttyslot(3) is very crude as it assumes fd 0, 1 or 2 refers to the controlling terminal, which is usually (but not always) the case. Instead of using ttyslot(3) to determine the slot number, look up the specified tty in /etc/ttys ourselves (this is what ttyslot(3) does anyway). (perforce change 9969) Sponsored by: DARPA, NAI Labs	2002-04-20 12:23:04 +00:00
Dag-Erling Smørgrav	f9eaa746eb	Make mppath and masterpasswd pointers instead of arrays, and initialize them to point at static strings that contain the default paths. This makes 'vipw -d' work again (I broke it in rev 1.21; apologies for taking so long to fix it.) Spotted by: Olivier Houchard <doginou@cognet.ci0.org> Sponsored by: DARPA, NAI Labs	2002-04-17 00:18:15 +00:00
Ceri Davies	8133673540	Add a missing cross-ref. Approved by: murray MFC after: 1 week	2002-04-16 10:15:51 +00:00
Dag-Erling Smørgrav	1c9fd646f6	Remove bogus reference to _use_yp.	2002-04-15 15:50:59 +00:00
Ruslan Ermilov	b00ba4ccbb	Const poisoning.	2002-04-08 11:04:56 +00:00
David E. O'Brien	1372519b15	Remove multi-line __P() usage.	2002-03-22 09:22:15 +00:00
David E. O'Brien	69160b1eb7	Remove __P() usage.	2002-03-21 23:54:04 +00:00
David E. O'Brien	be04b6d190	Remove 'register' keyword.	2002-03-21 23:39:28 +00:00
Dag-Erling Smørgrav	40e0f7deed	Remove a bogus cast.	2002-03-06 15:24:51 +00:00
Dima Dorfman	246b0f8487	Correct a typo. PR: 35273 Submitted by: Nicola Vitale <nivit@libero.it>	2002-03-03 01:13:47 +00:00
Bruce Evans	3798cf8a70	#include <time.h> for the definition of time functions instead of depending on namespace pollution 2 layers deep in <sys/stat.h>. Sorted includes.	2002-02-25 12:02:03 +00:00
Bruce Evans	163ae6707c	#include <stddef.h> for the definition of NULL instead of depending on namespace pollution 2 layers deep in <sys/stat.h>. Sorted includes.	2002-02-25 01:25:30 +00:00
Dag-Erling Smørgrav	93deb2ae12	ANSIfy and constify. Sponsored by: DARPA, NAI Labs	2002-02-05 06:49:11 +00:00
Robert Watson	5acb7446b0	o Reflect repo-copy of extattr.[c3] from libutil to libc, moving extattr namespace routines to the libc/posix1e directory. While the extattr calls are not strictly POSIX.1e, POSIX.1e wasn't strictly ever approved, so I think that's OK. Obtained from: TrustedBSD Project	2001-11-16 05:09:45 +00:00
Robert Watson	9d58ead2eb	o Document 'nocheckmail' login capability.	2001-11-16 04:39:43 +00:00
Robert Watson	22524ffbb2	Although the 'bool' type is referenced in the list of capabilities, it is not defined in the capability type list. Provide a definition for 'bool', if a slightly less than elegant one. Note that this definition does not include the complete scope of available behavior defined in cgetcap(3), and could probably be improved.	2001-11-16 02:40:09 +00:00
Yaroslav Tykhiy	dc72bf81a8	Fix the phrase about "both files", which must be left from login(3). This page, logwtmp(3), speaks of only one file -- wtmp(5). MFC after: 1 week	2001-10-11 11:02:50 +00:00
Ruslan Ermilov	32eef9aeb1	mdoc(7) police: Use the new .In macro for #include statements.	2001-10-01 16:09:29 +00:00
Matthew Dillon	8719c58fef	Add __FBSDID()s to libutil	2001-09-30 22:35:07 +00:00
Andrey A. Chernov	e36b245ca8	1) Back out ~/.login_conf disable 2) Pick only "me" class from ~/.login_conf as documented	2001-09-25 11:07:26 +00:00
Robert Watson	35105a5f91	Disable per-user .login_conf support due to incorrect merging of local and globaly settings. An alternative implementation will be developed. Reported by: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>	2001-09-16 16:48:40 +00:00
Robert Watson	8df8b73f3c	o Add a comment noting that the early setting of privileges for the purpose of NFS home directory and root directory processing fails to include additional groups. This doesn't impact the final credential, but does mean that users may be denied login even when additional groups might allow it.	2001-09-15 16:12:56 +00:00
Ruslan Ermilov	8af1452cf8	Removed duplicate VCS ID tags, as per style(9).	2001-08-13 14:06:34 +00:00
Ruslan Ermilov	57e4378bf6	mdoc(7) police: protect trailing full stops of abbreviations with a trailing zero-width space: `e.g.\&'.	2001-08-10 13:45:36 +00:00
Hajimu UMEMOTO	27daeab3ec	Simplify IPv4 mapped IPv6 address handling. Reviewed by: brian MFC after: 5 days	2001-07-23 21:42:22 +00:00
Assar Westerlund	27e79ba285	remove emalloc,ecalloc,erealloc,estrdup	2001-07-23 12:42:07 +00:00
Assar Westerlund	c9a4f950b3	add ecalloc, emalloc, erealloc, estrdup - versions of the e-less functions that exit instead of failing	2001-07-22 22:26:37 +00:00
Brian Somers	3ee63d3929	Hint getaddrinfo() correctly if we're looking up a name that we got from an AF_INET6 address. MFC after: 1 week	2001-07-21 00:18:54 +00:00
Dima Dorfman	7ebcc426ef	Remove whitespace at EOL.	2001-07-15 07:53:42 +00:00
Ruslan Ermilov	a307d59838	mdoc(7) police: removed HISTORY info from the .Os call.	2001-07-10 13:41:46 +00:00
Dima Dorfman	70d51341bf	mdoc(7) police: remove extraneous .Pp before and/or after .Sh.	2001-07-09 09:54:33 +00:00
Brian Somers	7bc6d0158f	Fix the type of the NULL arg to execl() Idea from: Theo de Raadt <deraadt@openbsd.org>	2001-07-09 09:24:06 +00:00
Dima Dorfman	2b47b55f69	Add RETURN VALUES and ERRORS sections.	2001-06-25 01:25:01 +00:00
Dima Dorfman	444a2d61e8	Add a manual page for extattr_string_to_namespace and extattr_namespace_to_string. Reviewed by: rwatson	2001-06-24 23:54:46 +00:00
Ruslan Ermilov	3ab9a9d0e0	Removed -I${.CURDIR}/.../sys from CFLAGS.	2001-05-18 13:41:42 +00:00
David E. O'Brien	708b042526	Sort.	2001-05-18 05:05:50 +00:00
David E. O'Brien	078ae588ab	Add the "prompt" and "passwd_prompt" fields to /etc/login.conf, which makes lgoin more like getty in its ability to be configured. Submitted by: tlambert (code only)	2001-05-18 04:55:16 +00:00
Dima Dorfman	3babad2e42	Don't pass NULL to the %s format. Reviewed by: kris	2001-04-22 03:00:09 +00:00
Ruslan Ermilov	eb0838029f	mdoc(7) police: normalize .Nd.	2001-04-18 15:54:10 +00:00
Ruslan Ermilov	4a558355e5	MAN[1-9] -> MAN.	2001-03-27 17:27:19 +00:00
Robert Watson	4482ce0f57	o Slap some "_"'s in front of variable names relating to extattr functions, so as not to pollute application namespace. Submitted by: bde	2001-03-22 04:05:40 +00:00
Robert Watson	d51048c93b	o Rename "namespace" argument to "attrnamespace" as namespace is a C++ reserved word. Submitted by: jkh Obtained from: TrustedBSD Project	2001-03-19 05:05:41 +00:00
Robert Watson	270ad63e6b	o Rename "namespace" argument to "attrnamespace" as namespace is a C++ reserved word, causing breakage when a C++ program included libutil.h This change will be propagated elsewhere shortly. Submitted by: jkh Obtained from: TrustedBSD Project	2001-03-19 05:04:30 +00:00
Brian Somers	a9c6c69f89	Fix some further style nits Pointed out by: bde	2001-03-17 10:09:52 +00:00
Brian Somers	61a1695b80	Actually commit the new version of trimdomain blush Thanks for covering my blunder to: peter	2001-03-15 08:30:05 +00:00
Robert Watson	1bc2362e07	o To support new EA interface with explicit namespaces, introduce two utility functions which convert between string namespace names and numeric constants used by the interface. Right now, two namespaces are supported, EXTATTR_NAMESPACE_SYSTEM ("system") and EXTATTR_NAMESPACE_USER ("user"). These functions are used by various userland EA utilities, rather than hard coding the routines all over the place. Obtained from: TrustedBSD Project	2001-03-15 03:00:39 +00:00
Peter Wemm	60d410ce42	It would help if trimdomain.c was actually committed. This is a stopgap world-unbreaker until Brian Somers commits the one he intended to. Pointy Hat to: brian	2001-03-15 00:15:22 +00:00
Brian Somers	c61b512ccc	Move trimdomain() into it's own source file and tidy things up a bit. Fix disorder in the Makefile. Reviewed (mostly) by: bde	2001-03-14 20:51:15 +00:00
Brian Somers	ec86eec797	MAXHOSTNAMELEN includes space for the NUL Don't read past the end of the host passed to realhostname() Not objected to by: freebsd-audit Interface disliked by: imp	2001-03-14 20:50:52 +00:00
Mark Murray	82e377fd12	Updates for Blowfish password hashing.	2001-03-11 16:37:33 +00:00
Bill Fumerola	f6f1b6b676	In theory it would be perfectly legal for a system administrator to # cd /dev && ./MAKEDEV pty0 pty3 and/or # rm -rf /dev/ptyp0 and expect all programs that use openpty() to still try to find available ptys.	2001-03-10 10:39:52 +00:00
Jeroen Ruigrok van der Werven	9a01d32bfd	Fix typo: seperate -> separate. Seperate does not exist in the english language. Submitted to look at by: kris	2001-02-06 10:39:38 +00:00
Bruce Evans	3ffb2fd399	Fixed prototype of logout() (const poisoning).	2001-02-06 01:06:25 +00:00
Ruslan Ermilov	d0353b836e	mdoc(7) police: split punctuation characters + misc fixes.	2001-02-01 16:38:02 +00:00
Brian Somers	f169f2f020	Call trimdomain properly for ip4 addresses. PR: 24659 realhostname_sa() stuff submitted by: Jim.Pirzyk@disney.com	2001-01-28 21:51:25 +00:00
Ruslan Ermilov	32f6256a49	Prepare for mdoc(7)NG.	2001-01-16 09:08:22 +00:00
Guy Helmer	4a4ecab1c6	In call to realloc, pass the number of bytes needed, not simply the number of login time structures. Forward the name of the deny capability rather than hard-coding it in login_hostok.	2000-12-31 16:15:06 +00:00
Ruslan Ermilov	4263595653	Prepare for mdoc(7)NG.	2000-12-29 14:08:20 +00:00
Ruslan Ermilov	63bd758be4	mdoc(7) police: Now that .Fx macro is parsed, backout the 1.18 -> 1.20 and fix the .Fx issue the right way.	2000-12-12 10:11:12 +00:00
Peter Wemm	f6b2bce285	Fix a mangled $Id string	2000-11-25 09:10:55 +00:00
Ruslan Ermilov	c23155a43a	mdoc(7) police: Er macro usage cleanup.	2000-11-22 16:02:00 +00:00
Ruslan Ermilov	3b8ecdbbbe	mdoc(7) police: use the new features of the Nm macro.	2000-11-20 14:08:07 +00:00
Ruslan Ermilov	b5c508fba3	Use Fx macro wherever possible.	2000-11-14 11:20:58 +00:00
Ruslan Ermilov	726b61ab5f	Avoid use of direct troff requests in mdoc(7) manual pages.	2000-11-10 17:46:15 +00:00
Murray Stokely	40863aba32	Eliminate inconsistency where a value that contains only whitespace confuses the parser. Approved by: jkh	2000-11-09 00:28:22 +00:00
Murray Stokely	f9f81f78d2	Added PROPERTY_MAX_VALUE and PROPERTY_MAX_NAME defines to libutil.h so that applications know how large of a buffer they must allocate before calling property_find(). Also added a $FreeBSD$ tag while I'm here. Approved by: jkh	2000-11-08 11:57:03 +00:00
Brian Feldman	aa86455875	Fix problems people were having with large -O levels with GCC and getting libutil/libcrypt to work properly. I've determined that GCC thinks it can inline all functions, including weak-symboled ones, if it feels like it. Create a new stub.c and move any stubs there to prevent inlining. Thanks to jdp and William S. Duncanson for helping me finally find the problem.	2000-10-27 01:19:02 +00:00
Brian Somers	ecbf047d3b	Correct uu_lock_txfr. I don't think this ever worked correctly.	2000-10-02 17:32:00 +00:00
Brian Feldman	d29b305125	Document passwd_format further.	2000-09-30 00:37:44 +00:00
Peter Wemm	8cfadb8904	Constify the arg to logout(3). It is const-safe. (cosmetic: drop some "register" qualifications too.)	2000-09-04 08:13:49 +00:00
Brian Somers	9feac5c218	Move setproctitle() from libutil to libc (after a repo-copy) and bump __FreeBSD_version to 500012 to mark the occasion. setproctitle() is prototyped in unistd.h as opposed to stdlib.h where OpenBSD and NetBSD have it. Reviewed by: peter	2000-09-02 01:51:36 +00:00
Jeroen Ruigrok van der Werven	de4b2114a4	Add weak symbol pragma for crypt_set_format(). Approved by: green	2000-08-23 11:54:10 +00:00
Brian Feldman	c2534fa193	Stick login_setcryptfmt() in its own file to make pulling in of -lcrypt only happen if truly necessary.	2000-08-23 03:45:57 +00:00
Brian Feldman	04c9749ff0	Add working and easy crypt(3)-switching. Yes, we need a whole new API for crypt(3) by now. In any case: Add crypt_set_format(3) + documentation to -lcrypt. Add login_setcryptfmt(3) + documentation to -lutil. Support for switching crypt formats in passwd(8). Support for switching crypt formats in pw(8). The simple synopsis is: edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :) Reviewed by: peter	2000-08-22 02:15:54 +00:00
Paul Saab	305ad8f908	If the format string passed to setproctitle begins with a '-' character, skip the program name when setting the process title. Ansified with extreme prejudice. Reviewed by: peter	2000-08-01 06:37:09 +00:00
Hajimu UMEMOTO	6484396e99	Sshd writes connected host into utmp directly. If the connection is via IPv6, the hostname is trimed due to the length of IPv6 address. This change saves it as possible. I have a grudge against the shortage of UT_HOSTSIZE.	2000-07-14 18:08:19 +00:00
Sheldon Hearn	0c69785700	Make sbsize a size instead of a number. This allows the usual suffixes to be applied to the value given. This does not break installed /etc/login.conf files, since un-suffixed numbers are interpreted as they were before. PR: 19750 Submitted by: Paul Herman <pherman@frenchfries.net>	2000-07-14 13:56:07 +00:00
Kris Kennaway	0e0b415c72	Don't call warn() without a format string.	2000-07-12 00:50:15 +00:00
Andrey A. Chernov	42148dbc70	Better fix for .Fx macro Submitted by: sheldonh	2000-07-06 20:13:42 +00:00
Andrey A. Chernov	26c4c891be	Fix .Fx usage (causing error diagnositc)	2000-07-06 00:25:05 +00:00
Alfred Perlstein	e8dca93127	document sbsize limit.	2000-06-02 20:51:05 +00:00
Hajimu UMEMOTO	4efe647d8b	We should see the ai_canonname menber of the first addrinfo structure in the linked list. RFC2553 mentions only first. Reviewed by: shin	2000-05-24 11:24:49 +00:00
Tim Vanderhoek	3f81737f30	Fix a memory leak with lc->lc_cap in login_close(). PR: bin/17084	2000-05-21 02:50:36 +00:00
Sheldon Hearn	f167d7fb3e	Fix miscellaneous mdoc macro argument limit infringements. PR: 18465 Reported by: Kazu TAKAMUNE <takamune@avrl.mei.co.jp>	2000-05-09 14:02:06 +00:00
Nik Clayton	eabfa0f434	Add xref to cap_mkdb(1). PR: docs/17544 Submitted by: Christ J. Clark <cjc@cc942873-a.ewndsr1.nj.home.com>	2000-04-30 22:43:09 +00:00
Alexey Zelkin	3dc329d1be	Introduce .Lb macro to libutil manpages Sort .Nm values in some manpages Remove explicit note about compiling with -lutil, it's implicitly declared by .Lb macro now.	2000-04-22 16:17:00 +00:00
Mike Pritchard	292bf7190f	Fix some spelling errors.	2000-03-24 00:58:49 +00:00
Hajimu UMEMOTO	9ed4e87cad	Return IPv4 native address for IPv4 mapped IPv6 address, even if A RR is not found. Reviewed by: shin	2000-03-23 17:25:00 +00:00
Hajimu UMEMOTO	88f853e037	Since crypto/openssh/login.c was changed to use realhostname_sa(), when connecting via IPv6, hostname was not recorded to utmp anymore. Because, if hostname is longer than buffer size, getnameinfo() returns with ENI_MEMORY. Reviewed by: shin Approved by: jkh	2000-03-07 07:52:01 +00:00
Sheldon Hearn	c6ff3a1bf7	Remove single-space hard sentence breaks. These degrade the quality of the typeset output, tend to make diffs harder to read and provide bad examples for new-comers to mdoc.	2000-03-02 09:14:21 +00:00
Yoshinobu Inoue	3a6be83f49	Update major version. Now libutil depends on libc.so.4, so needs to update the major version. Without this, old binaries which use libutil and build with libc.so.3 will coredump on recent 4.0. Solicited comment for cvs-committers and there seems to be no objection. Approved by: jkh	2000-02-14 03:55:27 +00:00
Nik Clayton	dc23d0609b	Document mixpasswordcase here as well as in passwd.1	2000-02-11 13:55:41 +00:00
Josef Karthauser	18c0eeddf7	Historically file flags (schg, uschg, etc) have been converted from string to u_long and back using two functions, flags_to_string and string_to_flags, which co-existed with 'ls'. As time has progressed more and more other tools have used these private functions to manipulate the file flags. Recently I moved these functions from /usr/src/bin/ls to libutil, but after some discussion with bde it's been decided that they really ought to go in libc. There are two already existing libc functions for manipulating file modes: setmode and getmode. In keeping with these flags_to_string has been renamed getflags and string_to_flags to setflags. The manual page could probably be improved upon ;)	2000-01-27 21:17:01 +00:00
Yoshinobu Inoue	01d81a0351	Avoid core dump when ai_canonname is NULL. (Now this happens for numeric addrs, as getaddrinfo() 1.3 -> 1.4 change) Reviewed by: Mark Huizer <xaa@timewasters.nl>	2000-01-27 17:24:53 +00:00
Bruce Evans	cc8ffb11cd	Use a long line instead splitting a line with backslash-newline in synopsis. My synopsis checker doesn't understand backslash-newline.	2000-01-27 03:04:11 +00:00
Peter Wemm	4dc2c0b8b3	Use a more conventional copyright message.	2000-01-26 07:17:00 +00:00
Yoshinobu Inoue	0cac72f42c	several tcp apps IPv6 update -inetd -rshd -rlogind -telnetd -rsh -rlogin Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project	2000-01-25 14:52:10 +00:00
Ruslan Ermilov	36807a7b25	Do not set the default terminal type to "su", leave it empty. PR: bin/5084 Reviewed by: asmodai, davidn, sef	2000-01-19 10:54:44 +00:00
Chris Costello	da55e68c66	Repair internal consistency: Change "login_cap_t * lc" to a more correct (and consistent) "login_cap_t *lc".	2000-01-18 03:02:29 +00:00
Bill Fumerola	4aee48edcc	Add the "use -lutil" line to all functions that require it so people like Dan Papsian <bugg@bugg.strangled.net> don't anger wpaul and myself with silly linking errors. Reviewed by: chris	2000-01-18 01:27:47 +00:00
Yoshinobu Inoue	ad5e523b7f	Support v6 login.	2000-01-15 03:26:54 +00:00
Rodney W. Grimes	d05257b0f2	Replace beforeinstall target with new variables used by .mk system. Reviewed by: marcel, and make world	2000-01-14 07:57:47 +00:00
Bruce Evans	2e22df0b11	Fixed missing include in synopsis. Removed superfluous quoting of function name in .Fo macro. My synopsis checker doesn't understand it.	2000-01-05 16:31:12 +00:00
Josef Karthauser	edc2844c9f	Moved flags_to_string and string_to_flags into libutil. It's used in many places nowadays.	1999-12-30 13:15:15 +00:00
Peter Wemm	2705d66b49	Connect fparseln(3) for mailwrapper(8)	1999-12-29 17:50:34 +00:00
Ollivier Robert	aa50282cd1	Fix a bug where a pointer would be one character too far after putting a '\0' at the end of a string. Submitted by: Martin Birgmeier <Martin.Birgmeier@aon.at>	1999-12-21 10:17:36 +00:00
Ollivier Robert	27d5775d8c	Rewriting of flags_to_string() and string_to_flags() to use an array. PR: bin/3648 Submitted by: Martin Birgmeier <mbirg@austria.ds.philips.com>	1999-12-19 15:31:24 +00:00
Peter Wemm	1fa45844c4	This commit was generated by cvs2svn to compensate for changes in r54820, which included commits to RCS files with non-trunk default branches.	1999-12-19 14:14:37 +00:00
Peter Wemm	d6e91b3149	Import fparseln(3) from NetBSD. It's used for easily dealing with \ escaped lines etc. (used by mailwrapper)	1999-12-19 14:14:37 +00:00
Brian Somers	0675e24de0	Make setproctitle(NULL) restore all of the original arguments (if it's able).	1999-11-17 21:12:17 +00:00
Poul-Henning Kamp	b9df5231ca	Introduce commandline caching in the kernel. This fixes some nasty procfs problems for SMP, makes ps(1) run much faster, and makes ps(1) even less dependent on /proc which will aid chroot and jails alike. To disable this facility and revert to previous behaviour: sysctl -w kern.ps_arg_cache_limit=0 For full details see the current@FreeBSD.org mail-archives.	1999-11-16 20:31:58 +00:00
Joseph Koshy	07ee6e1899	Link manual page for login_getpwclass(3) to login_cap(3). PR: docs/14673 Submitted by: Andrew <andrew@ugh.net.au>	1999-11-04 08:33:18 +00:00
Brian Feldman	6b3ced11a2	This implements the RLIMIT_SBSIZE ("sbsize") administrative limits for userland. Currently, it can be enforced by login and csh. More shells supporting sbsize are welcome.	1999-10-09 20:47:59 +00:00
Alexey Zelkin	3a049969b5	mdoc(7)'fy Reviewed by: mpp	1999-09-21 19:39:27 +00:00
Alexey Zelkin	c6d6e7726f	Correct spelling : ascii -> ASCII PR: docs/13702 Submitted by: Stephen J. Roznowski <sjr@home.com> Reviewed by: mpp	1999-09-20 09:15:23 +00:00
Peter Wemm	97d92980a9	$Id$ -> $FreeBSD$	1999-08-28 01:35:59 +00:00
Peter Wemm	7f3dea244c	$Id$ -> $FreeBSD$	1999-08-28 00:22:10 +00:00
Peter Wemm	2a4562393f	$Id$ -> $FreeBSD$	1999-08-27 23:15:48 +00:00
Chris Costello	f437b38cf7	Fix a bunch of broken cross-references	1999-08-18 05:55:22 +00:00
Mike Pritchard	74804d58a0	Various man page cleanup: - Sort xrefs - FreeBSD.ORG -> FreeBSD.org - Be consistent with section names as outlines in mdoc(7) - Other misc mdoc cleanup. PR: doc/13144 Submitted by: Alexy M. Zelkin <phantom@cris.net>	1999-08-15 09:51:25 +00:00
Chris Costello	27f42f4fd8	Bad reference of termios(3) changed to termios(4).	1999-08-14 07:52:29 +00:00
Chris Costello	84f347708b	Bad reference to lstat(3) changed to lstat(2)	1999-08-14 07:43:02 +00:00
Sheldon Hearn	7312edcec3	Axe LOGIN_CAP_AUTH. PR: 10115 Reported by: Gene Skonicki <gene@cif.rochester.edu> Requested by: jdp	1999-08-13 16:51:40 +00:00
Nik Clayton	206ccf0420	Correct some grammar and style problems with this page. Submitted by: Kris Kennaway <root@rebel.net.au>	1999-07-20 20:46:26 +00:00
Nik Clayton	d7dcd048aa	Be a little clearer about login_getpwclass(3), and its penchant for looking up a record called "root". PR: docs/12377 Submitted by: Adrian Filipi-Martin <adrian@ubergeeks.com>	1999-07-14 22:36:10 +00:00
Sheldon Hearn	a9b00e4d5f	Fix commented out CFLAGS addition for LOGIN_CAP_AUTH, which was missing a make -D option. PR: 12591 Submitted by: Craig Leres <leres@ee.lbl.gov>	1999-07-12 14:27:58 +00:00
Pierre Beyssac	9d1163f7c3	Move call to umask(0) back into pw_util(), because the latter function is also used by chpass(1) and passwd(1).	1999-06-29 01:04:10 +00:00
Pierre Beyssac	2ece3ed4c8	Force umask to 077 (instead of 000) during the edit phase, to get secure permissions in case the user attempts to save something to a file of his own. Move umask stuff out of pw_init() into main() for better visibility of overall umask tweaking logic. PR: misc/11797	1999-06-26 12:15:39 +00:00
Sheldon Hearn	af2d5f9b31	Add -d option to vipw(8) to allow selection of an alternative directory for the password files. PR: 2703 Submitted by: jmg	1999-06-26 07:16:42 +00:00
John Birrell	5095f1917a	Remove the static declaration from the line[] variable to allow openpty() to be called from a threaded application.	1999-05-24 01:15:28 +00:00
Jean-Marc Zucconi	e1e705c5b5	Chflags was clearing all flags supplied on the command line after a clearing flag like dump or noschg, etc. PR: bin/10071 Submitted by: Andreas Klussmann <andreas@infosys.heitec.net>	1999-05-21 17:04:13 +00:00
Andrey A. Chernov	121ba32d78	fix potential memory overwrite in escape parsing PR: 11687 Submitted by: Don Lewis <Don.Lewis@tsc.tdk.com>	1999-05-13 16:16:46 +00:00
Tim Vanderhoek	61f74535f6	Change references from "passwordperiod" to "passwordtime", since "passwordtime" is what passwd(1) has actually been using. I suspect passwordperiod was the original intent. I can't figure-out which, if either, BSDi uses. If anyone knows...	1999-04-30 18:19:46 +00:00
Andrey A. Chernov	8a2deaa1de	oops, add pwd!=NULL check to previous fix	1999-04-24 17:17:42 +00:00
Andrey A. Chernov	ae70257435	Switch to user UID/GID before checking/reading its ~/.login_conf - some NFSes have root read access disabled	1999-04-24 17:01:58 +00:00
Andrey A. Chernov	ab39fdb694	add MLINKS for two functions used from login_auth.c comment out unused functions from login_auth.3	1999-04-24 16:30:30 +00:00
Brian Somers	d746fb6643	If given host.domain:nn[.nn], trimdomain() now reduces it to host:nn[.nn] (if the domain is the same as the local one).	1999-04-09 01:54:10 +00:00
Brian Somers	c1df83d996	bcopy -> memmove Suggested by: archie	1999-04-08 08:00:06 +00:00
Brian Somers	0c059599f6	Tidy up trimdomain() and document it. Don't truncate one byte short of the passed length.	1999-04-07 14:03:31 +00:00
Brian Somers	5b3f0a74e1	Handle hostnames up to MAXHOSTNAMELEN-1 in length. Use bcopy() instead of strcpy() to handle potentially overlapping regions. Un-obscure/complicate some code.	1999-04-07 08:27:04 +00:00
Brian Somers	bc19c8517d	Put parenthesis around sizeof args. Allow for host names up to MAXHOSTNAMELEN - 1 in length. Prompted by: bde	1999-04-07 08:26:50 +00:00
Brian Somers	595f220e04	Add realhostname() - a function to correctly lookup a name by address and ensure that the name resolves back to the original address.	1999-04-06 23:02:35 +00:00
Brian Somers	3c42a9c08a	Get the pid right if a stale lock file exists. PR: 10531 Submitted by: Lawrence D. Lopez <lopez@cisco.com>	1999-03-11 09:09:20 +00:00
Bruce Evans	19ee2ea58c	Fixed bitrot in synopsis (some const poisoning had not reached here).	1999-03-05 17:08:23 +00:00
Alexander Langer	43d1df332e	Removed occurrences of consecutive repeated words (such as "the the").	1999-02-12 02:12:08 +00:00
Bruce Evans	8495e302f6	Declare setproctitle() as printf0-like.	1998-12-16 17:52:15 +00:00
Bruce Evans	d529713846	Adjust for kern.ps_strings and PS_STRINGS not being a pointer. This is an unimprovement here. I thought it would be an improvement, as in libkvm, but here we can access the strings directly. Use sysctlbyname() instead of sysctl() and trust it to give a nonzero address if it succeeds.	1998-12-16 17:34:05 +00:00
Matthew Dillon	0e31b6b580	oops. Fix indentation of the 'for' loop I just added.	1998-12-13 01:39:32 +00:00
Matthew Dillon	f16d2ab2d3	Handle the race condition where vipw may lock a password file which has just been replaced. After our lock succeeds we check if st_nlink is 0 and if it is we close the descriptor and retry our open/lock sequence.	1998-12-13 01:36:45 +00:00
Jordan K. Hubbard	efbcb4ae03	Better document the file format, add in support for nested {}'s in multi-line property values.	1998-11-22 13:20:09 +00:00
Dag-Erling Smørgrav	4da8edd59e	Since vfork() was changed to fork(), we have to pass errno back from the child to the parent somehow. PR: 8353 Submitted by: Andrew J. Korty <ajk@purdue.edu>	1998-10-20 11:34:11 +00:00
Jordan K. Hubbard	eed80d041b	correct prototype.	1998-10-14 11:04:36 +00:00
Dag-Erling Smørgrav	1fd98d7d88	Calls one or more of malloc(), warn(), err(), syslog(), execlp() or execvp() in the child branch of a vfork(). Changed to use fork() instead. Some of these (mv, find, apply, xargs) might benefit greatly from being rewritten to use vfork() properly. PR: Loosely related to bin/8252 Approved by: jkh and bde	1998-10-13 14:52:33 +00:00
Jordan K. Hubbard	8b1ef8d464	Now take stdio.h out of files that don't require it.	1998-10-09 11:24:20 +00:00
Jordan K. Hubbard	475ae25ac1	Update docs to match interface change.	1998-10-09 07:33:58 +00:00
Jordan K. Hubbard	50dfa596d3	o move path in libutil.h to paths.h o make property_read() take a fd instead to avoid stdio.h mess o update auth to new interface.	1998-10-09 07:32:38 +00:00
Jordan K. Hubbard	72671863e8	Take the path spec back out.	1998-10-09 07:28:14 +00:00
Jordan K. Hubbard	b8c11ec197	All these have to include stdio.h now.	1998-10-09 00:39:09 +00:00
Jordan K. Hubbard	146c3cf45c	remove stdio.h include; I forgot Bruce's cardinal rule that header files shouldn't include other ones (which, unfortunately, is also a hellish rule since he broke interfaces like sysctl this way by requiring undocumented header files to be included just in order to be able to use them now - SIGH!).	1998-10-08 23:10:41 +00:00
Jordan K. Hubbard	3b29c89296	Add some rudimentary documentation for my new functions.	1998-10-08 06:53:32 +00:00
Jordan K. Hubbard	69761016be	Correct a build error that got past my build test somehow.	1998-10-08 01:56:49 +00:00
Jordan K. Hubbard	b704025f3c	Add a simple mechanism for reading property lists from files (which I'll convert sysinstall to use shortly) and a simple call which uses this mechanism to implement an /etc/auth.conf file. I'll let Mark Murray handle the format and checkin of the sample auth.conf file. Reviewed by: markm	1998-10-07 17:32:49 +00:00
Warner Losh	e8420087b0	Replace memory leaking instances of realloc with non-leaking reallocf. In some cases replace if (a == null) a = malloc(x); else a = realloc(a, x); with simple reallocf(a, x). Per ANSI-C, this is guaranteed to be the same thing. I've been running these on my system here w/o ill effects for some time. However, the CTM-express is at part 6 of 34 for the CAM changes, so I've not been able to do a build world with the CAM in the tree with these changes. Shouldn't impact anything, but...	1998-09-16 04:17:47 +00:00
Andrey A. Chernov	9f3a9c3a18	Print uid/gid as u_long per bde suggestion	1998-07-29 14:05:01 +00:00
Andrey A. Chernov	e8f9ae6c6e	cast arg to (long) to match format	1998-07-28 01:30:16 +00:00
Brian Somers	6c78a7b0e8	Cast pid_t to int for sprintf. Pointed out by: Charlie Sorsby <crs@hgo.net>	1998-06-10 00:16:28 +00:00
Joseph Koshy	9c727d2ca9	Spelling corrections. PR: 6868 Submitted by: Josh Gilliam <josh@quick.net>	1998-06-06 05:50:53 +00:00
Andrey A. Chernov	15af1c9b5d	Add missing uu_lock_txfr() prototype	1998-06-05 08:21:33 +00:00
John Birrell	ac4898ab0d	If using NetBSD syscalls the rtprio syscall doesn't exist, so just don't try to use it to set special priorities.	1998-06-03 08:12:00 +00:00
Atsushi Murai	89caae2932	Trim a domain part for wtmp as same as showed by "netstat -r". Here is a some example for avoiding a confusion. It asssumes a logged host domain is "spec.co.jp". All example is longer than UT_HOSTNAMELEN value. 1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama 2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2 3) specgw.spec.co.jp : 202.32.13.1 -> specgw Submitted by: Atsushi Murai <amurai@spec.co.jp>	1998-06-01 08:47:04 +00:00
Brian Somers	46cf264a26	Add uu_lock_txfr() to transfer ownership of a successful uu_lock() to another process.	1998-05-28 23:17:09 +00:00
Steve Price	e172f0e587	Allow setting of idle or realtime processing priorities per login class. PR: 6636 Submitted by: Jason Young <doogie@forbidden-donut.anet-stl.com>	1998-05-25 03:55:23 +00:00
David Greenman	ec3a3b4594	Oops, revert part of a diff that wasn't supposed to have been committed.	1998-04-28 07:02:33 +00:00
David Greenman	214bed53a2	Cache the results of the ps_strings sysctl so that it doesn't have to be redone for every call of setproctitle().	1998-04-28 06:59:14 +00:00
Bruce Evans	6b20a4e1b1	Fixed function types in synopsis. Commented out docmentation of nonexistent authenticate() and auth_timesok(). authenticate() seems to be obsolete and auth_timesok() never existed in FreeBSD.	1998-03-23 13:29:49 +00:00
Philippe Charnier	a5941fc2aa	.Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq	1998-03-19 07:34:22 +00:00
Bill Fenner	15b873cc56	Change tty-related capability names to match the implementation ("ttys.", not "tty.").	1998-02-21 23:29:59 +00:00
Jordan K. Hubbard	24b687b8de	MF22: add login_auth.3 to man page list.	1998-02-18 05:29:07 +00:00
Steve Price	b916ff7fcc	Correctly document h and m modifiers to the time format. PR: 5739 Submitted by: Matthew Cashdollar <mattc@rfcnet.com>	1998-02-14 16:12:53 +00:00
Bruce Evans	060cc64852	Fixed bitrot in the prototype for logwtmp().	1998-01-16 16:53:30 +00:00
John Birrell	f1d896d117	Make a couple of the stat flags dependent on the sys/stat.h header file that this source is compiled against. This source is referenced by install which is needed as a build tool and must be able to compile against NetBSD headers and libraries if we have a hope of supporting another architecture. With this change, that's two working programs down and 3945 (?) to go. The other one was make, but that didn't need any changes to work under FreeBSD/Alpha. 8-)	1998-01-09 06:14:59 +00:00
Steve Price	2948624f5d	Make the login_getclassbyname prototype match reality. PR: 4838	1997-11-05 04:03:05 +00:00
Philippe Charnier	acb61b9eb4	Statisize usage().	1997-10-27 07:53:22 +00:00
Joerg Wunsch	cfeb4fd273	Remove the claim that UUCP locking were not atomic. It is since revision 1.8 of uucplock.c.	1997-10-07 07:24:50 +00:00
David E. O'Brien	b90b0ce7ab	Add passwd(5) to "SEE ALSO". ISSUES: An example and better explansion on how to specify a user's login class in /etc/master passwd is needed. (As I don't seem to be specifiying it right, I can't do it).	1997-10-07 05:40:36 +00:00
Jordan K. Hubbard	97fe7f477f	Changes to support full make parallelism (-j<n>) in the world target. Reviewed by: <many different folks> Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>	1997-10-05 09:40:24 +00:00
Wolfram Schneider	bf5cbf3551	Sort cross refereces in section SEE ALSO.	1997-09-29 19:11:55 +00:00
Wolfram Schneider	2af22b06a4	Endless loop. $ vipw [corrupt a line in editor, exit editor] pwd_mkdb: corrupted entry pwd_mkdb: at line #2 pwd_mkdb: /etc/pw.012585: Inappropriate file type or format re-edit the password file? [y]: n^D^D [hang]	1997-09-29 13:13:51 +00:00
Paul Traina	326df44ead	The parameters to logwtmp should be const char's	1997-09-04 22:38:59 +00:00
Brian Somers	ad1d4e56a2	Remove login_progok() Suggested by: guido	1997-08-31 20:09:39 +00:00
Brian Somers	fbbe016b64	Add full support for determining if a user is restricted from running a given program.	1997-08-27 20:06:20 +00:00
Brian Somers	889d7d1524	Add prog.deny as a list capability for denying execution of certain programs.	1997-08-26 23:15:57 +00:00
Bruce Evans	30a72f72d5	-I${DESTDIR}/sys -> -I${.CURDIR}/../../sys.	1997-08-26 14:13:02 +00:00
Joerg Wunsch	1818482d81	Cosmetic: distinguish in diag message between rebuilding and updating the database. PR: 3397 Submitted by: taob@risc.org (Brian Tao)	1997-08-24 18:23:21 +00:00
Steve Price	673b794638	Protect the copyright comments from reformatting by indent and make this compile -Wall clean like the Makefile suggests that it should. :) Pointed out by: Bruce Evans <bde@zeta.org.au>	1997-08-13 20:42:18 +00:00
Andrey A. Chernov	84dc22996d	Implement canonical locking protocol Suggested by: joerg	1997-08-10 18:42:39 +00:00
Steve Price	febad2fcf4	Observe precedence set by Phillippe Charnier in adding an rcsid.	1997-08-07 22:28:25 +00:00
Steve Price	d46c1a60d3	Remove #if(n)def BSD_4_4_LITE cruft and sccsid -> rcsid.	1997-08-07 15:33:50 +00:00
Andrey A. Chernov	e1a10354cb	Improve weak locking by using flock()	1997-08-05 12:58:02 +00:00
David Nugent	78e4c02479	sleep() after sending 'nologin' file to ensure output is drained before disconnect.	1997-07-19 04:47:05 +00:00
Satoshi Asami	85cfd1244c	Add appropriate ${DESTDIR} in front of absolute paths.	1997-07-18 07:27:56 +00:00
David Nugent	0edf29640b	Fix infinite loop. PR: 3878 Submitted by: roman@rpd.univ.kiev.ua	1997-06-16 23:38:01 +00:00
David Nugent	c2043f40bb	Add "break" inadvertently removed in previous update. PR: 3820 Submitted by: Joseph Stein <joes@spiritone.com>	1997-06-13 22:26:41 +00:00
Julian Elischer	50dab48a5b	Submitted by: Whistle Communications (archie Cobbs) These changes add the ability to specify that a UFS file/directory cannot be unlinked. This is basically a scaled back version of the IMMUTABLE flag. The reason is to allow an administrator to create a directory hierarchy that a group of users can arbitrarily add/delete files from, but that the hierarchy itself is safe from removal by them. If the NOUNLINK definition is set to 0 then this results in no change to what happens normally. (and results in identical binary (in the kernel)). It can be proven that if this bit is never set by the admin, no new behaviour is introduced.. Several "good idea" comments from reviewers plus one grumble about creeping featurism. This code is in production in 2.2 based systems	1997-06-02 06:24:52 +00:00
Thomas Gellekum	664b197825	Typo police.	1997-05-22 07:02:01 +00:00
Peter Wemm	d3e0a2504d	Now I really understand the reason for the style.9 rule about not having visible type names in prototypes in user space headers. libutil.h generates warnings with -Wall over the use of "const char *ttyname". It's lucky it wasn't a #define conflict. Is a single '_' prefix acceptable? or does it need to be two?	1997-05-19 10:04:15 +00:00
David Nugent	ebcea1131c	MF2.2: update login_cap api docs. PR: Reviewed by: Submitted by: Obtained from:	1997-05-18 09:14:11 +00:00
David Nugent	cfd94da5e2	For non-root uids, consider root-owned files also 'secure' unless otherwise disqualified.	1997-05-15 06:06:32 +00:00
Satoshi Asami	80ec9b23e0	Back out previous revision. Shlib version numbers are supposed to be bumped only 0.1 or 1.0 between releases. (See handbook.) Note that if you have built world in -current in the last 48 hours or so, you should manually remove /usr/lib/libutil.so.2.3 before rebuilding world to cleanse your system.	1997-05-13 08:51:49 +00:00
Brian Somers	85b0d75dd9	Make uu_* const correct. Suggested by: joerg	1997-05-12 10:36:14 +00:00
David Nugent	210793f753	Add #include <sys/types.h> in synopsis, now required for libutil.h.	1997-05-11 08:50:33 +00:00
David Nugent	ecc5526939	Bump shared lib version to 2.3. Suggested by: bde	1997-05-11 08:31:43 +00:00
David Nugent	5f3a736739	MF2.2: bugfix in arrayize().	1997-05-11 08:07:29 +00:00
David Nugent	56c0434453	Summary of login.conf support changes: o Incorporated BSDI code and enhancements, better logging for error checking (which has been shown to be a problem, and is therefore justified, imho); also some minor things we were missing, including better quad_t math, which checks for under/overflows. o setusercontext() now allows user resource limit overrides, but does this AFTER dropping root privs, to restrict the user to droping hard limits and set soft limits within the kernel's allowed user limits. o umask() only set once, and only if requested. o add _secure_path(), and use in login.conf to guard against symlinks etc. and non-root owned or non-user owned files being used. Derived from BSDI contributed code. o revamped authentication code to BSDI's latest api, which includes deleting authenticate() and adding auth_check() and a few other functions. This is still marked as depecated in BSDI, but is included for completeness. No other source in the tree uses this anyway, so it is now bracketed with #ifdef LOGIN_CAP_AUTH which is by default not defined. Only auth_checknologin() and auth_cat() are actually used in module login_auth.c. o AUTH_NONE definition removed (collided with other includes in the tree). [bde] o BSDI's login_getclass() now accepts a char classname parameter rather than struct passwd pwd. We now do likewise, but added login_getpwclass() for (sort of) backwards compatiblity, namely because we handle root as a special case for the default class. This will require quite a few changes elsewhere in the source tree. o We no longer pretend to support rlim_t as a long type. o Revised code formatting to be more bsd-ish style.	1997-05-10 18:55:38 +00:00
David Nugent	3564cb62c8	Move login_cap.h from src/include for easier maintenance with related files.	1997-05-10 12:49:30 +00:00
Daniel O'Callaghan	a6f96c4131	Fix punctuation: "it's" -> "its"	1997-04-17 23:31:47 +00:00
Bruce Evans	c5a44d911a	Fixed missing const in synopsis.	1997-04-13 14:12:48 +00:00
Mike Pritchard	134970f671	Grammar police.	1997-04-02 05:52:22 +00:00
Andrey A. Chernov	28804f92db	Add Id Reduce space for error bufer from 512 to 128: there is no such long strings can be returned from strerror()	1997-04-02 04:24:39 +00:00
Andrey A. Chernov	81d9597ce7	Code space optimization in uu_lockerr()	1997-04-02 03:53:49 +00:00

... 5 6 7 8 9 ...

702 commits