also set the user's MAC label as part of the user credential setup
by setting setusercontext(3)'s SETMAC flag. By default, change only
traditional process properties.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
as a user ID -> has a user ID
command constitutes of -> command consists of
PR: misc/36523
Submitted by: Chris Pepper <pepper@mail.rockefeller.edu>
MFC after: 3 days
for authentication to PAM. This meens that WHEELSU-type logic can
now be effected in the pam.conf "su" configuration stack. While here,
clean up the mess that the code had assumed over years of hacking by
folks using different styles. ANSIfy.
There is more policy in here that can be handed over to PAM. This will
be revisited.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c
Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
group is 0 in /etc/passwd even if they aren't listed
as a member in /etc/group. This is more inline with
what the group manpage says.
PR: 6696
Submitted by: Max Euston <meuston@jmrodgers.com>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
to the target login's shell. This allows for "su -c".
Do it right this time and also explain this behaviour in the man
page. :)
Obtained from: bsm's work in FreeBSD 1.1.5.1
