d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,002 Commits 72 Branches 135 Tags 3.2 GiB
0fa107a3cb
Commit Graph

107 Commits

Author SHA1 Message Date
Mark Murray
0fa107a3cb Simplify code. Also verbose logging, verbose overridable error reporting. 2001-08-10 19:15:48 +00:00
Mark Murray
65550d9b5a Verbose logging, overridable verbose error reporting. 2001-08-10 19:12:59 +00:00
Mark Murray
b04259a5cf Module clean-up. Verbose logging, Overridable verbose error reporting, 
FreeBSD pam_prompt() usage to simplify conversation function usage.
 2001-08-10 19:10:43 +00:00
Mark Murray
2108fbd748 Verbosely (overridable) report failure to the user. 2001-08-10 19:07:45 +00:00
Mark Murray
ceca323626 Use the FreeBSD pam_prompt() interface to the conversation function 
instead of home-rolling it. Clean up debugging code and tidy the
module.
 2001-08-10 19:05:57 +00:00
Mark Murray
3a9cdcb91f Verbosely report errors to the user (overridable), and make sure 
that the correct failure mode is reported.
 2001-08-10 19:02:21 +00:00
Mark Murray
27b9f9d4a3 Fix broken logic so that this actually works for the superuser. 
Verbosely log (properly).
Verbosely report errors to the user.
 2001-08-10 14:21:58 +00:00
Mark Murray
cfa285d9e4 Rework this to prevent a nasty problem involving different modules' 
option interacting with each other.
 2001-08-10 14:16:47 +00:00
Mark Murray
0b2e8123ef Declare the new user-error reporting macro. 
This is a macro to allow use of the __FILE__ and __FUNCTION__
macros.
 2001-08-10 14:15:00 +00:00
Mark Murray
a56dfc9b23 Add a routine for providing feedback via the conversation mechanism 
(usually to stderr) for user-reportable errors.
 2001-08-10 14:13:16 +00:00
Mark Murray
13cde2748e Fix style/consistency in Makefile and repair static module building. 
Submitted by:	bde(partially)
 2001-08-04 21:51:14 +00:00
Mark Murray
d5e53157cf Don't clobber CFLAGS 
Submitted by:	bde
 2001-08-04 21:49:30 +00:00
Mark Murray
4447e914e8 Fix the bug where this modulke was not checking the priamry GID, only 
the GIDS in /etc/group or NIS's group map.

Tested by:	sheldonh
PR:		29349
 2001-08-04 09:19:31 +00:00
Mark Murray
f950650b78 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
Mark Murray
c52468e7ef Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
Mark Murray
f5974d336f Repair the get/set UID() stuff so this works in both su(1) and login(1) 
modes.
 2001-08-02 10:35:41 +00:00
Mark Murray
af1852503e Making this major bump was a BAD idea. The API change is internal (to PAM) 
and it caused problems without solving any.
 2001-07-30 09:56:38 +00:00
Mark Murray
7b22794017 (Re)Add an SSH module for PAM, heavily based on Andrew Korty's module 
from ports.
 2001-07-29 18:31:09 +00:00
Ruslan Ermilov
0fa68d89e8 mdoc(7) police: widen width of the options list. 2001-07-18 14:49:32 +00:00
Mark Murray
0eb9c7b357 Update to the same level of debug-logging as the rest of the 
FreeBSD/PAM modules.
 2001-07-17 07:36:51 +00:00
Mark Murray
3741d46458 Update to the same code as in the pam_krb5.so port. 
According to Peter, the port works - this needs more testing.
 2001-07-17 07:34:36 +00:00
Dima Dorfman
f247324df7 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
Mark Murray
f042a54245 Use a better method of getting user credentials to account for 
(legal) UID duplication.

Rename use_uid to auth_as_self for consistency with other modules.
 2001-07-14 08:42:39 +00:00
Mark Murray
6fd676c982 Use a better method to get user credentials to account for (legal) 
duplications of UID's in /etc/*passwd.
 2001-07-14 08:38:24 +00:00
Ruslan Ermilov
e8b02a428d mdoc(7) police: -xwidth has been fold into -width. 2001-07-13 09:09:52 +00:00
Ruslan Ermilov
08ecaa10b2 mdoc(7) police: fixed markup, a little bit. 2001-07-11 08:36:26 +00:00
Ruslan Ermilov
63b81b76ca mdoc(7) police: fixed markup any numerous typos. 2001-07-11 08:35:34 +00:00
Mark Murray
84f39079c5 Fix a horrible bug introduced by myself where the options collection 
keeps on growing as the module stack is parsed.
 2001-07-10 16:59:30 +00:00
Ruslan Ermilov
625003720a mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
Ruslan Ermilov
a307d59838 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
Mark Murray
1642eb1a52 Clean up (and in some cases write) the PAM mudules, using 
o The new options-processing API
o The new DEBUG-logging API

Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.

Audit, clean up while I'm here.
 2001-07-09 18:20:51 +00:00
Mark Murray
5d87b61e6f Bump the major number. The libraries API has changed incompatibly. 2001-07-09 18:16:33 +00:00
Mark Murray
c3a080c527 Almost completely rewrite the PAM module options processing 
routines, and provide a more extended API for doing this.

Provide an API for debug logging.

Audit and clean up the code.
 2001-07-09 18:14:43 +00:00
Ruslan Ermilov
5521ff5a4d mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
Ruslan Ermilov
88de1238eb mdoc(7) police: fixed formatting. 2001-07-06 07:29:59 +00:00
Peter Wemm
d6be5f6435 Fix libpam's linker set stuff to use the new API (unbreak world), and get 
rid of gensetdefs from here as well.
 2001-06-14 01:13:30 +00:00
Chris Costello
8b136a6dde Convert to mdoc(7). 2001-06-13 21:52:07 +00:00
Mark Murray
084a46829b Big module cleanup. 
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.

Build new modules.

Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
 2001-06-04 19:47:56 +00:00
Mark Murray
bc0105f860 Null file to bring back a file from the dead. This allows the real commit 
to happen remotely. Damn CVS bugs :-(
 2001-06-04 19:25:41 +00:00
Mark Murray
46efbac2ed Add the "nullok" option that causes this module to succeed if the Unix 
password is empty/null.
 2001-06-04 19:16:57 +00:00
Mark Murray
35a2fbdee0 Tidy up the options list (and make it more extendable), and add some 
extra "standard" options.
 2001-06-04 19:12:08 +00:00
Mark Murray
397fa72521 Add some new utility authenticators. 
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.

pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
 2001-06-04 18:44:47 +00:00
Mark Murray
4448b21cc6 Add the "auth_as_self" option to the pam_unix module (there is no 
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
 2001-05-24 18:35:52 +00:00
Mark Murray
84d6cd8ea1 Bring in a few useful PAM modules. 
pam_krb5 is a Kerberos 5 (Heimdal) authentication module.

pam_nologin checks for /etc/nologin and does the "usual stuff"
	if it is found, otherwise it silently succeeds.

pam_rootok silently succeeds if the user is root, otherwise
	it fails.

pam_wheel silently succeeds if the user is a member of group
	"wheel" (or another nominated group), and fails
	otherwise.

There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
 2001-05-14 11:23:58 +00:00
Brian Feldman
d67ad957e9 Finish disconnecting pam_ssh from the build. 2001-05-04 20:40:53 +00:00
Brian Feldman
253fb6ea3a I've been meaning to take pam_ssh out of the base system for a while now. 
Finally do it.
 2001-05-04 03:53:48 +00:00
Mark Murray
556a280696 Update for (Linux-)PAM 0.75 2001-05-03 10:55:48 +00:00
Ruslan Ermilov
5f95f24bf4 mdoc(7) police: uppercase document title. 2001-04-18 08:25:26 +00:00
Ruslan Ermilov
4a558355e5 MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
John Baldwin
12e275aaee Use a unified libgcc rather than a seperate one for threaded and 
non-threaded programs.  This provides threaded programs with the
needed exception frame symbols.

parts submitted by:	Max Khon <fjoe@iclub.nsu.ru>
PR:	23252
 2001-01-06 18:59:46 +00:00