Commit Graph

59 Commits

Author SHA1 Message Date
Maxim Sobolev
5ec57af4b2 Fix several places where tool name has been hardcoded:
install -> ${INSTALL}
    mtree -> ${MTREE_CMD}
    services_mkdb -> ${SERVICES_MKDB_CMD}
    cap_mkdb -> ${CAP_MKDB_CMD}
    pwd_mkdb -> ${PWD_MKDB_CMD}
    kldxref -> ${KLDXREF_CMD}

If you do custom FreeBSD builds you may want to override those
in some cases.

Sponsored by:	Sippy Software, Inc.
2019-06-02 23:38:19 +00:00
Emmanuel Vadot
a8b94f3d79 pkgbase: Move login.access to usb.bin/login
Also remove the etc-examples target as we don't have any files
to handle here.

Reviewed by:	bapt
2019-05-22 07:23:03 +00:00
Brad Davis
d3b764acc6 Move fbtab, login.conf, and motd to usr.bin/login/
Approved by:	Approved by: re (gjb), bapt (mentor), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16947
2018-08-30 15:52:03 +00:00
Baptiste Daroussin
3e11bd9e2a Convert to usr.bin/ to LIBADD
Reduce overlinking
2014-11-25 14:29:10 +00:00
Warner Losh
c6063d0da8 Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.
2014-05-06 04:22:01 +00:00
Ed Schouten
b7946da96b Build usr.bin/ with WARNS=6 by default.
Also add some missing $FreeBSD$ to keep svn happy.
2010-01-02 10:27:05 +00:00
Christian S.J. Peron
0c59c145ed Teach login(1) about the make.conf NO_AUDIT variable. This allows us to
conditionally build in audit support.

Submitted by:	bz
MFC after:	1 week
2006-12-13 06:13:32 +00:00
Ruslan Ermilov
e4a9274404 Add missing library dependencies. 2006-04-13 12:49:24 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Yaroslav Tykhiy
08284aaa25 Since the whole login.access feature has moved to PAM,
login.access.5 will be installed from the respective PAM
module's src directory.

MFC after:	3 days
2006-03-06 12:31:25 +00:00
Wayne Salamon
a1c73d21bf Make login audit-enabled, submitting audit records for the login and logout
events. The specifics of submitting the records is contained within
login_audit.c.
Document the auditing behavior in the man page.

Obtained from: TrustedBSD Project, Apple Computer, Inc.
Approved by: rwatson (mentor)
2006-02-04 20:20:02 +00:00
Ruslan Ermilov
dee651eb15 Introduce the PRECIOUSPROG knob in bsd.prog.mk, similar
to PRECIOUSLIB from bsd.lib.mk.  The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.

Reviewed by:	oliver
2004-11-03 18:01:21 +00:00
Bruce Evans
77585df415 Fixed style bugs in previous commit (.ifndef instead of .if defined(),
and tab lossage).

Garbage-collected NEED_LIBNAMES.
2004-02-29 06:39:11 +00:00
Dag-Erling Smørgrav
76e4339aa7 I am a moron. 2004-02-27 19:00:41 +00:00
Dag-Erling Smørgrav
13ae56f84d Re-add the setuid bit, conditional on NO_SETUID_LOGIN being undefined. 2004-02-27 17:50:59 +00:00
Dag-Erling Smørgrav
c9d0616d93 Cut through the bikeshed and remove login(1)'s setuid bit. It has no
business trying to impersonate su(1), and it does not need to be setuid
to function properly when invoked by getty(8) or telnetd(8).
2004-02-27 08:39:16 +00:00
Ruslan Ermilov
3826278409 GC (now unused here) -lcrypt. 2004-02-02 18:00:06 +00:00
Bruce Evans
85549fe96b Fixed some style bugs ("From:" in vendor id line, disordered MAN line, and
blank lines).

Not unapproved of by:	markm
2002-04-21 12:43:14 +00:00
Mark Murray
e35f9517d6 Remove NO_WERRORs and WARNS=n's. To be revisited after GCC3. 2002-02-08 23:07:37 +00:00
Dag-Erling Smørgrav
c60ed00a43 Still with asbestos longjohns on, completely PAMify login(1) and remove
code made redundant by various PAM modules (primarily pam_unix(8)).

Sponsored by:	DARPA, NAI Labs
2002-01-30 19:10:21 +00:00
Bruce Evans
42f9157b63 Work around world breakage in previous commit. The bug is in
<security/pam_misc.h>.  It declares a function parameter named 'send',
so nothing that includes both <unistd.h> (which declares send(2)) and
<security/pam_misc.h> be compiled with WARNS=2 unless NO_WERRROR is
set.

Fixed order of WARNS.
2001-12-01 19:48:59 +00:00
Mark Murray
e317b97026 WARNS=2 fixes.
Reviewed by:	bde (a while back)
2001-12-01 17:46:46 +00:00
Ruslan Ermilov
cda2a9b2f0 Set BINOWN=root explicitly for setuid root binaries.
This is not "useless", as one may have non-default
setting for BINOWN in make.conf, and we still want
these to be installed setuid root in this case.
2001-09-13 06:48:18 +00:00
Mark Murray
142277ce04 Like su(1), make PAM use mandatory. Remove parts of the authentication
logic that are handled by PAM. Fix documentation to reflect this.
2001-08-30 11:27:36 +00:00
Mark Murray
31a651fa98 Clean out some cruft that has been put in a better (central) place. 2001-05-01 10:30:08 +00:00
Mark Murray
289ef82e3c Enable (optional) static linking. 2001-04-28 08:06:33 +00:00
Mark Murray
5bc9d93db3 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
Ruslan Ermilov
dc12be5258 MAN[1-9] -> MAN. 2001-03-27 10:52:19 +00:00
Peter Wemm
6e2578e4c4 Revert the libcrypt/libmd stuff back to how it was. This should not have
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design).  libcrypt has
been adjusted to not need the runtime -lmd.  It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
1999-12-18 13:55:17 +00:00
Marcel Moolenaar
7c99ddf2cc Add libmd (or move it after libcrypt). We don't want the linker to be
smart because it will definitely get it wrong. This popped up during
cross-linking.
1999-12-16 10:55:45 +00:00
Peter Wemm
c3aac50f28 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
John Polstra
4a05a998b2 Force <bsd.libnames.mk> to be included, regardless of the object
format.  This fixes the undefined symbols when building login for
a.out.
1999-01-22 12:44:55 +00:00
John Polstra
e40131079f Allow login to be linked statically even when PAM is used, since
there is now a static version of libpam.
1999-01-20 21:58:46 +00:00
Andrzej Bialecki
11468b741a Add a compile knob to avoid using PAM code (login will use standard Unix
authentication only). This comes handy when you're tight on space.

Submitted by:	mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by:	John D. Polstra <jdp@polstra.com>
1999-01-19 22:59:37 +00:00
John Polstra
cc4b11542b Work around the problem that login won't link if NOSHARED=yes,
because libpam is built shared only.  There is a way to build PAM
into a static library that contains all (or a selected subset) of
the modules.  But our Makefiles don't support that yet.  Until I get
that working, just force NOSHARED=no in login's Makefile.  Of
course, it still won't work if NOPIC is set.

Submitted by:	bde
1998-11-21 18:27:15 +00:00
John Polstra
e83348169b ATTENTION: INSTALL "/etc/pam.conf" FROM "src/etc"!!!
Change login to use PAM for authentication.  I kept the built-in
passwd/NIS authentication support, to handle cases where the system
is missing its "/etc/pam.conf" file.  S/Key and KerberosIV
authentication methods are removed from the login program, but
still available in PAM modules.
1998-11-21 02:22:14 +00:00
John Polstra
6717b4a8dd unifdef -DLOGIN_CAP. After almost 2 years, I think we can assume
it's here to stay.

This code is starting to look almost reasonable again.
1998-11-11 05:47:45 +00:00
John Polstra
8e32ad3bde Remove support for LOGIN_CAP_AUTH. It was never enabled, it was
not complete, and it hasn't been touched for 18 months.  All the
ifdefs obfuscate the code.  I discussed the LOGIN_CAP_AUTH support
with its author and he agreed that it is a dead end.  I am bringing
PAM into the tree within the next two weeks.  It is much more
flexible than LOGIN_CAP_AUTH, and will serve as a superior replacement
for it.
1998-11-11 02:16:01 +00:00
David E. O'Brien
be0cde6f10 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:06 +00:00
Mark Murray
448bbb5805 Fix LIBDIR (for aout/ELF). 1998-08-06 21:41:13 +00:00
Mark Murray
7f80a02080 Changes for KTH KerberosIV.
Also quieten -Wall a bit.
1997-09-28 08:57:24 +00:00
Nate Williams
b82359df88 "lmd" -> "-lmd"
Submitted by:	Vincent Poy <vince@venus.gaianet.net>
1997-09-05 18:15:29 +00:00
Peter Wemm
10da1efd82 If building elf, don't link in libmd.a just for libskey.so to use. Under
elf, libskey.so will not expose it's implementation on it's caller.
1997-09-05 12:00:01 +00:00
Peter Wemm
c115df18cd Revert $FreeBSD$ to $Id$ 1997-02-22 19:58:13 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
David Nugent
6acc486b3f Makes login login_cap-savvy.
Note that LOGIN_CAP_AUTH code (login authentication) is not (yet) enabled
and requires /usr/libexec/login_<style> authentication program support to
be added at a later date. The Makefile contains a macro LC_AUTH to turn
it on and prevent unnecessarily linking against skey/krb libs and the
addition of klogin.c module.

All other aspects of login_cap support are fully functional.
1997-01-11 07:16:35 +00:00
Rodney W. Grimes
7799f52a32 Remove trailing whitespace. 1995-05-30 06:41:30 +00:00
Nate Williams
c36c788214 Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 17:18:15 +00:00
Garrett Wollman
758f3a64bd Modify klogin to:
1) Don't spit out an error message if Kerberos is installed but not yet
   set up.

2) Don't attempt to verify the ticket you got back, as workstations
   are not intended to have srvtab files of their own.

Both behaviors can be re-enabled with KLOGIN_PARANOID.
1995-01-14 22:57:41 +00:00
Garrett Wollman
a38c3127e1 Add distribution=krb for P-HK 1994-11-20 23:23:28 +00:00