Commit Graph

36 Commits

Author SHA1 Message Date
Warren Block
639399ae07 Remove mention of minimum password length and upper/lower case checking,
patch supplied by Allan Jude <freebsd@allanjude.com>.  Add xref to
pam_passwdqc(8), where that testing is now done.

PR:		docs/184482
Submitted by:	Ryan Gerstenkorn <ryan_gerstenkorn@fastmail.fm>
Reviewed by:	jilles, eadler
MFC after:	3 days
2014-02-14 15:46:06 +00:00
Dag-Erling Smørgrav
7aa2051e40 None of these programs actually use auth.conf.
MFC after:	1 week
2012-06-11 16:18:39 +00:00
Joel Dahl
da52b4caaf Remove the advertising clause from UCB copyrighted files in usr.bin. This
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change

Also add $FreeBSD$ to a few files to keep svn happy.

Discussed with:	imp, rwatson
2010-12-11 08:32:16 +00:00
Ruslan Ermilov
b328ef0eba Markup nits. 2007-11-07 07:59:38 +00:00
Brian Somers
b29cf88e96 Fix a typo 2007-04-03 19:14:39 +00:00
Sean Chittenden
71997d4be4 Cross-reference pw(8) into chpass(1), passwd(1), and vipw(8). 2005-08-02 21:38:03 +00:00
Ruslan Ermilov
0227791b40 Expand *n't contractions. 2005-02-13 22:25:33 +00:00
Ruslan Ermilov
3ac17feb8a Fixed xref. 2005-01-21 10:48:35 +00:00
Ruslan Ermilov
557b7fa148 Deal with double whitespace. 2004-07-03 00:24:45 +00:00
Ruslan Ermilov
6a3e8b0adc Mechanically kill hard sentence breaks. 2004-07-02 22:22:35 +00:00
Ruslan Ermilov
facc67676f mdoc(7) police: Deal with self-xrefs. 2002-12-24 13:41:48 +00:00
Philippe Charnier
f4cda4bb8f Introduce enumerate of options using the standard way.
Remove .Pp between items.
2002-10-16 15:32:16 +00:00
Philippe Charnier
e8937ba009 Use `The .Nm utility' 2002-04-20 12:18:28 +00:00
Dima Dorfman
f247324df7 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
Ruslan Ermilov
625003720a mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
Ruslan Ermilov
8fe908ef0c mdoc(7) police: use the new features of the Nm macro. 2000-11-20 19:21:22 +00:00
Ruslan Ermilov
726b61ab5f Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
Sheldon Hearn
d20cdce92f Correct a few typos, including a mis-represented option (-s instead of
-h for NIS host).

Submitted by:	Peter Avalos <pavalos@theshell.com>
2000-09-18 07:45:47 +00:00
Sheldon Hearn
87faa07bec Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 12:20:22 +00:00
Nik Clayton
485343f5ff Teach passwd about a new "mixpasswordcase" login.conf parameter. If this
parameter is missing, or specified as above, then passwd behaves as normal
when the user enters an all lower case password -- i.e., it prompts them
to use mixed case, and will only grudgingly accept an all lower case
password.

If you negate this entry in login.conf, with "mixpasswordcase@", then
passwd will allow all lower case passwords without complaining.

Approved by:	jkh
2000-02-11 13:45:51 +00:00
Peter Wemm
c3aac50f28 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
Greg Lehey
9045b882d5 Clarify when the user gets a prompt for the old password, and that
passwords are not echoed.

Get quotes right in troff.
1999-05-03 00:56:05 +00:00
Tim Vanderhoek
61f74535f6 Change references from "passwordperiod" to "passwordtime", since
"passwordtime" is what passwd(1) has actually been using.  I suspect
passwordperiod was the original intent.  I can't figure-out which,
if either, BSDi uses.  If anyone knows...
1999-04-30 18:19:46 +00:00
Mark Murray
7deb53036d Back out the new crypt(3) stuff untill we can go through an independant
"make world" to make sure everything works properly.
1999-01-23 08:36:38 +00:00
Brandon Gillespie
669892b239 Added support for multiple hash formats, and new salt generation code.
It selects which hash format to use by checking /etc/auth.conf for
auth_default.  Leaving auth_default disabled will give the current
behaviour (use the same format as is currently used in the password,
or if a new password default to what crypt likes best--des if it exists).
Now you can set it to one of: des, best, md5 or sha1.  best is a synonym
for sha1, currently.
1999-01-22 15:33:54 +00:00
Bill Fumerola
71f14d164e We use login.conf, not login.cap
PR:		doc/8897
Submitted by:	Jonathan Hanna <pangolin@home.com>
1998-11-30 22:41:58 +00:00
Mark Murray
8f176b4353 Use KJH's auth.conf parser to turn on/off Kerberos in userland. 1998-10-09 06:38:33 +00:00
Steve Price
36f8699a07 The host commandline option is -h and not -s.
PR:		7703
Submitted by:	Yoshishige Arai <ryo2@on.rim.or.jp>
1998-08-24 00:56:20 +00:00
Steve Price
5f2833ea5e Type fix: when -> with
PR:		5420
Submitted by:	Jonathan Hanna <jh@pc-21490.bc.rogers.wave.ca>
1998-01-03 19:14:02 +00:00
Wolfram Schneider
f6b31571f6 spelling corrections.
PR: docs/4450
Submitted by: josh@quick.net
1997-09-13 16:01:53 +00:00
David Nugent
720cdec3f6 Adds login class support for local & nis passwords:
- minpasswordlen=n         override minimum password length for class.
    - passwordperiod=n[smhdwy] auto-set next password change date.
1997-02-10 15:42:12 +00:00
Alexander Langer
6361832ca8 Add synopsis for yppasswd. 1996-08-24 23:27:04 +00:00
Bill Paul
c2dfe9fe01 Merge in changes to support the new rpc.yppasswdd(8) and fix a few bugs.
In passwd(1):

- Gut most of yp_passwd.c and leave only a few things that aren't common
  to pw_yp.c.

- Add support for -d and -h flags to select domains and NIS server hosts
  to use when updating NIS passwords. This allows passwd(1) to be used
  for changing NIS passwords from machines that aren't configured as
  NIS clients. (This is mostly to allow passwd(1) to work on NIS master
  servers that aren't configured as clients -- an NIS server need not
  necessarily be configured as a client itself.)

  NOTE: Realize that having the ability to specify a domain and hostname
  lets you use passwd(1) (and chpass(1) too) to submit update requests
  to yppasswd daemons running on remote servers in remote domains which
  you may not even be bound to. For example, my machine at home is not
  an NIS client of the servers on the network that I manage, yet I can
  easily change my password at work using my FreeBSD box at home by doing:
  'passwd -d work.net.domain -h any.nis.server.on.my.net wpaul'. (Yes,
  I do use securenets at work; temporarily modified my securenets file
  to give my home system access.) Some people may not be too thrilled
  with this idea. Those who don't like this feature can recompile passwd(1)
  and chpass(1) with -DPARANOID to restrict the use of these flags to
  the superuser.

  (Oh, I should be adding proper securenets support to ypserv(8) and
  rpc.yppasswdd(8) over the weekend.)

- Merge in changes to allow root on the NIS master server to bypass
  authentication and change any user's NIS password. (The super-user
  on the NIS master already has privileges to do this, but doing it
  through passwd(1) is much easier than updating the maps by hand.)
  Note that passwd(1) communicates with rpc.yppasswdd(8) via a UNIX
  domain socket instead of via standard RPC/IP in this case.

- Update man page.

In chpass(1):

- Fix pw_yp.c to work properly in environments where NIS client
  services aren't available.

- Use realloc() instead of malloc() in copy_yp_pass() and copy_local_pass().

- Fix silly bug in copy_yp_pass(); some of the members of the passwd
  structure weren't being filled in correctly. (This went unnoticed
  for a while since the old yppasswdd didn't allow changes to the
  fields that were being botched.)

- chpass(1) now also allows the superuser on the NIS master server to
  make unrestricted changes to any user's NIS password information.

- Use UNIX domain comm channel to rpc.yppasswdd(8) when run by the
  superuser on the NIS master. This allows several new things:

   o superuser can update an entire master.passwd.{byname,byuid} entry
   o superuser can update records in arbitrary domains using -d flag to
     select a domain (before you could only change the default domain)
   o superuser can _add_ records to the NIS master.passwd maps, provided
     rpc.yppasswdd(8) has been started with the -a flag (to do this,
     the superuser must force NIS operation by specifying the -y flag
     to chpass(1) along with -a, i.e. 'chpass -y -a 'foo:::::::::')

- Back out the 'chpass -a <new password entry> breaks with NIS' fix
  from the last revision and fix it properly this time. The previous
  revision fixed the immediate problem but broke NIS operation in
  some cases.

- In edit.c, be a little more reasonable about deciding when to
  prevent the shell field from being changed.

  Submitted by Charles Owens <owensc@enc.edu>, who said:

  "I made a minor (one-line) modification to chpass, with regards
   to whether or not it allows the changing of shells.  In the 2.0.5 code,
   field changing follows the settings specified in the "list" structure
   defined in table.c .  For the shell, though, this is ignored.  A quick
   look in edit.c showed me why, but I don't understand why it was written as
   such.  The logic was

        if shell is standard shell, allow changing

   I changed it to

        if shell changing is allowed (per table.c) and it is a standard shell
             OR if uid=0, then allow changing."

   Makes sense to me.

- Update man page.
1996-02-23 16:08:59 +00:00
Mike Pritchard
b0ac1967ba Add a little info to this man page at the start so it doesn't
appear that ALL the passwd command does is change a users Kerberos
password, since that is incorrect.

Actually, this man page needs a good overhaul to better reflect systems
that don't have Kerberos installed.
1996-02-12 02:32:40 +00:00
Bill Paul
a3ce11a24d Remove the ypchfn/ypchsh stuff from passwd and leave just the
yppasswd support. The rest is moving into chpass.
1995-08-13 16:07:36 +00:00
Rodney W. Grimes
9b50d90275 BSD 4.4 Lite Usr.bin Sources 1994-05-27 12:33:43 +00:00