Commit Graph

98 Commits

Author SHA1 Message Date
nectar
4472cdf500 Fix login so that it exports environmental variables that are set by PAM
modules (via pam_putenv).  The following variables will never be set in
this fashion:

   SHELL, HOME, LOGNAME, MAIL, CDPATH, IFS, PATH
   any variable starting with `LD_'
2001-02-09 13:21:50 +00:00
nectar
2b15258b76 Call pam_setcred.
Reviewed by:	markm, months ago
2001-01-23 21:43:32 +00:00
obrien
46d04a9db4 Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.
2000-12-09 09:35:55 +00:00
sheldonh
f6a4f677a5 Add braces to avoid ambiguity in a nested conditional (silences a gcc
warning).
2000-04-26 10:38:19 +00:00
sheldonh
5d45efc044 Fix excessive use of parenthesis in previous commit.
Requested by:	bde
2000-04-25 08:59:51 +00:00
sheldonh
4f679309d9 Do not issue a warning when chflags() fails with EOPNOTSUPP.
PR:		17875
Submitted by:	Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-04-13 09:39:29 +00:00
sheldonh
d39e57413d Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 12:20:22 +00:00
ache
7138d3cdf3 Fix diagnostic printing test condition (was always true)
Approved by:	jkh
2000-02-28 01:48:50 +00:00
ru
bbc4194bd0 Remove option's description that has gone with PAM. 2000-02-27 07:14:33 +00:00
shin
d4643f8615 Added IPv6 name resolving support for utmp logging.
Approved by: jkh
2000-02-19 15:57:52 +00:00
chris
d14aa9e3aa Remove the version information from `.Os FreeBSD' here. Not only
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.

If anything, a ``HISTORY'' section should show which version this
appeared in.
2000-02-14 01:47:54 +00:00
peter
96af418f42 Revert the libcrypt/libmd stuff back to how it was. This should not have
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design).  libcrypt has
been adjusted to not need the runtime -lmd.  It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
1999-12-18 13:55:17 +00:00
marcel
3239491159 Add libmd (or move it after libcrypt). We don't want the linker to be
smart because it will definitely get it wrong. This popped up during
cross-linking.
1999-12-16 10:55:45 +00:00
sheldonh
479f480939 Correct some hard sentence breaks. Only those surrounding the previous
commit and those which cause ugly nroff output have been fixed, since
the purpose of the style guideline which they contravene is to reduce
the sizes of deltas.

Reported by:	bde
1999-09-14 11:46:04 +00:00
sheldonh
f106663eef Improve shell documentation:
* Consistently misspell built-in as builtin.

* Add a builtin(1) manpage and create builtin(1) MLINKS for all shell
  builtin commands for which no standalone utility exists.  These MLINKS
  replace those that were created for csh(1).

* Add appropriate xrefs for builtin(1) to the csh(1) and sh(1) manpages,
  as well as to the manpages of standalone utilities which are supported
  as shell builtin commands in at least one of the shells. In such
  manpages, explain that similar functionality may be provided as a
  shell builtin command.

* Improve sh(1)'s description of the cd builtin command. Csh(1) already
  describes it adequately. Replace the cd(1) manpage with a builtin(1)
  MLINKS link.

* Clean up some mdoc problems: use Xr instead of literal "foo(n)"; use
  Ic instead of Xr for shell builtin commands.

* Undo English contractions.

Reviewed by:	mpp, rgrimes
1999-09-08 15:40:46 +00:00
peter
e4b04a2b21 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
imp
64a393de8e Clear all file flags when taking ownership of devices. Do not ignore
chown failures in some places, but instead log them like we do all
other errors.
1999-08-21 18:19:49 +00:00
nik
7e91e73b9f Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

     .\"    $Id$
     .\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by:            bde
1999-07-12 20:24:20 +00:00
ache
87502a7032 remove uid switching before login_getpwclass, now done inside libutil
add gid switching before chdir and comment why it needed
1999-04-24 17:26:32 +00:00
brian
be14570409 Don't perform the trimdomain() functionality twice,
trimdomain() now works as expected.
1999-04-07 14:05:03 +00:00
wosch
9a7b5dbeec Added xref to nologin(5) 1999-02-01 21:04:15 +00:00
jdp
3a0d4493e6 Force <bsd.libnames.mk> to be included, regardless of the object
format.  This fixes the undefined symbols when building login for
a.out.
1999-01-22 12:44:55 +00:00
jdp
69b0b7a3c1 Allow login to be linked statically even when PAM is used, since
there is now a static version of libpam.
1999-01-20 21:58:46 +00:00
abial
fb8efae180 Add a compile knob to avoid using PAM code (login will use standard Unix
authentication only). This comes handy when you're tight on space.

Submitted by:	mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by:	John D. Polstra <jdp@polstra.com>
1999-01-19 22:59:37 +00:00
asami
96ce6d18f1 Move nologin from /etc to /var/run. This means one less file that has
to be written to /etc.

The only essential change is in paths.h, so any third-party software
written correctly will pick it up in the next rebuild.

Reviewed by:	the committers list (actually an old version)
1999-01-11 09:07:42 +00:00
eivind
2efd5dd7ee Make the timeout handler log any failed logins, to make sure failed
logins get logged.
1999-01-03 23:39:33 +00:00
dillon
c7551fc4d1 Obtained from: "Jan B. Koum " <jkb@best.com>
Add a reference to pam(8) in the login(1) and login.access(5) manual
    pages.
1998-12-01 17:05:08 +00:00
jdp
354adad337 Work around the problem that login won't link if NOSHARED=yes,
because libpam is built shared only.  There is a way to build PAM
into a static library that contains all (or a selected subset) of
the modules.  But our Makefiles don't support that yet.  Until I get
that working, just force NOSHARED=no in login's Makefile.  Of
course, it still won't work if NOPIC is set.

Submitted by:	bde
1998-11-21 18:27:15 +00:00
jdp
d2ea95af9d ATTENTION: INSTALL "/etc/pam.conf" FROM "src/etc"!!!
Change login to use PAM for authentication.  I kept the built-in
passwd/NIS authentication support, to handle cases where the system
is missing its "/etc/pam.conf" file.  S/Key and KerberosIV
authentication methods are removed from the login program, but
still available in PAM modules.
1998-11-21 02:22:14 +00:00
jdp
ec2ef5575a unifdef -DLOGIN_CAP. After almost 2 years, I think we can assume
it's here to stay.

This code is starting to look almost reasonable again.
1998-11-11 05:47:45 +00:00
jdp
aa33ef6cee Remove support for LOGIN_CAP_AUTH. It was never enabled, it was
not complete, and it hasn't been touched for 18 months.  All the
ifdefs obfuscate the code.  I discussed the LOGIN_CAP_AUTH support
with its author and he agreed that it is a dead end.  I am bringing
PAM into the tree within the next two weeks.  It is much more
flexible than LOGIN_CAP_AUTH, and will serve as a superior replacement
for it.
1998-11-11 02:16:01 +00:00
jdp
b3620313e2 Fix a const-related compiler warning. 1998-11-11 01:53:12 +00:00
markm
b14a67847b Use KJH's auth.conf parser to turn on/off Kerberos in userland. 1998-10-09 06:38:33 +00:00
obrien
04be6dc763 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:06 +00:00
jkoshy
234c18ac42 Remove hardcoded constant in favour of login.conf value.
PR: 	6529
Submitted by:	Dan Lukes <dan@obluda.cz>
1998-08-17 03:25:07 +00:00
markm
57b61e8f72 Fix LIBDIR (for aout/ELF). 1998-08-06 21:41:13 +00:00
bde
a1cc807650 Backed out rev.1.31. It was a workaround for bugs in rev.1.4 of
libc/gen/getpass.c.  The old behaviour of blocking SIGINT and not
changing SIGQUIT was restored in rev.1.5 of getpass.c.  The change
here completely restores the old behaviour of not supporting killing
login with keyboard signals (only) at the password prompt.  There
is no reason to support this, since login can be exited normally
by typing a couple of ^D's.  Login certainly shouldn't dump core
in response to user input.  Previously, SIGQUIT killed login
immediately but SIGINT killed it only after the password was
entered.

PR:		7444
1998-07-31 07:22:31 +00:00
jdp
a0e317132a Fix a couple of little bugs that prevented login.c from compiling
if LOGIN_CAP_AUTH was defined.  This is kind of silly, because
LOGIN_CAP_AUTH doesn't work anyway, is not defined currently,
probably will never be defined, and IMHO should not be defined.
But I'm sure you'll sleep better tonight, knowing that these bugs
are gone.
1998-07-22 04:33:12 +00:00
amurai
e9e82fc544 Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

 It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.

   1) turbo.tama.spec.co.jp: 192.19.0.2  -> trubo.tama
   2) turbo.tama.foo.co.jp : 192.19.0.2  -> 192.19.0.2
   3) specgw.spec.co.jp    : 202.32.13.1 -> specgw

Submitted by:	Atsushi Murai <amurai@spec.co.jp>
1998-06-01 08:47:04 +00:00
peter
5ecc2bcb6f *blush*, typo during last minute editing.. 1998-04-30 16:50:07 +00:00
peter
292467d8ec Change euid while reading the user's .login_cap file in case the homedir
is on a NFS partion without root read access.  Also, flip euid again for
the duration of the chdir() to the homedir for the same reason.

PR: 5145
Submitted by: Joel.Faedi@esial.u-nancy.fr
Also tested by: A Joseph Koshy <koshy@india.hp.com>
1998-04-30 16:48:20 +00:00
charnier
1bf317d31f .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 07:48:45 +00:00
jb
a869c2a4eb gcc on alpha complains about nested comments. A comment in this
file referred to a path ending in "/*" which was reasonable to me,
but gcc wasn't so sure. So now the comment refers to a path ending in
"*".
1998-02-15 04:09:48 +00:00
ache
a49d6cbb65 Fix very rare but dangerous bug:
for some DES passwords
	crypt(real_password, salt)
is equal to
	crypt("", salt);
It means that this user (and not only he) can login without
entering password at all, just pressing Return.
So if empty password entered and crypted password is not empty,
invalidate any crypt result by assigning ":"
1998-02-13 21:02:53 +00:00
guido
18f3c527c1 Reset SGINT and SIGQUIT handling to default when asking for passwords.
Otherwise, when pressing the INT ke at the password prompt, the password
will be displayed. Now login will be killed.

Probably the same will have to be done for the LOGIN_CAP_AUTH case.
I have not done that.
Reviewed by:	Joerg Wunsch
1998-02-05 18:37:02 +00:00
obrien
df2f1c4dd6 Mention S/key and the skey /etc files. 1998-01-07 10:42:57 +00:00
joerg
57b62c90cc Fix a fatal typo.
PR:		bin/4801
Submitted by:	mishania@demos.su (Mikhail A. Sokolov)
1997-10-19 09:34:06 +00:00
markm
2055bcbf81 Changes for KTH KerberosIV.
Also quieten -Wall a bit.
1997-09-28 08:57:24 +00:00
nate
56fd09e765 "lmd" -> "-lmd"
Submitted by:	Vincent Poy <vince@venus.gaianet.net>
1997-09-05 18:15:29 +00:00
peter
d2a5784f5c If building elf, don't link in libmd.a just for libskey.so to use. Under
elf, libskey.so will not expose it's implementation on it's caller.
1997-09-05 12:00:01 +00:00