to the user. There is currently no buffering, so the result may be
somewhat unpredictable if the conversation function adds a newline,
like openpam_ttyconv() does.
Clean up and simplify the environment handling code, which triggered
an inexplicable bug on some systems.
MFC after: 2 weeks
libpam: extra bounds checking through reallocarray(3).
It appears to be causing brokenness when reporting PAM_* environment
variables. This requires more investigation.
Reported by: lstewart
pam_sm_chauthtok(). Set user = getlogin() inside the true
branch so that it is initialized for the following PAM_LOG()
call. This is how it is done in pam_sm_authenticate().
Reported by: Coverity
CID: 272498
MFC after: 1 week
The change in r284345 moved the creation of openpam_static_modules.o to
lib/libpam/static_modules but never managed to get them into libpam.a.
Move this logic to lib/libpam/static_libpam and have it create a static
library for libpam.a The main lib/libpam/libpam will only create a
shared library. No redundancy in compilation or installation exists
in this solution.
This avoids requiring a pass with -D_NO_LIBPAM_SO_YET.
Sponsored by: EMC / Isilon Storage Division
First, the authfd API now uses a direct file descriptor for the control
socket instead of a more abstract AuthenticationConnection structure.
Second, the functions now consistently return an error value.
Reviewed by: bdrewery
bsd.lib.mk and bsd.prog.mk already depend all objs on headers in SRCS if
there is not yet a depend file. The headers in SRCS are never built or
installed. After 'make depend' the header was already added as a proper
dependency on the objects where needed.
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
login_access() with "**unknown**" as the second argument. This will allow
"ALL" rules to match.
Reported by: Tim Daneliuk <tundra@tundraware.com>
Tested by: dim@
PR: 83099 193927
MFC after: 3 days
Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.
Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste
iterating over the (possibly empty) list of members. Otherwise, we
get a false negative when the target group has no members listed in
/etc/group. This went mostly unnoticed because root is explicitly
listed as a member of wheel, so the bug is never triggered in the most
common use case, which is su(8).
PR: 109416
MFC after: 1 week
