Commit Graph

20 Commits

Author SHA1 Message Date
David Nugent
5d0bfe39ec login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
Warner Losh
1c8af87873 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-29 04:34:07 +00:00
Guido van Rooij
e8694bc269 When group wheel is empty, allow everyone to su to root. This has normally
no conseqeunces as we ship with a non-empty wheel.

Closes PR/1882
Submitted by:	Arne Henrik Juul <arnej@frida.imf.unit.no>
1997-02-24 20:32:24 +00:00
David Nugent
a564e85582 Fix problem with mask passwd to setusercontext() which
prevented uid/group change with non-root target.
1997-01-14 09:24:09 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
David Nugent
91bcac64b4 Make su login_cap savvy.
As with login(1), LOGIN_CAP_AUTH is not yet enabled since we don't
yet have authorisation modules.
1997-01-13 06:39:19 +00:00
Joerg Wunsch
40a8a5cf5c Export $TERM only if it has been set in our environment.
Detected by: Amancio Hasty
1996-10-07 10:00:58 +00:00
Mark Murray
1a98a0fb5b Make su a little less fascist about using Kerberos if it is not
configured or available.

Also fix a _nasty_ bug that would let one in if su -K was used.
Any old password would work :-( :-(.
1996-03-11 22:14:52 +00:00
Mark Murray
5a453b0ef3 Better integrate kerberos into su so that if an incorrect Kerberos
password is entered, the user is not prompted for a password a second
time.

This closes pr-bin/1006.
1996-03-09 14:57:43 +00:00
Mark Murray
bbff7ca556 #include <kerberosIV/des.h> -> #include <des.h> 1996-02-11 09:18:18 +00:00
Justin T. Gibbs
f4390542d7 Kerberos can now deal with multi-homed clients.
Kerberos obtains a network address for the local host from the routing
tables and uses it consistently for all Kerberos transactions.  This ensures
that packets only leave the *authenticated* interface.  Clients who open
and use their own sockets for encrypted or authenticated correspondance
to kerberos services should bind their sockets to the same address as that
used by kerberos.  krb_get_local_addr() and krb_bind_local_addr() allow
clients to obtain the local address or bind a socket to the local address
used by Kerberos respectively.

Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman>
Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
1995-10-05 21:30:21 +00:00
Joerg Wunsch
76ba1af23f Bring Barry Morris' changes from FreeBSD 1.1.5.1 back: pass arguments
to the target login's shell.  This allows for "su -c".

Do it right this time and also explain this behaviour in the man
page. :)

Obtained from:	bsm's work in FreeBSD 1.1.5.1
1995-09-06 12:38:53 +00:00
Mike Pritchard
ae532ecb79 Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
Garrett Wollman
99005ad98e Added support for an LCS-style `wheel su' which allows users in group wheel
to su to root by authenticating as themselves (using a password or S/Key)
rather than by using the root password.  This is useful in contexts like
ours, where a large group of people need root access to a set of machines.
(However, the security implications are such that this should not be
enabled by default.)

The code is conditionalized on WHEELSU.
1995-07-12 20:11:19 +00:00
Rodney W. Grimes
7799f52a32 Remove trailing whitespace. 1995-05-30 06:41:30 +00:00
Jordan K. Hubbard
ce0436e7a6 It has always bugged me that ps and w did not display su with tcsh
properly.  I know, tcsh is not a "Real Shell".

jc       p2 :0.0             Tue04PM     - -u (tcsh)
                                           ^^^
7173 p2  S+     0:01.33 -u (tcsh)
			^^^

Submitted by:	John Capo <jc@irbs.com>
1995-04-06 06:06:47 +00:00
Andreas Schulz
0b293ea528 Fixed the PATH and cleanenv setting in su. This was totally broken in the
4.4BSD Lite source.
1994-11-17 16:56:58 +00:00
Paul Traina
2ddadf840c Include most of the logdaemon v4.4 S/key changes 1994-10-19 00:03:45 +00:00
Paul Traina
122c9247d4 Add support for s/keys 1994-09-29 20:54:41 +00:00
Rodney W. Grimes
9b50d90275 BSD 4.4 Lite Usr.bin Sources 1994-05-27 12:33:43 +00:00